Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions
Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client…
July 11, 2026
URGENT – Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat
Progress Software has told ShareFile customers to shut down the Windows servers running their Storage Zone Controllers, confirming…
July 10, 2026
Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages
Unknown threat actors compromised the Injective Labs SDK project’s GitHub repository and leveraged it to publish a malicious…
July 10, 2026
Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot
Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware…
July 10, 2026
Laser Attack Resets Tangem Wallet Passwords on Cards That Can’t Be Patched
Researchers at Ledger’s Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a…
July 10, 2026
Attackers Exploit ‘Ill Bloom’ Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets
Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw…
July 10, 2026
Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks
A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in…
July 10, 2026
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
Datadog Security Labs is warning of “several overlapping campaigns” that are systematically enumerating corporate GitHub organizations, repositories, and…
July 9, 2026
New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware
Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is…
July 9, 2026
npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk
GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with…
July 9, 2026