China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware

Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits themed malware campaigns...

Discourse authorization issue vulnerability (CNVD-2026-17254)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an authorization issue vulnerability that can be exploited by an attacker to cause a user to purchase a lower tier...

BIT-DISCOURSE-2026-33074 Discourse: Vulnerability in discourse-subscriptions plugin allowing users to self-grant to higher tier subscriptions

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, a user may be able to purchase a lower tier subscription but grant themselves the benefits that comes along with a higher tier subscription. This issue has been patched in...

CVE-2026-33074 Discourse: Vulnerability in discourse-subscriptions plugin allowing users to self-grant to higher tier subscriptions

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, a user may be able to purchase a lower tier subscription but grant themselves the benefits that comes along with a higher...

PT-2026-29316

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, a user may be able to purchase a lower tier subscription but grant themselves the benefits that comes along with a higher...

Discourse 授权问题漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an authorization issue vulnerability that can be exploited by an attacker to cause a user to purchase a lower tier...

Why Image Format Conversion Is Becoming a Practical Issue in Web Security and Performance

WebP boosts performance raises compatibility issues, making image format conversion to PNG essential for secure, flexible, and efficient web workflows today...

Malicious code in my-benefits-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5aaf8254cd355ca47587aa46a9489d933410356052f3a2c2596404e70de7912 The package my-benefits-web was found to contain malicious code...

MAL-2026-1794 Malicious code in my-benefits-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5aaf8254cd355ca47587aa46a9489d933410356052f3a2c2596404e70de7912 The package my-benefits-web was found to contain malicious code...

How private is your VPN?

When you're shopping around for a Virtual Private Network VPN you'll find yourself in a sea of promises like "military-grade encryption!" and "total anonymity!" You can’t scroll two inches without someone waving around these fancy terms. But not all VPNs can be trusted. Some VPNs genuinely protec...

When AI Accelerates Cloud Migrations, Don't Let Security Be an Afterthought

The era of on-premises infrastructure is quickly becoming a thing of the past, with research from Pluralsight showing that over 90% of organizations now leverage the cloud. What’s driving the even faster shift over the last few years? Consider AWS's foray into generative AI programs and agents fo...

EUVD-2012-0126

Malware in sbrugna...

EUVD-2025-20181

Malicious code in bioql PyPI...

EUVD-2024-18777

Malicious code in bioql PyPI...

CVE-2025-7109

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educaralunobeneficiolst.php of the component Student Benefits Registration. The manipulation of the argument Benefício lead...

CVE-2025-7109

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educaralunobeneficiolst.php of the component Student Benefits Registration. The manipulation of the argument Benefício lead...

CVE-2025-7109 Portabilis i-Educar Student Benefits Registration educar_aluno_beneficio_lst.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educaralunobeneficiolst.php of the component Student Benefits Registration. The manipulation of the argument Benefício lead...

CVE-2025-7109 Portabilis i-Educar Student Benefits Registration educar_aluno_beneficio_lst.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educaralunobeneficiolst.php of the component Student Benefits Registration. The manipulation of the argument Benefício lead...

Your Brain on ChatGPT: Accumulation of Cognitive Debt when Using an AI Assistant for Essay Writing Task

With today's wide adoption of LLM products like ChatGPT from OpenAI, humans and businesses engage and use LLMs on a daily basis. Like any other tool, it carries its own set of advantages and limitations. This study focuses on finding out the cognitive cost of using an LLM in the educational conte...

Where AI Provides Value

If you've worried that AI might take your job, deprive you of your livelihood, or maybe even replace your role in society, it probably feels good to see the latest AI tools fail spectacularly. If AI recommends glue as a pizza topping, then you're safe for another day. But the fact remains that AI...