Nearly 800,000 Telnet servers exposed to remote attacks

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks ...
Dark Reading

Exploited Zero-Day Flaw in Cisco UC Could Affect Millions

Mass scanning is underway for CVE-2026-20045, which Cisco tagged as critical because successful exploitation could lead to a ...
The Hacker News

Why Secrets in JavaScript Bundles are Still Being Missed

Scanning 5M apps uncovered 42K exposed secrets in JavaScript bundles, revealing major gaps in traditional SAST, DAST, and ...
WinBuzzer

Security Flaw Resurfaces in Anthropic’s New Claude Cowork Tool Days After Launch

Anthropic has launched Cowork with a known data exfiltration vulnerability that researchers reported in October 2025 but ...
InfoWorld

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...

BitsLab 2025 Audit Annual Summary: 200+ Projects Audited, 2,858 Vulnerabilities Discovered

PRNewswire/ -- 2025 has been a year of rapid evolution for Web3 infrastructure. As a pioneer in AI-driven digital asset security, BitsLab has safeguarded Web3 infrastructure through audits, ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The React 19 library for building application interfaces was hit with a remote code vulnerability, React2Shell, about a month ago. However, as researchers delve deeper into the bug, the larger picture ...
IEEE

Large Language Models Versus Static Code Analysis Tools: A Systematic Benchmark for Vulnerability Detection

Abstract: Modern software relies on a multitude of automated testing and quality assurance tools to prevent errors, bugs and potential vulnerabilities. This study sets out to provide a head-to-head, ...
blockchain

Codex AI Enhances Security Vulnerability Detection and Opens Opportunities for Secure Code in Enterprises: Latest Update 2025

According to Greg Brockman on Twitter, Codex is now demonstrating significant improvements in identifying security vulnerabilities within code. OpenAI is exploring trusted access programs specifically ...
techtimes

From Visibility to Validation: How Astra Security Is Redefining Cloud Vulnerability Scanning

Cloud environments are dynamic by design. New identities are created, policies adjusted, and workloads deployed or retired several times a day. Yet many organizations continue to rely on scanning and ...