CISA warns of critical CentOS Web Panel bug exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP).
Infosecurity Magazine

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

Three of Anthropic’s Claude Desktop extensions were vulnerable to command injection – flaws that have now been fixed ...

Did your logins just get leaked? How to check online for free (and what to do next)

This is a free service that shows whether your online accounts have likely been 'pwned,' or compromised in a data breach.

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response ...
Hackaday

This Week In Security: Vibecoding, Router Banning, And Remote Dynamic Dependencies

Vibecoding. What could possible go wrong? That’s what [Kevin Joensen] of Baldur wondered, and to find out he asked ...