China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

/in

A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate “high-velocity” attacks and break into susceptible internet-facing systems.
“The threat actor’s high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent

The Hacker News – ​Read More

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

/in

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.
The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.
“The CustomMCP node allows users to input configuration settings for connecting

The Hacker News – ​Read More

Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack

/in

The high-end casino and hotel operator has likely paid a ransom to avoid a data leak.

The post Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack appeared first on SecurityWeek.

SecurityWeek – ​Read More

I found Android Auto’s hidden shortcut that automates any task in your car – and it’s brilliant

/in

Android Auto’s best feature is one you probably haven’t discovered yet – and Custom Assistant takes only a minute to set up.

Latest news – ​Read More

LG G6 vs. Samsung S95H: I compared the best OLED TVs of 2026 and made a tough choice

/in

The LG G6 and Samsung S95H are two premium-grade OLED TVs with excellent picture and sound, but which is the better buy?

Latest news – ​Read More

Samsung’s latest TV firmware update fixes the Chromecast issue for older models – finally

/in

Samsung’s 2026 TV lineup will feature built-in support for Google Cast, but with the latest firmware, models as far back as 2024 will also get an update.

Latest news – ​Read More

Axios Attack Shows Social Complex Engineering Is Industrialized

/in

The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns.

darkreading – ​Read More

AI-Assisted Supply Chain Attack Targets GitHub

/in

PRT-scan is the second in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration.

darkreading – ​Read More

Fortinet Issues Emergency Patch for FortiClient Zero-Day

/in

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

darkreading – ​Read More

This is the lowest price on an M5 MacBook Air I’ve seen – and it launched a month ago

/in

On Amazon, the 13-inch MacBook Air M5 currently starts at $950, luring Windows laptop users over to Apple’s ecosystem.

Latest news – ​Read More