CSO Online

Open WebUI bug turns ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
Cybernews

Python-based VVS Stealer sneaks off with your Discord data

According to a report from Palo Alto Networks Unit 42, the malware is advertised on Telegram as the “ultimate stealer” and ...
The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
PCMag on MSN

Cyber Fidget Is Part Fidget Toy, Part Educational Hacking Tool, and I Want One

What happens when you combine an Arduino-based microcontroller with a palm-sized aluminum box and clicky buttons? A fidget ...
Infosecurity Magazine

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal ...
The Hacker News

⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

First 2026 cyber recap covering IoT exploits, wallet breaches, malicious extensions, phishing, malware, and early AI abuse.