Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Microsoft

Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook

Threat actors are abusing external Microsoft Teams collaboration to impersonate IT helpdesk staff and convince users to grant ...

The hidden risks of vibe coding: 4 steps to protect your organization

You can’t be sure where that AI-generated code came from or what malware it might contain. These 4 steps help mitigate vibe-coding risk.

Hackers are abusing unpatched Windows security flaws to hack into organizations

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...
SecurityWeek

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.
The Hacker News

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco patches four CVEs up to CVSS 9.9 in ISE and Webex, preventing code execution and user impersonation risks.
Pocket Tactics

100 Waves Later codes April 2026

April 17, 2026: We looked for new 100 Waves Later codes to add to our list and checked our existing codes. You can use the latest codes to pick up some scrap and currency. If you're eyeing up a new ...