News

The Hacker News1d
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Then a couple of weeks ago, ESET noted that APT28 had leveraged cross-site scripting (XSS) vulnerabilities in various webmail servers such as Roundcube, Horde, MDaemon, and Zimbra to harvest ...
TweakTown3d
Think Notepad is Bloatpad now? Microsoft's new lightweight text editor is coming to Windows 11
Hate Notepad in Windows 11 because Microsoft keeps adding features to the app, bloating it up? You might like the new 'Edit' ...
Mistral releases a vibe coding client, Mistral Code
French AI startup Mistral is releasing its own "vibe coding" client, Mistral Code, to compete with incumbents like Windsurf, ...
The Hacker News4d
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and ...
The security debt of browsing AI agents
Our new study, "The Hidden Dangers of Browsing AI Agents" offers the first end-to-end threat model for browsing agents and ...