Langflow Vulnerability Deploys Monero Miner
Cybersecurity researchers have identified an active campaign exploiting CVE-2026-33017, a critical remote code execution (RCE) vulnerability in Langflow, to compromise internet-facing AI servers and deploy a customized Monero (XMR) cryptominer. [...]
Splunk Secure Gateway RCE Vulnerability Discovered
A high-severity vulnerability, CVE-2026-20251, has been identified in Splunk Secure Gateway (SSG), potentially allowing authenticated users with low-level privileges to execute arbitrary code on affected systems. The flaw carries a [...]
Fake Shopify Invoices Steal User Credentials
Cybersecurity researchers have uncovered a new phishing campaign in which scammers abuse Shopify and its Shop order-tracking app to deliver fake invoices directly to users. Instead of relying on traditional [...]
Langflow RCE Vulnerability: Unauthenticated Code Execution Risk
A critical security vulnerability, CVE-2026-33017, has been discovered in Langflow, an open-source platform used to build AI workflows, large language model (LLM) applications, and Retrieval-Augmented Generation (RAG) pipelines. Researchers report [...]
ManageEngine AD360 Vulnerability Discovered
ManageEngine has released security updates to address a critical vulnerability, CVE-2026-11374, affecting its AD360 identity and access management platform. The flaw impacts several integrated products that rely on AD360 for [...]