Apr 29, 2026 | Podcast
A CVSS 10.0 in Gemini CLI: How Agentic Workflows Are Reshaping Supply Chain Risk Google has patched a critical, maximum-severity vulnerability in its Gemini CLI tool — the @google/gemini-cli npm package and the google-github-actions/run-gemini-cli GitHub Actions...
Apr 28, 2026 | Podcast
https://www.rapid7.com/blog/post/etr-cve-2026-41940-cpanel-whm-authentication-bypass On April 28, 2026, cPanel issued an emergency security update addressing CVE-2026-41940, a critical authentication bypass vulnerability affecting cPanel & WHM and WP Squared...
Apr 27, 2026 | Podcast
https://xint.io/blog/copy-fail-linux-distributions A newly discovered Linux vulnerability, dubbed “copy_file_range” or “CopyFail,” is sending shockwaves through the cybersecurity community after researchers found it can be exploited to grant...
Apr 24, 2026 | Podcast
The zero-days are numbered Mozilla has announced a groundbreaking collaboration with Anthropic that leveraged advanced AI models to identify and fix 271 security vulnerabilities in Firefox 150, marking a potential paradigm shift in software security. The Firefox team...
Apr 23, 2026 | Podcast
https://securelist.com/fakewallet-cryptostealer-ios-app-store/119474 China’s Apple App Store has been compromised by a wave of fraudulent cryptocurrency wallet applications designed to steal users’ digital assets, according to recent security research....
Apr 22, 2026 | Podcast
https://www.bleepingcomputer.com/news/security/microsoft-teams-increasingly-abused-in-helpdesk-impersonation-attacks Cybercriminals are increasingly exploiting Microsoft Teams to conduct sophisticated helpdesk impersonation attacks, using the trusted business...
Apr 21, 2026 | Podcast
https://support.apple.com/en-us/127002 Apple has released a security update to address a significant privacy flaw in iOS that prevented notification data from being properly deleted even after users removed the notifications. The bug allowed sensitive information...
Apr 20, 2026 | Podcast
https://www.ghacks.net/2026/04/21/claude-desktop-silently-installs-browser-extension-files-for-browsers-not-installed Anthropic’s Claude Desktop application has come under scrutiny after users discovered it silently installs browser extension files on systems,...
Apr 17, 2026 | Podcast
https://openai.com/index/scaling-trusted-access-for-cyber-defense OpenAI has unveiled GPT-5.4-Cyber, a variant of its latest flagship model GPT-5.4, specifically optimised for defensive cybersecurity use cases, arriving days after rival Anthropic released its own...
Apr 16, 2026 | Podcast
Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them. More than 30 WordPress plugins belonging to the EssentialPlugin suite have been found to contain malicious backdoor code, affecting products with hundreds of thousands of active installations...
