Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow ...

Python libraries used in top AI and ML tools hacked - Nvidia, Salesforce and other libraries all at risk

Security researchers from Palo Alto Networks have discovered vulnerabilities used in some top Artificial Intelligence (AI) ...
Dark Reading

Vulnerabilities Surge, But Messy Reporting Blurs Picture

MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in ...

Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws

Today is Microsoft' 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly ...
SecurityWeek

Cisco Patches Vulnerability Exploited by Chinese Hackers

Cisco patched an Email Gateway and Secure Email zero-day exploited by Chinese hackers to deploy the AquaShell backdoor.
eWeek

AI Startup Replit Launches ‘Vibe Coding’ Feature for Building Mobile Apps

This approach allows developers to create applications through natural language conversations rather than traditional ...
The Hacker News

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco released fixes for CVE-2025-20393, a CVSS 10.0 zero-day RCE flaw in AsyncOS exploited by a China-linked APT via email ...

Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

A couple of other interesting bugs that Childs points out are these two, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7 ...
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...
Dark Reading

Taiwan Endures Greater Cyber Pressure From China

Cyberattacks on Taiwan's critical infrastructure — purported from China — averaged 2.63 million attempts per day, targeting ...

Cisco has finally patched a maximum-level security issue which was allegedly being targeted by Chinese hackers

At least one of these groups allegedly targeted Cisco Secure Email Gateway, and Cisco Secure Email and Web Manager instances ...