More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.

These characters are dangerous, daring, and downright diabolical.

The activity centres on unauthenticated ComfyUI deployments and the platform’s custom node ecosystem, which lets users add ...

Oracle WebLogic operators are under pressure to close a critical security gap after attackers began probing and exploiting a newly disclosed flaw on the same day public exploit code appeared, ...

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

With 15,384 commercial martech tools in the 2025 landscape and AI-powered pitches arriving daily, the biggest risk for ...

You gotta build a "digital twin" of the mess you're actually going to deploy into, especially with stuff like mcp (model context protocol) where ai agents are talking to data sources in real-time.