Security Boulevard

That “job brief” on Google Forms could infect your device

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

Malicious campaign targets popular OpenWebUI AI interface to mine crypty and steal credentials

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

GhostClaw turns GitHub habits into a macOS malware pipeline

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine ...