Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Nine Mexican government agencies targeted by a single attacker with two AI tools.

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Marimo is an integrated development environment for Python that combines code, results, visualizations, and documentation.

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

DarkSword, a serious iPhone exploit kit, just leaked on GitHub. If your device is running iOS 18.4 through 18.7 — or legacy versions 15.8.7 or 16.7.15 — you’re vulnerable. Contacts, messages, call ...

iPhone users should be on alert: DarkSword spyware has been posted in the wild. Credit: Cheng Xin/Getty Images DarkSword, the web-based hacker tool that can be used to steal data from millions of ...

The exploit, revealed last week by Google’s Threat Intelligence Group, is now publicly available on GitHub, increasing the urgency for older iPhones and iPads to run the latest available iOS and ...

Last week, cybersecurity researchers uncovered a hacking campaign targeting iPhone users that used an advanced hacking tool called DarkSword. Now someone has leaked a newer version of DarkSword and ...