Code Defence

Within 24 hours of disclosure, the critical Kubernetes privilege escalation vulnerability (CVE-2025-10202), now dubbed “KubeDoom,” is being exploited at scale. […]

Researchers have demonstrated a new self-propagating AI malware dubbed “Morris II.” This generative AI worm targets email assistants (like Copilot

US energy provider “GridNext” has confirmed a ransomware attack that has disrupted administrative systems and billing operations. The “Play” ransomware

A malicious Python package named “pytorch-optimize” has been discovered on the PyPI registry. The package mimics legitimate optimization tools but

A critical privilege escalation vulnerability (CVE-2025-10202, CVSS 9.8) has been disclosed in the Kubernetes API server. The flaw allows an

The “Play” ransomware group has integrated the critical “React2Shell” vulnerability (CVE-2025-55182) into its automated attack toolkit. Security firms report a

A new trend of “Model Denial of Service” (MDoS) attacks is targeting companies with public-facing LLM APIs. Attackers are sending

Broadcom (VMware) has released an emergency patch for a critical Remote Code Execution (RCE) vulnerability (CVE-2025-7722, CVSS 9.8) in vCenter

Following the refusal of London councils to pay the ransom, the Black Basta gang has published 500GB of sensitive data

Apple has released emergency updates for iOS (19.1.2) and macOS to patch a critical kernel vulnerability (CVE-2025-4432). The flaw is