Security incidents, explained for the people who have to explain them.

How a security tool's own cleanup routine became a zero-day path to full system control

How a forged XML document can pass a cryptographic signature check and impersonate any SAP user

How a flaw in Windows' core networking code could let attackers spread automatically across the internet

How a single config file turned every AI coding agent into a credential harvester

How a single UDP packet to any unpatched domain controller hands attackers the keys to every system in your network

How a stolen session cookie turned a security certification into a weapon

How attackers turned AI coding assistants into silent credential thieves across three package registries

How a poisoned VS Code extension gave attackers access to thousands of a company's internal repositories

How a 'patched' Windows driver flaw from 2020 came back as a working exploit on fully patched systems in 2026

How an AI model found a hidden 2FA bypass and wrote the exploit before any scanner could see it

How attackers poisoned a build pipeline's cache to publish 84 malicious packages with valid security certificates

How an AI agent turned a notebook vulnerability into a database breach in under one hour

How a natural-language prompt became a shell command inside a company's AI agent

How attackers bypassed a VPN's password check entirely by exploiting a 1998-era protocol

How attackers used a company's own firewall to reach inside its network without a password

How attackers read your MFA codes from a Windows database without ever touching your phone

How a 732-byte script earned root on every major Linux distribution by corrupting files that never changed on disk

How a missing function call let attackers bypass authentication on 1.5 million web hosting control panels

How a single quote in an API request let attackers drain every AI provider credential from a company's gateway

How a new AI agent role in Microsoft Entra ID let any user silently take over the entire tenant

How a robotics AI framework's own serialization design left every connected robot open to remote takeover

How attackers poisoned a security scanner to steal the secrets it was scanning

How a compromised security scanner let attackers publish a credential-stealing worm under Bitwarden's own name

How a stolen npm token turned legitimate packages into a self-spreading credential worm with an unkillable command server

How a model file you downloaded can execute code on your AI server before you run a single prompt

How a game script on a vendor's laptop gave attackers the keys to a $9 billion platform's customer secrets

How attackers used a company's own device management tool to wipe 80,000 computers overnight

How a broken certificate check let anyone impersonate any user on Cisco Webex

How attackers turned a maintainer's stolen npm token into a backdoor in 100 million weekly downloads of Axios

How a routine security update disabled the integrity check protecting every login in a web framework used by hundreds of millions of apps

How attackers used Windows Defender itself to gain full system control, then hid the damage from every dashboard

How a missing 27-character code fix left thousands of web servers open to unauthenticated takeover

How a single git push command could have given an attacker access to millions of repositories on GitHub

How a phishing kit turned your MFA approval into an attacker's login

How a nation-state spy operation hid inside a ransomware extortion demand

How a PDF profiled your system before deciding whether to attack it