# That AI You Confide in May Be an Open Book: Researchers Find Cloud Keys, Exposed Conversations, and Injectable Chat in Companion Apps One app ships with the developer’s OpenAI token and Google Cloud private key in its code. Another lets any app on the phone inject scripts into what […]

# Buy A Help Desk, Bundle A Remote Access Solution? (SolarWinds Web Help Desk Pre-Auth RCE Chain(s)) It’s been a while, but we’re back – in time for story time. Gather round, strap in, and prepare for another depressing journey of “all we wanted to do was reproduce an N-day, […]

By Aviv Donenfeld and Oded Vanunu Check Point Research has discovered **critical** vulnerabilities in Anthropic’s Claude Code that allow attackers to achieve **remote code execution** and steal API credentials through malicious project configurations. The vulnerabilities exploit various configuration mechanisms including **Hooks**, **Model Context Protocol** (MCP) servers, and **environment variables**-executing arbitrary […]

# CVE-2025-59201 – Network Connection Status Indicator (NCSI) EoP It’s been a while since I last dug into a Patch Tuesday release. With an extraordinarily high number of 177 CVEs, including 6 that were either already public or exploited in the wild, the October 2025 one seemed like a good […]

Check Point Research (CPR) continuously tracks threats, following the clues that lead to major players and incidents in the threat landscape. Whether it’s high-end financially-motivated campaigns or state-sponsored activity, our focus is to figure out what the threat is, report our findings to the relevant parties, and make sure Check […]

# CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad February 19, 2026 | TrendAI Research Team _In this excerpt of a TrendAI Research Services vulnerability report, Nikolai Skliarenko and Yazhi Wang of the TrendAI Research team detail a recently patched command injection vulnerability in the Windows Notepad application. This bug […]

– A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection (RDP) on the Socomec DIRIS M-70 gateway by pivoting from physical debugging to a “good enough” emulation approach. – By focusing on emulating only the single thread responsible for Modbus protocol handling rather than the entire […]

CVE-2025-61982 An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A specially crafted OpenFOAM simulation file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. The versions below were either tested or verified to be […]

AI is rapidly becoming embedded in day-to-day enterprise workflows, inside browsers, collaboration suites, and developer tooling. As a result, AI service domains increasingly blend into normal corporate traffic, often allowed by default and rarely treated as sensitive egress. Threat actors are already capitalizing on this shift. Across the malware ecosystem, […]

# Building a Secure Electron Auto-Updater 16 Feb 2026 – Posted by Michael Pastor ## Introduction In cooperation with the Polytechnic University of Valencia and Doyensec, I spent over six months during my internship in a research that combines theoretical foundations in code signing and secure update designs with a […]