「メモ帳」の任意コード実行の脆弱性はAIではなくMarkdown機能に起因 ...

2026年2月のセキュリティアップデートで修正された「メモ帳」アプリの脆弱性「CVE‑2026‑20841」は、最近導入されたMarkdown記法のサポートに原因があったようだ。 Trend Microのセキュリティチーム「Zero Day ...
CNX Software

AsteroidOS 2.0 open-source smartwatch OS released, now supports around 30 devices

AsteroidOS 2.0 Linux-based, open-source smartwatch operating system has just been released with features such as always-on display support, Tilt-to-Wake, ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups

CTM360 reports 4,000+ malicious Google Groups and 3,500+ Google-hosted URLs used to spread the Lumma Stealer infostealing malware and a trojanized "Ninja Browser." The report details how attackers ...

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, ...

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.