ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...

Automating KYC: Why Your Fintech Needs a Zero-Retention Architecture

In the fast-moving world of financial technology, developers are caught in a relentless, high-stakes tug-of-war. On one side, the product and growth teams are demanding a frictionless, sub-second user ...

The best femme fatales from film and television

These characters are dangerous, daring, and downright diabolical.
Arabian Post

ComfyUI breach wave targets AI servers

The activity centres on unauthenticated ComfyUI deployments and the platform’s custom node ecosystem, which lets users add ...
Arabian Post

WebLogic flaw becomes an instant target

Oracle WebLogic operators are under pressure to close a critical security gap after attackers began probing and exploiting a newly disclosed flaw on the same day public exploit code appeared, ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...