Toggle light / dark theme

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks.

The developer collaboration platform says that the move is meant to uncover security issues “in areas that are difficult to support with traditional static analysis alone.”

CodeQL will continue to provide deep semantic analysis for supported languages, while AI detections will provide broader coverage for Shell/Bash, Dockerfiles, Terraform, PHP, and other ecosystems.

PolyShell attacks target 56% of all vulnerable Magento stores

Attacks leveraging the ‘PolyShell’ vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores.

According to eCommerce security company Sansec, hackers started exploiting the critical PolyShell issue en masse last week, just two days after public disclosure.

“Mass exploitation of PolyShell started on March 19th, and Sansec has now found PolyShell attacks on 56.7% of all vulnerable stores,” Sansec says.

Physicists just turned glass into a powerful quantum security device

Scientists have turned simple glass into a powerful quantum communication device that could safeguard data against future quantum attacks. The chip combines stability, speed, and versatility—handling both ultra-secure encryption and record-breaking random number generation in one compact system.

Superconducting chip generates tunable terahertz waves for compact imaging

A tiny crystal chip which uses terahertz radiation to see clearly through a wide range of materials could find applications in health care, biological research, and security screening. Researchers from Scotland and Japan have developed a lightweight superconducting chip, which they say could unlock the full potential of terahertz imaging technologies and lead to the development of more powerful and portable devices.

The team’s paper, titled “Terahertz Imaging System with On-Chip Superconducting Josephson Plasma Emitters for Nondestructive Testing,” is published in IEEE Transactions on Applied Superconductivity.

Terahertz radiation lies between the microwave and infrared frequencies of the electromagnetic spectrum. It passes easily and harmlessly through a wide range of materials, and can be used to identify the characteristic “fingerprint” of molecules and biological materials as it does so, allowing them to be detected and analyzed.

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

A newly disclosed vulnerability dubbed ‘PolyShell’ affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover.

There are no signs of the issue being actively exploited in the wild, but eCommerce security company Sansec warns that “the exploit method is circulating already” and expects automated attacks to start soon.

Adobe has released a fix, but it is only available in the second alpha release for version 2.4.9, leaving production versions vulnerable. Sansec says that Adobe offers a “sample web server configuration that would largely limit the fallout,” but most stores rely on a setup from their hosting provider.

New “Darksword” iOS exploit used in infostealer attack on iPhones

A new exploit kit for iOS devices and delivery framework dubbed “DarkSword” has been used to steal a wide range of personal information, including data from cryptocurrency wallet apps.

DarkSword targets iPhones running iOS 18.4 through 18.7 and is linked to multiple actors, including UNC6353, suspected to be Russian, who used the Coruna exploit chain disclosed earlier this month.

Researchers at mobile security company Lookout discovered DarkSword while investigating the infrastructure used for the Coruna attacks. Google’s Threat Intelligence Group and iVerify also collaborated for a more comprehensive analysis of this previously unknown threat and the adversaries leveraging it.

Apple pushes first Background Security Improvements update to fix WebKit flaw

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026–20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade.

The CVE-2026–20643 flaw allows malicious web content to bypass the browser’s Same Origin Policy.

Apple says the flaw is a cross-origin issue in the Navigation API that was addressed with improved input validation.

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

To establish persistence, the LNK files are copied to the Windows Startup folder so that they are automatically launched following a system reboot. The attack chain then displays a URL containing lures related to installing Starlink or a Ukrainian charity named Come Back Alive Foundation.

The HTML file is eventually executed via the Microsoft Edge browser in headless mode, which then loads the remote obfuscated script hosted on Pastefy.

The browser is executed with additional parameters like –no-sandbox, –disable-web-security, –allow-file-access-from-files, –use-fake-ui-for-media-stream, –auto-select-screen-capture-source=true, and –disable-user-media-security, granting it access to the local file system, as well as camera, microphone, and screen capture without requiring any user interaction.

/* */