Jul 112026 Could Invisible Planet Flybys Have Triggered Earth’s Mass Extinctions? A speculative paper argues that ancient planetary flybys may have helped trigger some of Earth’s mass extinctions.
Jul 112026 Researchers Finally Solve a Decades-Old Mystery About Cellular Aging A new study identifies the molecular switch that determines when aging cells permanently stop dividing.
Jul 112026 Textbooks May Need Rewriting After Researchers Debunk a Core Chemistry Concept For nearly a century, students have learned the inductive effect the same way. Now, researchers say that explanation may not tell the whole story.
Jul 112026 Scientists Discover an Alarming Trend Climate Models Are Missing North Pacific winter storm paths are moving toward the North Pole faster than scientists expected.
Jul 112026 Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers FoxIO disclosed XRING, an unpatched XQUIC flaw that lets unauthenticated clients crash HTTP/3 servers with 260 bytes of legal QPACK traffic.
Jul 112026 Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions Zimbra fixes a critical stored XSS flaw in its Classic Web Client that could let crafted emails run malicious scripts when opened. Update to 10.1.19.
Jul 112026 URGENT — Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat Progress ordered ShareFile customers to shut down their Storage Zone Controllers while it investigates a credible external security threat.
Jul 112026 Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot Six U-Boot flaws include four that can crash devices and two that could run code before signature checks; no fixed stable release exists.
Jul 112026 Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws A researcher says three patched OpenClaw flaws could enable credential theft, privilege escalation, and host code execution via WhatsApp.
Jul 112026 Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages Unknown attackers compromised Injective Labs’ GitHub repo to publish npm package 1.20.21, which steals wallet private keys and seed phrases.