Skip to content
282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

Swati KhandelwalJun 30, 2026API Security / Mobile Security Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases,… 

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS… 

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth

Swati KhandelwalJun 30, 2026Vulnerability / API Security A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API.… 

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

Ravie LakshmananJun 30, 2026Artificial Intelligence / Vulnerability Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered… 

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

Ravie LakshmananJun 30, 2026Vulnerability / Enterprise Software A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8),… 

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

Swati KhandelwalJun 29, 2026Browser Security / Web Security Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and…