Supabase is a technology platform tracked across 9 threat clusters and 13 intelligence report mentions on ThreatCluster. First observed February 2, 2026; most recent activity June 30, 2026.
Gamaredon, a Russian state-backed APT group, is actively exploiting a WinRAR vulnerability (CVE-2025-8088) to deploy malware against Ukrainian government and military targets. The attack begins with a spearphishing…
The Gamaredon group, a Russian-aligned APT, has significantly upgraded its cyber capabilities in 2025, focusing on spear-phishing campaigns against Ukrainian targets. ESET Research reports that Gamaredon conducted 35…
Bitdefender has reported a new AI-driven attack model termed 'vibeware', which generates numerous disposable malware variants. This tactic is linked to APT36 (Transparent Tribe), a Pakistan-aligned threat actor that has…
Recent research revealed that over 5,000 vibe-coded applications, created using platforms like Lovable and Base44, exposed sensitive corporate and personal data. The cybersecurity firm RedAccess found that approximately…
Lovable, a vibe-coding platform, is under scrutiny after a researcher revealed a significant data exposure issue affecting all projects created before November 2025. The researcher, known as @weezerOSINT, demonstrated…
Vibe-coding platform Lovable has been implicated in hosting an app with 16 vulnerabilities, including six critical ones, discovered by tech entrepreneur Taimur Khan. The vulnerabilities led to the exposure of personal…
State-backed hackers from China, Iran, North Korea, and Russia are utilizing Google's Gemini AI model to facilitate various stages of cyberattacks, including reconnaissance and post-compromise actions. Notably, the…
Cybersecurity researchers have identified a malicious NuGet package named StripeApi.Net that impersonates Stripe's official .NET library, Stripe.net. This incident represents a shift in threat actors' tactics from…
Moltbook, an AI-driven social network launched in late January 2026, allows AI agents to interact without human oversight. Shortly after its debut, security researchers identified a critical vulnerability that…