The Hacker News

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by February 12, 2026.

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities ...

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.