Archive
All articles, newest first. Page 3.
OpenAI Shifts the Remediation Paradox: From Finding Bugs to Patching Them
OpenAI releases GPT-5.5-Cyber and the Patch the Planet initiative. AI has solved vulnerability discovery, creating a larger problem: t…
Xsolis Phishing Breach Exposes 1.4 Million PHI Records
Xsolis took five months to disclose the full scope of a January 2026 phishing attack. The HHS breach tracker revealed 1,396,519 affect…
SonicWall: CVE Patched, but Risk Persists Across All 14 Audited Firewalls
A SANS audit of 14 SonicWall Gen7 firewalls shows the CVE-2024-40766 firmware patch fixed the bug, but 12 of 14 devices retained stale…
Tata Electronics Breach: 200,000 Files Leaked, Apple and Tesla Secrets Appear on Dark Web
Tata Electronics confirmed a cybersecurity incident on June 22, 2026, stating it occurred "a few weeks ago" with no operational impact…
Unit 42: Cloud Buckets Hijackable via Delete-and-Recreate
Unit 42 research shows how globally unique bucket names enable silent redirection of logs and messages across cloud accounts. Cross-CS…
DifyTap: Four CVEs Expose Broken Cross-Tenant Isolation in Dify
Zafran Security disclosed DifyTap, four vulnerabilities in Dify that allowed cross-tenant reading of conversations and files. Three we…
OXLOADER: Malicious Google Ads Deliver Infostealer
Elastic Security Labs uncovers OXLOADER, a previously undocumented Windows loader distributed via malicious Google Ads impersonating N…
Oracle PeopleSoft Zero-Day: ShinyHunters Targets Higher Education
CVE-2026-35273, a CVSS 9.8 unauthenticated RCE, has been exploited by ShinyHunters since May 27. Over 100 universities hit; MeshCentra…
Samsung rlottie: RCE via Integer Truncation, Open-Source Patch Available
A short-vs-int type error in Samsung's rlottie graphics library enables remote code execution through a malicious animation file. A pa…
WhatsApp Weaponized: VBS and RMM Delivered via DMs from Compromised Contacts
An active campaign since June 2026 uses WhatsApp Desktop to distribute malicious VBScript files, install legitimate RMM software, and…
CSIS Secures First Threat-Reduction Warrant to Disinfect Domestic Botnet
Canada's spy agency obtains the first judicial warrant for active cyber threat-reduction operations on infected routers and IoT device…
ClawHub: 23 AI Plugins Under Official Scopes, Unauthorized Accounts
Scope squatting on ClawHub: 23 code-executing AI agent plugins published under the official @openclaw and @clawhub namespaces by unrel…
Malware on Steam Workshop: Malicious Wallpapers Steal Accounts
Dozens of malicious wallpapers on Steam Workshop have racked up thousands of downloads. Kaspersky analysis reveals DarkKomet backdoor,…
Atril RCE via EPUB: Patch Available Nine Days Before Disclosure
ZDI-26-360: A heap buffer overflow in the MATE Desktop's Atril document viewer enables remote code execution through malicious EPUB fi…
iOS AI Apps: 282 Exposed, Only 28% Fixed
Wake Forest study finds 282 of 444 analyzed iOS LLM apps leak API credentials. After 90 days of responsible disclosure, just 28% remed…
systemd 261: Software TPM and Native Installer Rewrite the Rules
systemd 261 expands the project's scope well beyond its traditional init system role, introducing a software TPM based on IBM swtpm, a…
F5 Patches Critical NGINX Flaws: Conditional RCE at CVSS 9.2 Demands Immediate Action
F5 released out-of-band patches on June 17, 2026 for two critical vulnerabilities in NGINX Open Source. Both carry a CVSS v4.0 score o…
AryStinger Botnet Compromises Over 4,000 End-of-Life D-Link Routers Worldwide
Qianxin XLab researchers have uncovered AryStinger, a previously undocumented botnet that has hijacked more than 4,000 obsolete D-Link…
FortiBleed: 74,000 Fortinet Credentials Exposed, CISA Orders Immediate Action
CISA mandates immediate hardening for roughly 74,000 Fortinet devices after the FortiBleed credential leak. Valid credentials are circ…
Prinz Eugen: The Ransomware That Encrypts the Newest Files First
Threatdown researchers have documented Prinz Eugen, a Go-based ransomware that prioritizes recently modified files, leaves no ransom n…
Microsoft Attributes Mastra Supply-Chain Attack to North Korean Sapphire Sleet
Microsoft assesses with high confidence that the supply-chain compromise of more than 140 @mastra npm packages was carried out by the…
Attack Surface 2026: 42% of Companies Have Databases Exposed to the Internet
Intruder's report on 3,000 organizations reveals the midmarket paradox: growing companies with enterprise-scale attack surfaces and SM…
GentleKiller: The EDR-Killer Framework Built Into the Gentlemen RaaS
The Gentlemen ransomware-as-a-service operation equips affiliates with GentleKiller, an in-house BYOVD framework spanning eight-plus v…
TPWD Breach Exposes 3 Million Driver's Licenses and Passports; Vendor Remains Undisclosed
The Texas Parks and Wildlife Department confirms a breach via an unnamed third-party vendor affecting 3,087,721 hunting and fishing li…