Cybersecurity
Cybersecurity collects analysis on vulnerabilities, exploits, patch management, ransomware, supply chain, AI security and threat intelligence. These articles help IT professionals, developers and security analysts follow operational threats, vendor updates and technical trends.

Microsoft: AI Will Make Patch Tuesday Permanently More Demanding
Microsoft EVP Pavan Davuluri confirmed on July 9, 2026 that AI will permanently increase the volume of security updates in each Patch…

GigaWiper: The Post-Compromise Malware Masking Three Destructive Intents
GigaWiper is a modular Go backdoor that unifies wiper, fake ransomware, and spyware capabilities. Linked to BLUERABBIT, the platform c…

LVM: Weeks of Blackout After Ransomware Hits System Unpatched for Two Years
Latvia's state-owned forestry company Latvijas valsts meži (LVM) remains paralyzed weeks after a June 22 ransomware attack. Roughly tw…

AI-Generated Malware Maps Active Directory: How It Was Caught
On June 3, 2026, Huntress detected an attack using an AI-generated PowerShell script created via vibe coding. Behavioral detection suc…

Microsoft Patches RoguePlanet: When the Antivirus Becomes the Attack Surface
CVE-2026-50656 enables privilege escalation to SYSTEM via the Microsoft Defender engine. The fix arrives through an automatic engine u…

AssuranceAmerica: 7 Million Driver's Licenses Exposed, No Credit Monitoring Offered
A single compromised employee account opened access to nearly 7 million driver's license numbers. AssuranceAmerica is not offering cre…

Hyadina Strikes with GodDamn: Microsoft-Signed Driver Disables EDR in 24 Hours
The Hyadina ransomware-as-a-service group deploys a new locker, GodDamn, using the Microsoft-signed PoisonX kernel driver to neutraliz…

Verified X Ads Spread Mac Malware and Steal Microsoft 365 Accounts
Active campaigns exploit X's blue verification badge to distribute Mac malware via ClickFix and steal Microsoft 365 OAuth tokens using…

Mount Royal University Confirms Breach With Double Extortion: Data Theft and Deletion
The CMD Organization ransomware group claimed responsibility for the attack on Mount Royal University, demanding a $1.9 million ransom…

Agentic AI: A Lone Attacker Compromises Enterprise AWS in 72 Hours
Sygnia documents the first operational case of a lone threat actor using AI-assisted workflows to compress an enterprise AWS attack fr…

Lorex 0-Day ZDI-26-399: Root RCE on Wi-Fi Camera, No Patch After 14 Months
The ZDI-26-399 vulnerability exposes Lorex 2K Indoor Wi-Fi Security Cameras to root-level remote code execution from the local network…

Ollama Zero-Day DoS: downloadBlob Bug Puts Local AI Servers at Risk
ZDI has disclosed a zero-day vulnerability in Ollama enabling unauthenticated remote denial-of-service attacks via the downloadBlob fu…