Cybersecurity
Cybersecurity collects analysis on vulnerabilities, exploits, patch management, ransomware, supply chain, AI security and threat intelligence. These articles help IT professionals, developers and security analysts follow operational threats, vendor updates and technical trends.

FortiBleed: 74,000 FortiGates Exposed — Patching Alone Won't Fix It
CISA estimates 74,000 Fortinet devices have compromised credentials. The FortiBleed campaign exploits credential reuse and brute-force…

HalluSquatting Turns AI Assistants' Predictable Hallucinations into a Botnet Installation Vector
Researchers from Tel Aviv University, Technion, and Intuit demonstrated that nine AI coding tools install botnet malware when asked fo…

Qualys Unveils Risk Operations Center for the 'Day Minus Seven' Era
Qualys published a product-tech blog post on July 8, 2026 introducing the Risk Operations Center (ROC) as an operational response to w…

CISA Orders 3-Day Patch for CVE-2026-55255 in Langflow
An IDOR in Langflow's /api/v1/responses endpoint lets authenticated attackers steal LLM and cloud credentials from other users' flows.…

Malicious AI Skills: 3,000 Evade Scanning, Enterprises Exposed
ESET detected over 3,000 malicious skills among nearly 900,000 analyzed. The SkillCloak technique bypasses static scanners in more tha…

IRIS C2: Convicted Fraudsters Run Zero-Day Exploit Startup
IRIS C2, a McLean, Virginia startup offering up to $7 million for zero-day vulnerabilities, is operated by Jacob Wohl and Jack Burkman…

KDDI: Zero-Day in Third-Party Software Exposes 12,233,087 Email Addresses
KDDI confirmed a zero-day attack in third-party software compromised the shared email platform of five Japanese ISPs, exposing over 12…

Ubiquiti Patches CVE-2026-50746, Maximum-Severity Flaw in UniFi OS
Ubiquiti released security updates on July 8, 2026 for seven critical vulnerabilities in UniFi OS. The most severe, CVE-2026-50746, ca…

GhostLock: 15-Year Linux Kernel Bug Now Publicly Exploitable, Guarantees Root
CVE-2026-43499 enables root escalation and container escape on nearly every Linux distribution since 2011. Nebula Security published t…

Gartner: By 2028, 60% of Enterprises Will Drop Annual Pentesting for Continuous Validation
Gartner formalizes the COST framework for continuous vulnerability validation. Exploit time has compressed to under 10 hours, and 53%…

RedWing: Android Banking Malware Turns into a Telegram Rental Service
Zimperium zLabs uncovered RedWing, a Malware-as-a-Service platform that commercializes Android banking fraud with Telegram bots and su…

Accenture Confirms Data Breach: 35 GB of Data Up for Sale by Threat Actor '888'
Accenture has confirmed a security breach after threat actor '888' listed 35 GB of allegedly stolen data for sale on a cybercrime foru…