CYBERSECEXPLOIT

FortiBleed: 74,000 FortiGates Exposed — Patching Alone Won't Fix It

CISA estimates 74,000 Fortinet devices have compromised credentials. The FortiBleed campaign exploits credential reuse and brute-force…

Jul 08, 2026views - 1.5k

ai

HalluSquatting Turns AI Assistants' Predictable Hallucinations into a Botnet Installation Vector

Researchers from Tel Aviv University, Technion, and Intuit demonstrated that nine AI coding tools install botnet malware when asked fo…

Jul 08, 2026views - 1.4k

CYBERSEC

Qualys Unveils Risk Operations Center for the 'Day Minus Seven' Era

Qualys published a product-tech blog post on July 8, 2026 introducing the Risk Operations Center (ROC) as an operational response to w…

Jul 08, 2026views - 1.3k

CYBERSECCVE

CISA Orders 3-Day Patch for CVE-2026-55255 in Langflow

An IDOR in Langflow's /api/v1/responses endpoint lets authenticated attackers steal LLM and cloud credentials from other users' flows.…

Jul 08, 2026views - 1.5k

CYBERSEC

Malicious AI Skills: 3,000 Evade Scanning, Enterprises Exposed

ESET detected over 3,000 malicious skills among nearly 900,000 analyzed. The SkillCloak technique bypasses static scanners in more tha…

Jul 08, 2026views - 1.3k

CYBERSECEXPLOIT

IRIS C2: Convicted Fraudsters Run Zero-Day Exploit Startup

IRIS C2, a McLean, Virginia startup offering up to $7 million for zero-day vulnerabilities, is operated by Jacob Wohl and Jack Burkman…

Jul 08, 2026views - 1.6k

CYBERSECZERO-DAY

KDDI: Zero-Day in Third-Party Software Exposes 12,233,087 Email Addresses

KDDI confirmed a zero-day attack in third-party software compromised the shared email platform of five Japanese ISPs, exposing over 12…

Jul 08, 2026views - 1.5k

CYBERSECCVE

Ubiquiti Patches CVE-2026-50746, Maximum-Severity Flaw in UniFi OS

Ubiquiti released security updates on July 8, 2026 for seven critical vulnerabilities in UniFi OS. The most severe, CVE-2026-50746, ca…

Jul 08, 2026views - 1.8k

linuxEXPLOIT

GhostLock: 15-Year Linux Kernel Bug Now Publicly Exploitable, Guarantees Root

CVE-2026-43499 enables root escalation and container escape on nearly every Linux distribution since 2011. Nebula Security published t…

Jul 08, 2026views - 1.4k

CYBERSECEXPLOIT

Gartner: By 2028, 60% of Enterprises Will Drop Annual Pentesting for Continuous Validation

Gartner formalizes the COST framework for continuous vulnerability validation. Exploit time has compressed to under 10 hours, and 53%…

Jul 08, 2026views - 1.2k

malware

RedWing: Android Banking Malware Turns into a Telegram Rental Service

Zimperium zLabs uncovered RedWing, a Malware-as-a-Service platform that commercializes Android banking fraud with Telegram bots and su…

Jul 08, 2026views - 1.3k

CYBERSEC

Accenture Confirms Data Breach: 35 GB of Data Up for Sale by Threat Actor '888'

Accenture has confirmed a security breach after threat actor '888' listed 35 GB of allegedly stolen data for sale on a cybercrime foru…

Jul 07, 2026views - 1.8k