Cybersecurity
Cybersecurity collects analysis on vulnerabilities, exploits, patch management, ransomware, supply chain, AI security and threat intelligence. These articles help IT professionals, developers and security analysts follow operational threats, vendor updates and technical trends.

CAI Worm Kills Rival Cloud Malware, Steals Credentials
The CAI cloud-native worm eliminates TeamPCP and PCPJack processes to monopolize compromised hosts, marking an escalation in criminal…

X.Org Server: A Forgotten Bug Returns as Privilege Escalation — The ZDI-26-395 Case
A use-after-free flaw in SyncChangeCounter enables local privilege escalation to root on X.Org Server. The bug mirrors a pattern alrea…

UAT-7810 Expands ORB Network: New LONGLEASH, DOGLEASH, and JARLEASH Backdoors
Cisco Talos reveals the China-nexus APT UAT-7810 is actively expanding its LapDogs Operational Relay Box (ORB) network with new malwar…

China-Linked Exploit Chain Targets US and Canadian Universities via Roundcube
A suspected Chinese espionage cluster has compromised fewer than ten US and Canadian universities using a two-vulnerability chain in R…

Nissan Employees in Four Countries Exposed by Oracle PeopleSoft Zero-Day
Nissan Americas confirmed that attackers exploited CVE-2026-35273, a zero-day vulnerability in Oracle PeopleSoft PeopleTools, to steal…

Exploitarium: The Speed Paradox — Public Exploits for Already-Patched Flaws
Pseudonymous researcher 'bikini' dumped 30+ zero-day PoCs on GitHub without coordinated disclosure. CVE-2026-55200 in libssh2 had a fi…

CSE Discloses Three Offensive Cyber Operations in Rare 2025 Report
Canada's Communications Security Establishment (CSE) revealed in its 2025 annual report that it conducted three authorized offensive c…

Vishing 2.0 Hits Teams: Fake IT Support Calls Deploy EtherRAT
Palo Alto Networks Unit 42 uncovered a campaign that abuses Microsoft Teams voice calls to impersonate corporate IT support and trick…

Cavern: The .NET Framework That Challenges Analysts With Three Distinct Compilation Formats
Check Point Research has unveiled Cavern, a modular .NET C2 framework used by the Iranian threat actor Cavern Manticore. The framework…

Januscape: 16-Year-Old KVM Bug Enables Guest-to-Host Escape on Intel and AMD
CVE-2026-53359 strikes the shared shadow MMU code in Linux KVM used by both Intel and AMD. The flaw has existed since 2010 and require…

Elastic Automates CVE Advisory Writing with RAG on MITRE Data
Elastic Security Labs has put into production an AI pipeline that generates complete CVE advisory drafts with CWE, CAPEC, and CVSS, gr…

Armored Likho Targets Governments and Power Operators with BusySnake Stealer
The Armored Likho APT group, uncovered by Kaspersky, is conducting cyber-espionage and financially motivated attacks against governmen…