malware

CAI Worm Kills Rival Cloud Malware, Steals Credentials

The CAI cloud-native worm eliminates TeamPCP and PCPJack processes to monopolize compromised hosts, marking an escalation in criminal…

Jul 07, 2026views - 1.4k

VULN

X.Org Server: A Forgotten Bug Returns as Privilege Escalation — The ZDI-26-395 Case

A use-after-free flaw in SyncChangeCounter enables local privilege escalation to root on X.Org Server. The bug mirrors a pattern alrea…

Jul 07, 2026views - 1.3k

CYBERSECEXPLOIT

UAT-7810 Expands ORB Network: New LONGLEASH, DOGLEASH, and JARLEASH Backdoors

Cisco Talos reveals the China-nexus APT UAT-7810 is actively expanding its LapDogs Operational Relay Box (ORB) network with new malwar…

Jul 07, 2026views - 1.5k

CYBERSECEXPLOIT

China-Linked Exploit Chain Targets US and Canadian Universities via Roundcube

A suspected Chinese espionage cluster has compromised fewer than ten US and Canadian universities using a two-vulnerability chain in R…

Jul 07, 2026views - 1.6k

CYBERSECZERO-DAY

Nissan Employees in Four Countries Exposed by Oracle PeopleSoft Zero-Day

Nissan Americas confirmed that attackers exploited CVE-2026-35273, a zero-day vulnerability in Oracle PeopleSoft PeopleTools, to steal…

Jul 07, 2026views - 1.3k

zeroEXPLOIT

Exploitarium: The Speed Paradox — Public Exploits for Already-Patched Flaws

Pseudonymous researcher 'bikini' dumped 30+ zero-day PoCs on GitHub without coordinated disclosure. CVE-2026-55200 in libssh2 had a fi…

Jul 07, 2026views - 1.4k

CYBERSEC

CSE Discloses Three Offensive Cyber Operations in Rare 2025 Report

Canada's Communications Security Establishment (CSE) revealed in its 2025 annual report that it conducted three authorized offensive c…

Jul 06, 2026views - 1.5k

CYBERSEC

Vishing 2.0 Hits Teams: Fake IT Support Calls Deploy EtherRAT

Palo Alto Networks Unit 42 uncovered a campaign that abuses Microsoft Teams voice calls to impersonate corporate IT support and trick…

Jul 06, 2026views - 1.5k

CYBERSEC

Cavern: The .NET Framework That Challenges Analysts With Three Distinct Compilation Formats

Check Point Research has unveiled Cavern, a modular .NET C2 framework used by the Iranian threat actor Cavern Manticore. The framework…

Jul 06, 2026views - 1.1k

VULN

Januscape: 16-Year-Old KVM Bug Enables Guest-to-Host Escape on Intel and AMD

CVE-2026-53359 strikes the shared shadow MMU code in Linux KVM used by both Intel and AMD. The flaw has existed since 2010 and require…

Jul 06, 2026views - 1.2k

aiADVISORY

Elastic Automates CVE Advisory Writing with RAG on MITRE Data

Elastic Security Labs has put into production an AI pipeline that generates complete CVE advisory drafts with CWE, CAPEC, and CVSS, gr…

Jul 06, 2026views - 220

CYBERSEC

Armored Likho Targets Governments and Power Operators with BusySnake Stealer

The Armored Likho APT group, uncovered by Kaspersky, is conducting cyber-espionage and financially motivated attacks against governmen…

Jul 06, 2026views - 1.2k