malware

Edgecution: Malicious Edge Extension Bypasses Sandbox via Native Messaging

Zscaler ThreatLabz documents a campaign where the Edgecution extension abuses Chrome's Native Messaging API to escape the browser sand…

Jun 25, 2026views - 1.2k

CYBERSECCRITICAL

Unraid: Command Injection in ToggleState.php Enables RCE

CVE-2026-9773 in the Unraid web server: command injection in ToggleState.php allows authenticated remote code execution. CVSS 8.8, fix…

Jun 24, 2026views - 736

linux

Linux Process Masquerading Tricks ps and top

On Linux, malicious processes mask their name and command line by abusing prctl and argv memory overwrites. Standard tools like ps and…

Jun 24, 2026views - 832

CYBERSEC

The Fake kworker: How APTs Masquerade Linux Processes

Ps and top become unreliable: APTs overwrite argv[0] and use prctl to impersonate kworker. eBPF tools like Kunai detect the real binar…

Jun 24, 2026views - 735

CYBERSEC

GitHub Hardens Actions Checkout Against Pwn Request Attacks

GitHub ships actions/checkout v7 with default blocking for malicious forks. Workflows pinned to a specific SHA remain exposed — here's…

Jun 23, 2026views - 731

openai

OpenAI Shifts the Remediation Paradox: From Finding Bugs to Patching Them

OpenAI releases GPT-5.5-Cyber and the Patch the Planet initiative. AI has solved vulnerability discovery, creating a larger problem: t…

Jun 23, 2026views - 1.2k

VULN

DifyTap: Four CVEs Expose Broken Cross-Tenant Isolation in Dify

Zafran Security disclosed DifyTap, four vulnerabilities in Dify that allowed cross-tenant reading of conversations and files. Three we…

Jun 22, 2026views - 779

CYBERSECCRITICAL

Samsung rlottie: RCE via Integer Truncation, Open-Source Patch Available

A short-vs-int type error in Samsung's rlottie graphics library enables remote code execution through a malicious animation file. A pa…

Jun 22, 2026views - 696

VULNCRITICAL

Atril RCE via EPUB: Patch Available Nine Days Before Disclosure

ZDI-26-360: A heap buffer overflow in the MATE Desktop's Atril document viewer enables remote code execution through malicious EPUB fi…

Jun 22, 2026views - 722

CYBERSEC

iOS AI Apps: 282 Exposed, Only 28% Fixed

Wake Forest study finds 282 of 444 analyzed iOS LLM apps leak API credentials. After 90 days of responsible disclosure, just 28% remed…

Jun 22, 2026views - 1.2k

linux

systemd 261: Software TPM and Native Installer Rewrite the Rules

systemd 261 expands the project's scope well beyond its traditional init system role, introducing a software TPM based on IBM swtpm, a…

Jun 22, 2026views - 807

cybersec

Microsoft Attributes Mastra Supply-Chain Attack to North Korean Sapphire Sleet

Microsoft assesses with high confidence that the supply-chain compromise of more than 140 @mastra npm packages was carried out by the…

Jun 20, 2026views - 1.4k