4 reports in the last 24 hours with no critical threats. Activity mainly in ransomware and apt. Maintain standard security posture.
Critical
NVD CRITICAL: CVE-2026-58289 — Access of resource using incompatible type ('type confusion') in Microsoft Edge ...
In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting
Adobe premieres a second Patch Tuesday each month to deliver fixes faster
ANCHOR-CI Framework Strengthens Partnerships and Information Sharing to Secure Critical Infrastructure
New CitrixBleed-like NetScaler flaw sees exploit attempts in the wild
NVD CRITICAL: CVE-2026-4321 — Improper neutralization of special elements used in an SQL command ('SQL injecti...
JadePuffer ransomware used AI agent to automate entire attack
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent. [...]
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that took the money calls itself Kairos, but it may not be a ransomware gang at all. Krishnan found no sign that it ever locked a single
AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data
Connor Jones reports: AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing. The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and exte
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,
Weekly Metasploit Update: Modules for SMB-to-Meterpreter, Peyara Remote Mouse RCE exploit, and more
It's Time to Upgrade Your SMB Session This week, Metasploit contributor Dean Welch has added an SMB to Meterpreter session upgrade module. It uses PsExec to facilitate the upgrade. Users can load the module with use windows/manage/smb_to_meterpreter and specify the session number they wish to upgrade. This functionality is also available with the command sessions -u <session_id> . This work is par
NVD CRITICAL: CVE-2026-58289 — Access of resource using incompatible type ('type confusion') in Microsoft Edge ...
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside the firmware that runs security cameras, drones, industrial controllers, hardware crypto wallets, and other devices built on
An AI just carried out a cyber attack without any human oversight for the first time
Anthony Cuthbertson reports: Security researchers have uncovered what they believe to be the first ever instance of an artificial intelligence agent executing a cyber attack from start to finish without human assistance. The AI-powered attack marks a major milestone for both artificial intelligence and cyber security, raising concerns that AI is lowering the barrier for cyber criminals. The fully
New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in the same small stretch of kernel code where Anthropic's most powerful AI model, Mythos, recently found a different bug. The AI caught one flaw and missed
New Avalon Malware Framework Packs CrownX Ransomware Capabilities
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that's distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, bringing together diverse functions under one
NetNut proxy network disrupted, 2 million infected devices cut off
A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including smart TVs and streaming boxes. [...]
FBI Disrupts Widely Used NetNut Residential Proxy Service
<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/fbi-disrupts-widely-used-netnut-residential-proxy-service-image_small-6-a-32154.jpg" align=right hspace=4><b>2 Million Home Devices, Including Routers and Smart TVs, Tied to NetNut Botnet</b><br>The FBI and private-sector partners have disrupted NetNut, one of the world's biggest and most popular residential proxy networks. Google
Lawmaker Probing Pegasus Spyware Infected Using Same Malware
<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/lawmaker-probing-pegasus-spyware-infected-using-same-malware-image_small-1-a-32153.jpg" align=right hspace=4><b>Members of European Parliament Seek Fresh Spyware Probe Following Revelations</b><br>Multiple European lawmakers are calling for a fresh investigation into spyware following new revelations that a European Parliament com
Live Activity
Threat Alerts
Real-time alerts for the threats that matter to you. Choose your severity levels and threat categories.