HOTNEWS 2026  January(174) February(168) March(221) April(222) May(261) June(255) July(156) August(0) September(0) October(0) November(0) December(0) | STATISTICS (7049)

DATE

NAME

INFO

CATEGORY

SUBCATE

13.7.26 CrashStealer CrashStealer: C++ macOS infostealer posing as crash reporter MALWARE MacOS
13.7.26 ModHeader Malware ModHeader Malware: Inside the Chrome Spyware Google Removed MALWARE Spyware
13.7.26 codemado One Misconfigured Server, Three Active Campaigns: Full exposure of three AiTM Phishing Operators CAMPAIGN CAMPAIGN
13.7.26 mail-argenta One Misconfigured Server, Three Active Campaigns: Full exposure of three AiTM Phishing Operators CAMPAIGN CAMPAIGN
13.7.26 saroula01 One Misconfigured Server, Three Active Campaigns: Full exposure of three AiTM Phishing Operators CAMPAIGN CAMPAIGN
13.7.26 EchoLeak: The First Real-World Zero-Click Prompt Injection Exploit in a
Production LLM System
Large language model (LLM) assistants are increasingly integrated into enterprise workflows, raising new security concerns as they bridge internal and external data sources. This paper presents an in-depth case study of EchoLeak (CVE2025-32711), a zero-click prompt injection vulnerability in  Microsoft 365 Copilot that enabled remote, unauthenticated data exfiltration via a single crafted email. PAPERS PAPERS
13.7.26 SpAIware Spyware Injection Into Your ChatGPT's Long-Term Memory (SpAIware) MALWARE SpAIware
13.7.26 When Claws Remember but Do Not Tell: Stealthy Memory Injection in Persistent Personal Agents Persistent personal agents combine long-term memory with access to users’ external environments, enabling personalized foreground assistance and proactive background execution. This integration also creates a new path to compromise: untrusted external content can be silently written into persistent memory and later reused as trusted state. PAPERS PAPERS
13.7.26 AI-Assisted Cloud Attack Inside an AI-Assisted Cloud Attack: Familiar Techniques at Unfamiliar Speed ATTACK AI
13.7.26 GPPStorm GPPStorm: Fake Google Partner Invitations Target Workspace Credentials CAMPAIGN CAMPAIGN
12.7.26 Official jscrambler npm Package Compromised Official jscrambler npm Package Compromised Across Multiple Releases INCIDENT INCIDENT
12.7.26 Helix Helix, a New Name in the Data Extortion Ecosystem? GROUP Vishing
12.7.26 UNK_MassTraction One Email Closer to the Edge: UNK_MassTraction & the Physics of Exploitation GROUP Cluster
12.7.26 Forg365 Inside Forg365: A Telegram-Distributed Sneaky 2FA-Style PhaaS Targeting Microsoft 365 PHISHING Phishing-as-a-service
11.7.26 CVE-2026-48939 iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability KEV KEV
11.7.26 CVE-2026-56291 Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability KEV KEV
11.7.26 GNU Wget enables SSRF via unvalidated FTP PASV IPs GNU Wget, versions 1.25.0 and earlier, contains a server-side request forgery (SSRF) vulnerability in its implementation of FTP passive mode. Because Wget does not properly validate IP addresses obtained from PASV responses, an attacker-controlled FTP endpoint can redirect the client’s connection to arbitrary IPs, potentially exposing internal network host and service responses. ALERT ALERT
11.7.26 Bypassing Tangem Card Security with a Laser Attack After uncovering a genuine check bypass on the Tangem Android application and a brute-force attack on the card's authentication protocol, the Ledger Donjon turned its attention to the card itself with more advanced tools and sophisticated techniques. What we found is a critical vulnerability that lets an attacker with physical access to a single Tangem card reset its password and steal all associated funds. HACKING CARD
11.7.26 Teardrop Attack A teardrop attack is when an attacker sends deliberately crafted IP fragments with overlapped offsets and payload lengths to exploit this vulnerability. As a result, the system becomes overwhelmed and may crash or experience severe performance degradation. ATTACK IP
11.7.26 Card tear-off attack A card tear-off attack (or tearing attack) is a type of fault injection that exploits how smart cards and NFC tags handle power interruptions during write operations. By pulling a card away from an RFID reader or cutting the power at a precise millisecond, an attacker can prevent the card's chip from finalizing state changes. ATTACK NFC
11.7.26 Injective npm Supply Chain Attack: 18 Packages Backdoored to Steal Crypto Wallet Keys attackers used access to a trusted developer's account to slip a backdoor into a widely used software development kit for the Injective blockchain. Disguised as harmless analytics, the code quietly captured wallet recovery phrases and private keys and sent them to an attacker-controlled server the moment a wallet was created or loaded. HACKING CRYPTOCURRENCY
11.7.26 A Security Analysis of the OpenClaw AI Agent Framework AI agent frameworks that connect large language model (LLM) reasoning to host execution surfaces—shell, filesystem, containers, browser automation, and messaging platforms—introduce a class of security challenges that differs structurally from those of conventional software PAPERS PAPERS
10.7.26 Before Fraud Transacts Enabling Proactive Prevention for European Finance(In the Age of Al) WHITEPAPERS WHITEPAPERS
10.7.26 SCMBANKER - a PowerShell toolkit leveraged in a recent ClickFix campaign Researchers from Elastic reported on a new Mexican banking fraud operation dubbed REF6045. The attack begins when victims encounter deceptive verification screens mimicking CAPTCHA checks. These fraudulent pages trick users into manually executing a system command that downloads SCMBANKER, a malicious PowerShell-based toolkit. ALERTS VIRUS
10.7.26 Android Malware: Redwing Zimperium's zLabs team has published a report documenting RedWing, an Android spyware variant marketed as a subscription-based malware service through Telegram channels with apparent links to Russian threat actors. The MaaS integrates a customizable dropper constructor that generates convincing phishing sites mimicking legitimate app stores, delivering payloads that abuse Accessibility Services to achieve deep device compromise. ALERTS VIRUS
10.7.26 GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver to Disable Defenses Analysis of a recent GodDamn ransomware attack indicates that this seemingly new ransomware is in fact the latest rebrand of the Beast ransomware, which in itself was a rebrand of the Monster ransomware, which was first seen in 2022. The Symantec Threat Hunter Team tracks the developer behind these ransomware families as Hyadina. ALERTS RANSOM
10.7.26 Recent activities attributed to the Swallowtail threat group The 360 Advanced Threat Research Institute recently exposed a sophisticated cyberespionage campaign conducted by the notorious state-sponsored hacking group Swallowtail (aka APT-C-20, Fancy Bear, APT28). The group is known to leverage a multi-stage infection process starting with a deceptive, macro-enabled documents. To trick users, the file displays randomized characters and hides its malicious intent using visual object manipulation while presenting a fake Eastern European defense ministry decoy. ALERTS GROUP
10.7.26 Financially Motivated Actors Deploying Dual-Threat Vidar Stealer and XMRig Payloads Palo Alto Networks Unit 42 has recently identified a financially motivated campaign delivering a combination of info-stealing malware and cryptocurrency miners globally. The activity targets corporate and consumer endpoints primarily located in the United States and European Union by using malicious search advertisements for pirated applications. ALERTS VIRUS
10.7.26 MODBEACON Operation Phnom Penh: Silver Fox Ghost Distributor Targets Specific Victims with MODBEACON Custom Trojan MALWARE TROJAN
10.7.26 Operation Phnom Penh Operation Phnom Penh: Silver Fox Ghost Distributor Targets Specific Victims with MODBEACON Custom Trojan OPERATION OPERATION
10.7.26 XRING XRING: Crashing XQUIC with spec-compliant QPACK instructions HACKING VULNEREBILITY
10.7.26 WP-SHELLSTORM How WP-SHELLSTORM Exposed 1.4M WordPress Sites OPERATION OPERATION
10.7.26 Hidden Links: Analyzing Secret Families of VPN Apps Ownership transparency in the VPN ecosystem allows users to make informed decisions about who they trust with their data. Researchers have recently begun investigating the relationships between seemingly distinct providers and who operates them, but such analysis is currently limited to a small sample of providers in the VPN ecosystem. PAPERS PAPERS
10.7.26 CVE-2016-2183 The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. VULNEREBILITY VULNEREBILITY
10.7.26 CVE-2016-6329 OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack. VULNEREBILITY VULNEREBILITY
10.7.26 MVPNalyzer: An Investigative Framework for
Auditing the Security & Privacy of Mobile VPNs
Mobile users increasingly rely on Virtual Private Networks (VPNs) to protect themselves from tracking, surveillance, and censorship. VPN apps operate from a privileged position by requiring interception of user traffic. While this safeguards end user traffic from malicious network intermediaries (e.g. surveilling ISPs), it leads to a critical “transfer of trust” from such network intermediaries to VPN providers. PAPERS PAPERS
10.7.26 O-UNC-066 Vishing actors target Entra passkey enrollment GROUP GROUP
10.7.26 Beware of Agentic Botnets: Scalable Untargeted Promptware Attacks via Universal
and Transferable Adversarial HalluSquatting
The growing adoption of agentic LLM applicationshas introduced a new threat previously named as promptware. While prior work has established that adversaries can exploit direct channels to LLM applications to apply promptware (push adversarial prompts) under weak threat models (e.g., by sending emails or calendar invitations to a target), many applications do not provide any direct channels that could be exploited for prompt injection beyond the Internet. This raises a fundamental question: PAPERS PAPERS
10.7.26 PayRange Android app version 7.0.7 contains multiple vulnerabilities PayRange is a mobile payment app that allows users to pay for vending machines, laundromats, and other unattended machines using a smartphone with Bluetooth. Two vulnerabilities were discovered in version 7.0.7 of the PayRange app that is available in the Google Play store. ALERT ALERT
10.7.26 Xerte Online Toolkit contains an authentication bypass that allows for RCE Two vulnerabilities have been discovered in Xerte Online Toolkits, an open-source e-learning authoring toolsuite intended for the creation of learning materials within a web browser. ALERT ALERT
10.7.26 Adalo Database API Enables Cross-App User Data Extraction via Over-Fetching and Missing Authorization Controls Adalo’s no‑code application platform exposes complete user records through its database API for all applications built on both V1 and V2. Due to a platform-level flaw, authenticated users can retrieve full user data belonging to any Adalo application, regardless of configuration. This issue affects more than one million applications and placing developers and their end users at risk of data exposure that they cannot prevent or remediate. ALERT ALERT
10.7.26 BLUERABBIT BLUERABBIT: A Golang-Based Backdoor with Ransomware and Destructive Capabilities MALWARE BACKDOOR
10.7.26 GigaWiper GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware MALWARE WIPPER
9.7.26 Beast Ransomware The Nature of the Beast Ransomware RANSOM RANSOM
9.7.26 GodDamn Ransomware GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver to Disable Defenses RANSOM RANSOM
9.7.26 CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability VULNEREBILITY VULNEREBILITY
9.7.26 LapDogs Campaign Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign CAMPAIGN CAMPAIGN
9.7.26 SymJack SymJack: the approval prompt is lying to you. A symlink-hijack RCE in six AI coding agents AI AI
9.7.26 TrustFall TrustFall: coding agent security flaw enables one-click RCE in Claude, Cursor, Gemini CLI and GitHub Copilot AI AI
9.7.26 CVE-2026-39861 Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. VULNEREBILITY VULNEREBILITY
8.7.26 The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into a Multistep Malware Delivery Mechanism Prompt injection was initially framed as the largelanguage model (LLM) analogue of SQL injection. However, over the past three years, attacks labeled as prompt injection have evolved from isolated input-manipulation exploits into multistep attack mechanisms that resemble malware. In this paper, we argue that prompt injections evolved into promptware, a new class of malware execution mechanism triggered through prompts engineered to exploit an application’s LLM. PAPERS PAPERS
8.7.26 Git Hash Chain Malleability Git commit signing is widely entrusted to serve as evidence that a commit hash uniquely and immutably identifies a specific piece of signed content. We show this invariant does not hold. Given any signed commit, an attacker without access to the signing key, and without breaking SHA2 can produce a second, distinct commit with an identical tree, identical metadata, a valid signature, and a “Verified” badge from a Git Forge such as Github, differing only in its commit hash. PAPERS PAPERS
8.7.26 Great, Now Write an Article About That:
The Crescendo Multi-Turn LLM Jailbreak Attack
Large Language Models (LLMs) have risen significantly in popularity and are increasingly being adopted across multiple applications. These LLMs are heavily aligned to resist engaging in illegal or unethical topics as a means to avoid contributing to responsible AI harms. However, arecent line of attacks, known as “jailbreaks”, seek to overcome this alignment. Intuitively, jailbreak attacks aim to narrow the gap between what the model can do and what it is willing to do. In this paper, we introduce a novel jailbreak attack called Crescendo PAPERS PAPERS
8.7.26 Smoke and Mirrors: Jailbreaking LLM-based Code Generation via Implicit Malicious Prompts The proliferation of Large Language Models (LLMs) has revolutionized natural language processing and significantly impactedcode generation tasks, enhancing software development efficiency and productivity. Notably, LLMs like GPT-4 have demonstrated remarkable proficiency in text-to-code generation tasks. However, the growing reliance on LLMs for code generation necessitates a critical examination of the safety implications associated with their outputs. Existing research efforts have primarily focused on verifying the functional correctness of LLMs, overlooking their safety
in code generation.
PAPERS PAPERS
8.7.26 RedCode: Risky Code Execution and Generation
Benchmark for Code Agents
With the rapidly increasing capabilities and adoption of code agents for AI-assistedcoding and software development, safety and security concerns, such as generating or executing malicious code, have become significant barriers to the real-world  deployment of these agents. To provide comprehensive and practical evaluations on the safety of code agents, we propose RedCode, an evaluation platform with benchmarks grounded in four key principles: real interaction with systems, holistic evaluation of unsafe code generation and execution, diverse input formats, and highquality safety scenarios and tests. PAPERS PAPERS
8.7.26 Refusal-Trained LLMs Are Easily Jailbroken
As Browser Agents
For safety reasons, large language models (LLMs) are trained to refuse harmful user instructions, such as assisting dangerous activities. We study an openquestion in this work: does the desired safety refusal, typically enforced in chat contexts, generalize to non-chat and agentic use cases? Unlike chatbots, LLM agents equipped with general-purpose tools, such as web browsers and mobile devices, can directly influence the real world, making it even more crucial to refuse harmful instructions. In this work, we primarily focus on red-teaming browser agents – LLMs that manipulate information via web browsers PAPERS PAPERS
8.7.26 Refused in Chat, Written in Code: Workflow-Level
Jailbreak Construction in IDE Coding Agents.
Large language models are increasingly deployed as IDE-integrated coding agents that decompose tasks, generate and edit files, run code, and refine outputs over many turns. Yet their safety is still often evaluated as if they were chatbots: one harmful prompt, one response, judged in isolation. We introduce workflowlevel jailbreak construction, a failure mode in which a harmful objective is assembled across ordinary stages of a softwaredevelopment workflow rather than generated through a single direct prompt. PAPERS PAPERS
8.7.26 CVE-2026-55116 A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-54402 A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-55115 A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) in UniFi Protect Application to escalate privileges on the host device. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-54400 A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-50748 A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-50747 A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-50746 A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device. VULNEREBILITY VULNEREBILITY
8.7.26 SCMBANKER ClickFix to Cash-Out: Anatomy of a Mexican Banking-Fraud Toolkit VULNEREBILITY VULNEREBILITY
8.7.26 UAT-7810 UAT-7810 continues building ORB networks using new malware MALWARE BANKING
8.7.26 CVE-2025-2492 An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions. Refer to the 'ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2023-25717 Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2020-22658 In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to switch completely to unauthorized image to be Boot as primary verified image. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2020-22653 In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to exploit the official image signature to force injection unauthorized image signature. VULNEREBILITY VULNEREBILITY
8.7.26 Newly Unveiled Cavern C2 Toolset Targets Israeli Government and IT Sectors A sophisticated Iran-nexus threat actor dubbed Cavern Manticore has deployed a new post-exploitation framework targeting Israeli networks. Known as "Cavern," this highly modular toolset stands out because it deliberately splits its components across three distinct .NET compilation formats. By blending pure .NET, Mixed-Mode C++/CLI, and NativeAOT binaries, the malware forces defenders to switch between entirely different reverse-engineering workflows, serving as an effective anti-analysis barrier. ALERTS APT
8.7.26 FBI Warns of TeamPCP Cybercrime Group Compromising CI/CD Pipelines An FBI flash alert warns of extensive software supply chain breaches conducted by the cybercriminal organization TeamPCP. Security teams should monitor for specific custom malware deployed during these operations. This includes CanisterWorm, which is built to harvest cloud access tokens and API keys across AWS, Azure, and GCP infrastructure. ALERTS GROUP
8.7.26 Fake VPN and Media Tools Deliver MarkiRAT According to Insikt Group, an Iran-linked surveillance campaign is distributing MarkiRAT through fraudulent VPN, media-player and utility applications. The activity primarily targets Farsi-speaking users in Iran, as well as Iranian dissidents and anti-government communities in Europe and North America. ALERTS VIRUS
8.7.26 WriteOut WriteOut: Abusing the Sandbox for a Critical Cross-Tenant Vulnerability in Writer AI VULNEREBILITY VULNEREBILITY
8.7.26 GitLost GitLost: How We Tricked GitHub’s AI Agent into Leaking Private Repos VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-26030 Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote code execution vulnerability in versions prior to 1.39.4, specifically within the `InMemoryVectorStore` filter functionality. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-25592 Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. Prior to 1.71.0, an Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-48282 (CVSS score: 10.0) - A path traversal vulnerability in Adobe ColdFusion that could lead to arbitrary code execution in the context of the current user. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-56290 (CVSS score: 10.0) - An improper access control vulnerability in Joomlack Page Builder that could allow for remote code execution via unauthenticated arbitrary file upload. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-55255 (CVSS score: 6.1) - An authorization bypass through a user-controlled key vulnerability in Langflow that could allow an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request. VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-48908 (CVSS score: 10.0) - An unrestricted upload of a file with a dangerous type vulnerability in JoomShaper SP Page Builder that allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code. VULNEREBILITY VULNEREBILITY
8.7.26 GhostLock 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros VULNEREBILITY VULNEREBILITY
8.7.26 CVE-2026-43499 In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter() remove_waiter() is used by the slowlock paths, but it is also used for proxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from futex_requeue(). VULNEREBILITY VULNEREBILITY
8.7.26 Oblivion Oblivion: The New $300 Android RAT That Beats Every Major Phone Manufacturer’s Security MALWARE RAT
8.7.26 RedWing RedWing: A Mobile Malware-as-a-Service Operation MALWARE ANDROID
8.7.26 Rogue Agent Rogue Agent: How a Single Code Block Could Hijack Your AI Conversations in Google’s DialogFlow CAMPAIGN CAMPAIGN
7.7.26 DEBULL DEBULL: Storm-2372-Style Microsoft Device-Code Phishing With GraphSpy Post-Exploitation MALWARE TOOL
7.7.26 Vshell Vshell: A Chinese-Language Alternative to Cobalt Strike MALWARE TOOL
7.7.26 CVE-2026-11405 The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification (prod_encode64/PasswordToMd5/check_rand_key). VULNEREBILITY VULNEREBILITY
7.7.26 Tenda firmware (multiple versions) contains hidden authentication backdoor Several versions of Tenda firmware contain an undocumented authentication backdoor that grants administrative access to the devices' web management interfaces. An attacker can expoit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process and obtain full administrative control without valid credentials. ALERT ALERT
7.7.26 HP Deskjet 2800 Printer Series Webservers contain Missing Authorization Vulnerability HP Printers in the Deskjet 2800 Series running firmware version <=TBP1CN2612AR contain a missing authorization vulnerability tracked as CVE-2026-13753. This vulnerability allows unauthenticated access to the printer's webserver API endpoints, exposing Wi-Fi credentials, management configuration details, and sensitive security data normally restricted to administrative users. ALERT ALERT
7.7.26 CVE-2026-40138 A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. VULNEREBILITY VULNEREBILITY
7.7.26 CVE-2026-40139 A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. VULNEREBILITY VULNEREBILITY
7.7.26 CVE-2026-40140 BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. VULNEREBILITY VULNEREBILITY
7.7.26 CVE-2026-40141 A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters. VULNEREBILITY VULNEREBILITY
7.7.26 Cavern Manticore Cavern Manticore: Exposing Iran-Linked Modular C2 Framework GROUP GROUP
7.7.26 CVE-2025-52691 SmarterMail remote code execution vulnerability VULNEREBILITY VULNEREBILITY
7.7.26 CVE-2025-68613 n8n remote code execution vulnerability VULNEREBILITY VULNEREBILITY
7.7.26 CVE-2025-9316 N-Central unauthenticated sessionID generation vulnerability VULNEREBILITY VULNEREBILITY
7.7.26 CVE-2025-34291 Langflow remote code execution vulnerability VULNEREBILITY VULNEREBILITY
7.7.26 CVE-2025-54068 Laravel Livewire remote code execution vulnerability VULNEREBILITY VULNEREBILITY
6.7.26 Januscape Januscape: Guest-to-Host Escape in KVM/x86 VULNEREBILITY VULNEREBILITY
6.7.26 CVE-2026-53359 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad ("KVM: x86: Fix shadow paging use-after-free due to unexpected GFN") fixed a shadow paging mismatch between stored and computed GFNs; the bug could be triggered by changing a PDE mapping from outside the guest, and then deleting a memslot. VULNEREBILITY VULNEREBILITY
6.7.26 CVE-2026-20896 Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER` VULNEREBILITY VULNEREBILITY
6.7.26 Reflecthernet: Exfiltrating 100BASE-TX Ethernet Traffic Using a Retroreflector Hardware Trojan This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessible. Electromagnetic eavesdropping is a well-established attack vector for remotely monitoring a target activity, most notably displays, over considerable ranges. PAPERS PAPERS
6.7.26 TEMPEST-LoRa: Cross-Technology Covert Communication Electromagnetic (EM) covert channels pose significant threats to computer and communications security in air-gapped networks. Previous works exploit EM radiation from various components (e.g., video cables, memory buses, CPUs) to secretly send sensitive information. PAPERS PAPERS
6.7.26 TrojPix: Electromagnetic Covert Channels via Imperceptible Pixel Modulation Air-gapped networks rely on physical isolation to prevent external connectivity. Prior electromagnetic (EM) covert channels have exploited emissions from video cables, memory buses, and CPUs, yet they rarely achieve high throughput, long range, and visual imperceptibility simultaneously, limiting practical utility in air-gapped settings. PAPERS PAPERS
6.7.26 QuimaRAT Novel Java-Based QuimaRAT Targets Windows, macOS, and Linux MALWARE RAT
6.7.26 Cyber Criminal Group TeamPCP The Federal Bureau of Investigation (FBI) is releasing this FLASH to highlight the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with the cyber criminal group TeamPCP. IC3 IC3 INDUSTRY
6.7.26 Cloak and Detonate: Scanner Evasion and Dynamic Detection of Agent Skill Malware LLM coding agents increasingly rely on third-party agent skills from public marketplaces, which execute with the agent's privileges and create a software supply-chain attack surface: a malicious skill can steal credentials, exfiltrate source code, or install backdoors. PAPERS PAPERS
6.7.26 Cloak and Detonate: Scanner Evasion and Dynamic Detection of Agent Skill Malware LLM coding agents increasingly rely on third-party agent skills from public marketplaces, which execute with the agent's privileges and create a software supply-chain attack surface: a malicious skill can steal credentials, exfiltrate source code, or install backdoors. HACKING AI MALWARE
5.7.26 ChocoPoC This article details a campaign targeting vulnerability researchers with "ChocoPoC" malware embedded inside trojanised Python dependencies. Exploiting the pressure to quickly test new vulnerabilities, threat actors distribute a persistent Remote Access Trojan (RAT) that exfiltrates data and harvests credentials from compromised developer environments. MALWARE RAT
5.7.26 CVE-2026-20230 A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. VULNEREBILITY VULNEREBILITY
5.7.26 CVE-2026-46817 Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. VULNEREBILITY VULNEREBILITY
5.7.26 Operation Navy Ghost Operation Navy Ghost: How Attackers Planted a Telegram-Powered Backdoor Across Fake pyrogram Packages on PyPI OPERATION OPERATION
5.7.26 CVE-2026-33825 Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally. VULNEREBILITY VULNEREBILITY
5.7.26 Operation Contagious Interview The most effective social engineering campaigns don’t rely on obvious red flags or technical exploits. They move through familiar business interactions, like hiring conversations, project discussions, and routine follow-ups that are designed to feel legitimate from the start. OPERATION OPERATION
5.7.26 PolinRider PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems CAMPAIGN CAMPAIGN
4.7.26 PureLog Stealer distributed via Veil#Drop framework Veil#Drop is a sophisticated, multi-phase malware delivery framework designed to deploy PureLog Stealer directly into a system's memory. As reported by researchers from Securonix, the infection chain begins with social engineering, tricking victims into opening a malicious JavaScript file disguised as a legitimate PDF. ALERTS VIRUS
4.7.26 Silent Swap Campaign Deploys Malicious Notes Extension to Intercept Crypto Transactions In a recent write-up, McAfee Advanced Threat Research details an active campaign, dubbed Silent Swap, that distributes a cryptocurrency-stealing browser extension via sideloading. Delivered via unsigned .NET and Golang installers, the malware targets Chromium-based browsers on Windows endpoints, opportunistically scanning for active browser profiles. ALERTS VIRUS
4.7.26 QuimaRAT: Cross-Platform Remote Access Trojan LevelBlue has published a report on QuimaRAT, a subscription-based Java remote access trojan designed for Windows, Linux, and macOS. Per their analysis, QuimaRAT decrypts its embedded configuration, validates the host environment, installs platform-specific persistence, and connects to operator infrastructure. ALERTS VIRUS
4.7.26 CVE-2026-55255 - LangFlow vulnerability CVE-2026-55255 is a recently disclosed critical (CVSS score 9.9) Authentication Bypass vulnerability affecting Langflow (pip), which is an open-source tool for building and deploying AI-powered agents and workflows. If successfully exploited the flaw might allow an authenticated attacker to execute any flow belonging to another user leading to cross-tenant access and potential data exposure. The vulnerability has been fixed in 1.9.2 version of the product. ALERTS VULNEREBILITY
4.7.26 Multiple local privilege escalation vulnerabilities in Little Orbits GameFirst Anti-Cheat The GamersFirst Anti-Cheat (GFAC) driver GFAC.sys contains multiple local privilege escalations and denial-of-service vulnerabilities stemming from insecure handling of user-controlled input through a minifilter communication port. A local attacker can abuse these flaws to perform arbitrary kernel memory writes, obtain privilege escalation to SYSTEM, or trigger a system crash. ALERT ALERT
4.7.26 Bad Epoll In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix ep_remove struct eventpoll / struct file UAF ep_remove() (via ep_remove_file()) cleared file->f_ep under file->f_lock but then kept using @file inside the critical section (is_file_epoll(), hlist_del_rcu() through the head, spin_unlock). A concurrent __fput() taking the eventpoll_release() fastpath in that window observed the transient NULL, skipped eventpoll_release_file() and ran to f_op->release / file_free(). VULNEREBILITY VULNEREBILITY
4.7.26 CVE-2026-46242 In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix ep_remove struct eventpoll / struct file UAF ep_remove() (via ep_remove_file()) cleared file->f_ep under file->f_lock but then kept using @file inside the critical section (is_file_epoll(), hlist_del_rcu() through the head, spin_unlock). A concurrent __fput() taking the eventpoll_release() fastpath in that window observed the transient NULL, skipped eventpoll_release_file() and ran to f_op->release / file_free(). VULNEREBILITY VULNEREBILITY
4.7.26 CVE-2026-31694 In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuse_add_dirent_to_cache() computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. VULNEREBILITY VULNEREBILITY
4.7.26 Avalon New Avalon Malware Framework MALWARE FRAMEWORK
4.7.26 CVE-2026-6684  (CVSS 4.6, Medium) – CVE-2026-6684 covers a GPT entry-count abuse case that can trigger effectively unbounded scanning in older trees. That creates a severe mount-time DoS in affected pre-R0.16 implementations, especially painful in boot paths, but it is ranked last here because upstream R0.16 added protective GPT validation. Now, it's up to implementers to upgrade. VULNEREBILITY VULNEREBILITY
4.7.26 CVE-2026-6686 (CVSS 4.6, Medium) – CVE-2026-6686 describes an uninitialized-cluster exposure path where extending files beyond EOF can leak stale data from previously deleted content. It is an information-disclosure bug with real consequences in multi-stage boot/update and shared-media environments. VULNEREBILITY VULNEREBILITY
4.7.26 CVE-2026-6683 (CVSS 4.6, Medium) – CVE-2026-6683 documents a divide-by-zero condition in exFAT sync/write flows that can be triggered by crafted media and produce reliable crash behavior. In update contexts, this can become a practical bricking vector. While generally more "DoS than RCE," it still offers meaningful attacker value against availability, especially given the OTA implications. VULNEREBILITY VULNEREBILITY
4.7.26 CVE-2026-6685 (CVSS 6.1, Medium) – CVE-2026-6685 describes a condition where on fragmented volumes, arithmetic wrap can drive stale dirty-cache behavior and out-of-bounds memory effects in read/write paths. This can manifest as silent corruption, which is exactly the kind of bug operators hate most: hard to detect, easy to misdiagnose, and dangerous in control/data-logging workloads. VULNEREBILITY VULNEREBILITY
4.7.26 CVE-2026-6688 (CVSS 7.6, High) – With LFN enabled, fno.fname can be much larger than many caller buffers expect, as described by CVE-2026-6688. The bug class appears repeatedly in integrations (strcpy, sprintf, fixed-size name/path fields). This one is tricky to fix entirely in FatFs directly (since exploitation depends on wrappers copying long filenames into undersized local buffers), but it could be mitigated by FatFs changes that make filename lengths and truncation/validation outcomes more explicit to callers. VULNEREBILITY VULNEREBILITY
4.7.26 CVE-2026-6687 (CVSS 7.6, High) – CVE-2026-6687 describes a condition where the exFAT label length field is not adequately capped, enabling oversized writes into caller-provided label buffers. This is especially painful where canonical examples and generated code use small stack buffers. It is a clean memory-corruption primitive in a path many firmware projects expose, at least where exFAT has been enabled. VULNEREBILITY VULNEREBILITY
4.7.26 CVE-2026-6682 In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume() where fasize *= fs->n_fats can wrap, leading to attacker-controlled file-size metadata and unsafe read lengths in downstream callers. VULNEREBILITY VULNEREBILITY
4.7.26 Glitch SPY CRIL analyzes Glitch SPY, an Android RAT with 70+ commands, crypto-clipping, and a silent remote browser, giving attackers full device control. MALWARE RAT
4.7.26 Banana RAT In this blog entry, researchers from the TrendAI™ MDR team discuss how they mapped the full end-to-end operation of SHADOW-WATER-063’s Banana RAT banking malware by analyzing server-side artifacts and victim-side data. MALWARE RAT
4.7.26 Void Dokkaebi’s Void Dokkaebi, a North Korea-aligned intrusion set, has updated its information-stealing malware, InvisibleFerret, shifting its delivery format to evade script-based detections. MALWARE STEALER
4.7.26 TONResolver RAT In this blog entry, TrendAI™ Research examines a wave of phishing emails observed in May 2026 that targeted Japanese accommodation facilities using Booking.com, detailing the victims, attack techniques used, and characteristics of the malware involved. MALWARE ANDROID
4.7.26 Arsink RAT The SonicWall Capture Labs threat research team identified an ongoing Android Remote Access Trojan (RAT) campaign that employs multiple techniques to harvest sensitive user information through phishing and data exfiltration activities by impersonating the actual app icons and using similar names. MALWARE ANDROID
4.7.26 Operation DragonReturn Authors: Dixit Panchal & Soumen Burma Table of Contents: Introduction: Key Targets: Infection Chain: Initial Findings about Campaign: Initial Mail: Email Attachment: Lure: Official GoI, Income Tax Document: Technical Analysis: Infrastructural Artefacts & Threat actor Attributions. Campaign Timeline. OPERATION OPERATION
3.7.26 BusySnake Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign MALWARE STEALER
3.7.26 PamStealer PamStealer: a Rust-based macOS infostealer that validates credentials through PAM MALWARE STEALER
3.7.26 Vect Analysis Vect is a newly observed RaaS operation that emerged in December of 2025, with affiliate recruitment and victim postings following shortly after in January 2026. Following the 19th of March 2026 Trivy/LiteLLM supply chain attack conducted by TeamPCP, in which ~340 GB uncompressed data was stolen, Vect announced on the dark web forum “Breached” that they would be partnering with TeamPCP. ANALÝZA ANALÝZA
3.7.26 ‘Popa’ Botnet For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. BOTNET BOTNET
2.7.26 ToddyCat ToddyCat: your hidden email assistant. Part 2 APT APT
2.7.26 JADEPUFFER JADEPUFFER: Agentic ransomware for automated database extortion RANSOM RANSOM
2.7.26 CVE-2026-45659 Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability VULNEREBILITY VULNEREBILITY
2.7.26 CVE-2026-42880 Kubernetes Secret Extraction via ArgoCD ServerSideDiff VULNEREBILITY VULNEREBILITY
2.7.26 CVE-2025-55190 Project API Token Exposes Repository Credentials VULNEREBILITY VULNEREBILITY
2.7.26 CVE-2024-31989 Use of Risky or Missing Cryptographic Algorithms in Redis Cache VULNEREBILITY VULNEREBILITY
2.7.26 AsyncRAT Reloaded AsyncRAT Reloaded: Using Python and TryCloudflare for Malware Delivery Again MALWARE RAT
2.7.26 Veil#Drop Veil#Drop: Blogspot-Hosted PowerShell Loader Delivers PureLog Stealer Through XOR-Encoded In-Memory .NET Payloads MALWARE LOADER
1.7.26 CVE-2026-50548 abuses a setting. The sandbox permits writes into a command's working folder, and that folder is an optional parameter, working_directory, on Cursor's run_terminal_cmd tool. When the agent sets it to a non-default path, Cursor adds that path to the allowed-write list without question. Injected instructions point it at a system file instead of the project. Overwrite the sandbox helper itself (on macOS, /Applications/Cursor.app/Contents/Resources/app/resources/helpers/cursorsandbox), and later commands run with no sandbox at all. Startup files like ~/.zshrc work as targets too. VULNEREBILITY VULNEREBILITY
1.7.26 CVE-2026-50549 abuses a safety check. Before writing, Cursor resolves shortcuts (symlinks) to confirm the real destination sits inside your project. The bug is the fallback: when that check fails, because the target does not exist or the attacker removes read access from a folder in the path, Cursor gives up and trusts the shortcut's in-project path instead. An attacker creates a shortcut that points outside the project, forces the check to fail, and Cursor writes straight through it to the same sandbox helper. Same escape, different door. VULNEREBILITY VULNEREBILITY
1.7.26 DuneSlide DuneSlide: Two Critical RCE vulnerabilities via Zero-Click Prompt Injection in Cursor IDE VULNEREBILITY VULNEREBILITY
1.7.26 LSHIY CAMPAIGN No (Bad) CAP: Inside an Ongoing LSHIY Password Spray Attack CAMPAIGN CAMPAIGN
1.7.26 Global Incident Response Report 2026 While these four trends each present a challenge, attacker success is rarely determined by a single attack vector. In more than 750 incident response (IR) engagements, 87% of intrusions involved activity across multiple attack surfaces. This means defenders must protect endpoints, networks, cloud infrastructure, SaaS applications and identity together. REPORT REPORT
1.7.26 Phantom Squatting Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector HACKING AI
1.7.26 ClickFix: The Gift That Keeps On Giving In the beginning of June I presented the session ClickFix: The Gift That Keeps On Giving at OrangeCon. ClickFix emerged around 2024 and saw a 517% increase in 2025 as described by SANS, the effectiveness of this technique is something we will have to deal with for the upcoming years. HACKING ClickFix
1.7.26 Microsoft Digital Defense Report 2025 Lighting the path to a secure future REPORT REPORT
1.7.26 Espionage Group Abuses Legitimate Cloud Platform in Campaigns Against India In a recent write-up, Acronis TRU Security details two cyber espionage campaigns orchestrated by the China-aligned threat actor Fireant (aka Mustang Panda) against the government and hydropower sectors in India. The threat group compromised public networks, including workstations used by senior administrative personnel, using spear-phishing emails containing malicious ZIP archives. ALERTS CAMPAIGN
1.7.26 TinyRCT backdoor delivered in CL-STA-1062 campaign Active since early 2022, a Chinese-speaking cyberespionage collective tracked as CL-STA-1062 (aka UAT-7237) has maintained a persistent focus on strategic entities across East and Southeast Asia. As reported by Palo Alto researchers, lately the group targeted state-owned energy and governmental organizations in Southeast Asia. To execute their operations, these threat actors employ a blended toolkit. ALERTS CAMPAIGN
1.7.26 CVE-2026-8451 (CVSS score: 8.8) - An insufficient input validation vulnerability leading to memory overread when NetScaler ADC or NetScaler Gateway is configured as a SAML IDP VULNEREBILITY VULNEREBILITY
1.7.26 CVE-2026-8452 (CVSS score: 8.8) - A memory overflow vulnerability leading to unpredictable or erroneous behavior and denial-of-service when the appliance is configured as a Gateway or an AAA virtual server VULNEREBILITY VULNEREBILITY
1.7.26 CVE-2026-8655 (CVSS score: 8.8) - Multiple memory overflow vulnerabilities leading to unpredictable or erroneous behavior and denial-of-service when NetScaler ADC is configured as an LB of type Oracle, a DNS Proxy, or a DNS recursive resolver deployment VULNEREBILITY VULNEREBILITY
1.7.26 CVE-2026-10816 (CVSS score: 7.7) - An external control of the file name of the path vulnerability leading to unauthenticated, arbitrary file read when access to NSIP, Cluster Management IP, or SNIP with management access is enabled VULNEREBILITY VULNEREBILITY
1.7.26 CVE-2026-10817 (CVSS score: 6.9) - An insufficient input validation vulnerability leading to memory overread when TCP TimeStamp is enabled in TCP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler VULNEREBILITY VULNEREBILITY
1.7.26 CVE-2026-13474 (CVSS score: 8.7) - A missing release of memory after effective lifetime vulnerability leading to denial-of-service via malformed HTTP/2 requests when HTTP/2 is enabled in the HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler VULNEREBILITY VULNEREBILITY
1.7.26 Securing AI agents Securing AI agents: When AI tools move from reading to acting AI AI
1.7.26 RustDuck RustDuck: An In-Depth Analysis of a Two-Stage Botnet BOTNET BOTNET