all—News
Top News
Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs
June 29, 2026New Avalon Malware Framework Packs CrownX Ransomware Capabilities
July 3, 2026Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service
July 1, 2026Microsoft fixes Windows Server 2016 security update failures
June 18, 2026Max severity Adobe ColdFusion flaw now exploited in attacks
July 6, 2026⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More
July 6, 2026Latest News
Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security FlawsMozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published. The vulnerabilities are listed below - CVE-2026-15718, an invalid pointer in the JavaScript: WebAssembly component CVE-2026-15719, a site isolation in the DOM: Navigation component "We are aware that exploit code for this is public, however we are not aware of
SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.For years, routing traffic through cloud proxies was good enough. Then work moved to the browser, AI entered the workflow, and the inspection model stopped keeping up. Enterprise workflows now live across SaaS applications, browsers, and an expanding ecosystem of generative AI tools, unsanctioned browser extensions, and autonomous agents. Employees routinely paste intellectual property into
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch TuesdaySecurity researcher Chaotic Eclipse (aka Nightmare-Eclipse) has released a new proof-of-concept (PoC) exploit called LegacyHive. It has been described as a Windows User Profile Service arbitrary hive load elevation of privileges vulnerability. The Windows User Profile Service, also referred to as ProfSvc, is a core system component that manages user accounts and environments. "The PoC requires
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code ExecutionOpen a repository in Cursor on Windows and, if a file named git.exe is sitting in the project root, Cursor runs it. No click, no approval dialog, no warning that anything in the folder is about to execute. Whatever that binary does, it does as you, with your source, your SSH keys and your cloud tokens. Cursor keeps re-running it for as long as the project stays open. No prompt
CISA warns admins to patch actively exploited SharePoint flawsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that attackers are actively exploiting three vulnerabilities to hack Internet-exposed on-premises SharePoint Server instances.
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet MalwareFour compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security, SafeDep, Socket, and StepSecurity. The affected packages are listed below - @asyncapi/[email protected] @asyncapi/[email protected] @asyncapi/[email protected] @asyncapi/specs(v6.11.2, v6.11.2-alpha.1) "The
Microsoft: Some Dell PCs shut down after recent Windows updatesMicrosoft is blocking this month's Windows 11 security updates on some Dell devices because they are causing shutdowns and performance issues.
US charges alleged operators of Russian bulletproof hosting serviceU.S. federal prosecutors have unsealed charges against three Russian nationals, accusing them of providing bulletproof hosting (BPH) services to ransomware gangs that caused over $62 million in damages to victims worldwide.
Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin CommandsSonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution. The vulnerabilities are listed below - CVE-2026-15409 (CVSS score: 10.0) - A Server-side request forgery (SSRF) vulnerability that a remote unauthenticated attacker could exploit to
SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch nowSonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly released security updates.