Latest stories — Page 30

Russia's Tech Embargo Run-Around: Shell Companies, Middlemen, and Embedded Spies
Western sanctions were supposed to starve Moscow's military-industrial base of critical components. Instead, Russian intelligence built a procurement machine to go get them anyway.

Exploit Code Goes Public for Critical Flowise One-Click RCE Flaw
A published proof-of-concept puts every self-hosted Flowise deployment at risk of full remote code execution — no authentication required from the attacker, just a malicious chatflow import.

CIFSwitch: Linux Kernel Key-Handling Bug Hands Out Root Across Major Distros
A local privilege escalation in the kernel's CIFS authentication path lets an unprivileged user forge key descriptions and walk away with root.

One Bad Character in a Host Header Breaks Auth for Thousands of FastAPI Apps
A parsing gap in Starlette lets unauthenticated requests reach protected routes — and the blast radius runs deep into the AI inference stack.

Palo Alto GlobalProtect Auth Bypass Hits Live Exploitation
CVE-2026-0257 lets attackers stand up unauthorized VPN sessions against PAN-OS and Prisma Access. Patches are out. So are the exploits.

India Sets a 12-Hour Clock on Exploited Vulnerabilities. Can Enterprises Actually Do It?
CERT-In's new AI-threat framework resets expectations around patch velocity — but the real test is whether organizations even know what's exposed.

GREYVIBE: New Russian-Speaking Cluster Tied to Sustained Operations Against Ukraine
Researchers attribute an August 2025 campaign wave to a previously undocumented actor whose tasking patterns align with Kremlin interests.

GlassWorm Is Down. The Repository Problem Isn't.
CrowdStrike, Google, and Shadowserver severed four C2 channels simultaneously. Meanwhile, 157 OSV false positives quietly eroded trust in the tools defenders depend on.

AI in Cyber Operations: From Scripts to Autonomous Systems
AI's role in cyber operations is not just about speed anymore. It's about scale and autonomy, reshaping offensive capabilities.

FBI Flags Silent Ransom Group's Physical Intrusion Tactic Against U.S. Law Firms
The threat actor known as Silent Ransom Group has added walk-in impersonation to its toolkit, sending actors posing as IT support into law firm offices to insert storage devices into employee computers.

IBM and Red Hat Launch Project Lightwell to Tackle Open Source Vulnerabilities
With a $5 billion investment, Project Lightwell aims to expedite vulnerability remediation in open source software.

Notepad++ Flaws Allow Command Execution Via XML Files
Recent vulnerabilities in Notepad++ enable arbitrary code execution on Windows through XML manipulation.

Swiss Team Claims Quantum Chip Setup Generates Truly Perfect Random Numbers
ETH Zurich researchers say two superconducting qubits and 30 meters of microwave pipe can certifiably eliminate bias from cryptographic key generation — forever.

Microsoft and Researcher Nightmare Eclipse Trade Public Accusations Over Disclosure Gone Wrong
A researcher who published unpatched vulnerability details says Microsoft deleted his accounts and ruined his life. Microsoft says his drops put proof-of-concept code in criminals' hands. Neither is entirely wrong.

ChatGPhish: When ChatGPT's Markdown Renderer Becomes a Phishing Vector
Permiso researchers show how implicit trust in Markdown links and images inside ChatGPT responses turns the assistant into a credible delivery surface for prompt injection and credential theft.

Three Stories You Probably Missed: Trump Mobile Leak, FIFA Phishing, and CISA's Supply Chain Cleanup
A customer data exposure, a tournament-themed phishing campaign, and a federal agency scrambling to respond to upstream compromise — a busy week for the incidents no one headlined.

LLM Agent Spotted Driving Post-Exploitation After Marimo Notebook Compromise
An unattributed intrusion set chained CVE-2026-39987 against an exposed Marimo notebook, then handed the keyboard to a language model.

The Linux Foundation Wants DNS to Be the Phone Book for AI Agents
DNS-AID proposes using existing DNS infrastructure for agent discovery — no new directories, no vendor lock-in, no new protocols to trust.

DDoS-as-a-Service Grows Up: Tiered Pricing, Reseller Programs, Real Support Tickets
The booter market has shed its script-kiddie aesthetic. Today's stresser panels look like SaaS — because operationally, they are.

MokN Banks $15M to Turn Phishing Infrastructure Against Attackers
The startup's decoy access-point platform tries to catch credential thieves in the act — before stolen logins get used.

Critical Argument Injection Zero-Day in Gogs Puts Self-Hosted Git Servers at Risk
A CVSS 9.4 flaw lets authenticated attackers execute arbitrary code through maliciously named pull-request branches — no patch is available.