-
Threat actors have resurfaced with an upgraded SHub stealer for macOS, now branded “Reaper,” and they’re using a stealthy distribution trick that should worry every Mac user. Attackers build fake download pages for popular apps (WeChat, Miro and others…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AI-powered malware is moving from theory to reality, with new proof-of-concept worms showing how large language models (LLMs) can autonomously compromise mixed networks of Linux, Windows, and IoT devices while parasitically hijacking GPU compute for th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Taxonomy of Failure Modes in Agentic AI Systems v2.0 published in April 2026, the field received more than a classification update: it got operational guidance grounded in a year of real-world red teaming that exposed how quickly agentic AI systems tra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a fresh alert warning organizations about the active exploitation of a Linux kernel vulnerability tracked as CVE-2022-0492. The flaw, categorized as an improper authentication …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed a high-severity vulnerability in its Catalyst SD-WAN Manager that is actively being exploited in the wild, allowing attackers to execute arbitrary commands with root-level privileges on affected systems. The vulnerability, tracked a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Let’s Encrypt has unveiled a new approach to securing the web against future quantum threats: Merkle Tree Certificates (MTCs), a post-quantum–ready certificate model designed to maintain the speed and reliability of today’s TLS ecosystem. As the indust…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated typosquatting attack targeting Python developers through a malicious package named “parsimonius” on the Python Package Index (PyPI). The rogue package was engineered to impersonate the legitimate parsimonious parsing library…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
BRICKSTORM is a modular remote access trojan (RAT) originally seen in Golang and later in Rust. It uses a wssoft library with pluggable “tasks” for shell commands, a Socks5 proxy, and a simple web server for file listing. An incident response engagemen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed three critical vulnerabilities in its Edge browser, all discovered during the Pwn2Own competition and reported by security researcher Orange Tsai of DEVCORE Research Team. The flaws, tracked as CVE-2026-45492, CVE-2026-45494, an…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VECT 2.0 ransomware can leave victims with files that even the attacker’s own decryptor cannot reliably restore. While researchers previously exposed a cross-platform design flaw that discards nonces for earlier parts of large files, our Windows-focuse…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
