-
Amazon issued a critical security bulletin (2026-005-AWS) detailing three high-severity vulnerabilities in AWS-LC, its open-source cryptographic library. Discovered through a coordinated disclosure process with the AISLE Research Team, these flaws pose…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Linux rootkits have historically received less attention than their Windows counterparts, but the rapid adoption of Linux in cloud infrastructure, containers, and IoT devices has shifted the threat landscape. Attackers are constantly innovating, and ov…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A highly sophisticated China-linked threat actor, identified as UAT-9244, has been actively targeting critical telecommunications infrastructure across South America since 2024. Security researchers assess with high confidence that UAT-9244 exhibits cl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a major law enforcement operation, authorities have arrested a U.S. government contractor accused of executing a massive cryptocurrency theft. John Daghita allegedly stole over $46 million in digital assets from the United States Marshals Service (U…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability in the popular WordPress User Registration & Membership plugin allows unauthenticated attackers to easily create administrator accounts. The severe flaw, officially tracked as CVE-2026-1492, currently affects all p…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google Threat Intelligence Group (GTIG) reported 90 zero-day vulnerabilities actively exploited in the wild during 2025. While this total is slightly below the 2023 peak, it highlights a critical shift in the cybersecurity landscape, as attackers are i…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cato CTRL’s senior security researcher, Vitaly Simonovich, has uncovered a high-severity dos vulnerability in MongoDB, tracked as CVE-2026-25611, that lets unauthenticated attackers crash any exposed MongoDB server. CVE-2026-25611 is rooted in M…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are abusing interest in Anthropic’s Claude Code tools by setting up fake download pages that ultimately drop a lightweight infostealer via mshta.exe. The campaign shows how a single living‑off‑the‑land binary (LOLBIN) can power an effecti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability in Cisco Catalyst SD-WAN infrastructure, tracked as CVE-2026-20127, is currently under active exploitation by highly sophisticated threat actors. The situation has grown considerably more severe following the public re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are abusing a new Linux-based toolkit dubbed RingH23 to silently compromise MacCMS-based video sites and hijack CDN infrastructure at scale, redirecting millions of users to gambling, pornography, and fraud platforms. Evidence shows Funn…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
