Endpoint Security

CVE Vulnerability Alerts
CIFSwitch Linux Kernel Flaw Gets Public PoC, Root Access Possible
CIFSwitch is a 19-year-old Linux kernel privilege escalation flaw with a public PoC that enables root access on Ubuntu, RHEL, Debian, and other distributions.
Cybersecurity
LLMShare Campaign Hosts Infostealer Downloads on ChatGPT’s Own Domain
LLMShare, discovered by Push Security, abuses ChatGPT's share links on chatgpt.com to host fake outage pages that deliver infostealer malware to Windows and macOS users.
Application Security
CIFSwitch Linux Kernel Flaw Gets Public PoC, Root Access Possible
CIFSwitch is a 19-year-old Linux kernel privilege escalation flaw with a public PoC that enables root access on Ubuntu, RHEL, Debian, and other distributions.
Cybersecurity
Dutch Police Seize 200+ Servers in 17-Million-Device Botnet Takedown
Dutch law enforcement dismantled a botnet of 17 million compromised devices by seizing over 200 command-and-control servers in a major coordinated takedown with hosting provider ...
Cybersecurity
LLMShare Campaign Hosts Infostealer Downloads on ChatGPT’s Own Domain
LLMShare, discovered by Push Security, abuses ChatGPT's share links on chatgpt.com to host fake outage pages that deliver infostealer malware to Windows and macOS users.
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
Attackers exploited CVE-2026-26980 in Ghost CMS to compromise 700+ domains including Harvard and Oxford, turning them into ClickFix malware distribution points.
Application Security
Laravel Lang Supply Chain Attack Hijacks 700 Package Versions
Attackers rewrote git tags across four Laravel Lang packages to deploy a PHP credential stealer and Windows executable targeting developer machines and servers.
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Anthropic's Project Glasswing AI found 10,000+ high-severity CVEs in 1,000 open-source projects in one month, but only 97 patches were deployed upstream.
CVE Vulnerability Alerts
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Ubiquiti patched three max-severity UniFi OS flaws enabling RCE and unauthorized file access across approximately 100,000 internet-exposed endpoints worldwide.
Cybersecurity
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Mysk researchers found WhatsApp stores chat history unencrypted in a file accessible to Facebook and Instagram on iOS and macOS without user permission.