OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
June 12, 2026
OnyxC2, a new MaaS information stealer priced at $250 per month, targets 200-plus applications using DLL sideloading and encryption to
Endpoint Security
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
OnyxC2, a new MaaS information stealer priced at $250 per month, targets 200-plus applications using DLL sideloading and encryption to evade detection.
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Security researcher Nightmare Eclipse dropped RoguePlanet, an unpatched LPE zero-day in Microsoft Defender that grants SYSTEM on fully patched Windows.
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
Exodus Intelligence released a working exploit for Linux kernel CVE-2026-23111, a nf_tables flaw enabling root escalation on unpatched Ubuntu and Debian.
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Veeam patched CVE-2026-44963, a CVSS 9.4 RCE flaw letting any domain user execute code on backup servers across its 550,000-customer install base.
What Is Dropper Malware and How Does It Evade Detection
Dropper malware secretly installs payloads while evading detection. Learn how droppers work, evasion techniques, and endpoint defense strategies.
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
Fortinet researchers found C0XMO, a Gafgyt variant exploiting CVE-2021-27137 in DD-WRT routers, that kills rival botnets and supports 19 DDoS attack methods.
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
Volexity found Chinese APT VerdantBamboo used new PLENET and AGENTPSD malware to maintain 18 months of undetected Microsoft 365 access via MSP compromise.
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API keys and self-propagate.
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
AppEsteem found a Monero cryptominer bundled inside Hola Browser's Windows installer, hidden as a Windows service and excluded from Windows Defender scanning.
CISA Orders Patch for Linux Container Escape CVE-2022-0492
CISA added the Linux kernel CVE-2022-0492 container escape flaw to the KEV catalog, confirming active exploitation with a three-day federal patch deadline.
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
June 11, 2026
Security researcher Nightmare Eclipse dropped RoguePlanet, an unpatched LPE zero-day in Microsoft Defender that grants SYSTEM on fully patched Windows.
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
June 10, 2026
Exodus Intelligence released a working exploit for Linux kernel CVE-2026-23111, a nf_tables flaw enabling root escalation on unpatched Ubuntu and
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
June 10, 2026
Veeam patched CVE-2026-44963, a CVSS 9.4 RCE flaw letting any domain user execute code on backup servers across its 550,000-customer
What Is Dropper Malware and How Does It Evade Detection
June 9, 2026
Dropper malware secretly installs payloads while evading detection. Learn how droppers work, evasion techniques, and endpoint defense strategies.
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
June 8, 2026
Fortinet researchers found C0XMO, a Gafgyt variant exploiting CVE-2021-27137 in DD-WRT routers, that kills rival botnets and supports 19 DDoS
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
June 8, 2026
Volexity found Chinese APT VerdantBamboo used new PLENET and AGENTPSD malware to maintain 18 months of undetected Microsoft 365 access
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
June 5, 2026
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
June 5, 2026
AppEsteem found a Monero cryptominer bundled inside Hola Browser’s Windows installer, hidden as a Windows service and excluded from Windows
CISA Orders Patch for Linux Container Escape CVE-2022-0492
June 4, 2026
CISA added the Linux kernel CVE-2022-0492 container escape flaw to the KEV catalog, confirming active exploitation with a three-day federal
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.