Lenovo BootRepair.sys exposes IOCTL 0x222014, letting unprivileged BYOVD attackers terminate CrowdStrike Falcon at kernel level with no administrative rights.
Seqrite Labs exposed UNG0002 hiding Cobalt Strike inside macOS-style nested folder structures to evade Windows scanners while targeting Changzhou University.
Sophos CTU analysis reveals WantToCry ransomware encrypts files off-device via brute-forced SMB sessions, leaving no local binary for EDR tools
Cisco Talos exposed BadIIS, a Chinese-speaking MaaS platform hijacking IIS servers to redirect traffic and manipulate search rankings since 2021.
Varonis Threat Labs disclosed GhostTree, an NTFS junction loop technique that causes Windows Defender to hang and fail to detect
K7 Security Labs found SilverFox APT serving ValleyRAT via trojanized Teams installers on teams-securecall.com, targeting credentials and crypto wallets.
Palo Alto’s Unit 42 documented TamperedChef, a signed-app malware campaign with 12,000 global infections using digitally signed certificates to evade
V12 security team released a working PinTheft exploit for an Arch Linux kernel double-free, enabling local root escalation on unpatched
A three-vulnerability chain in Pardus Linux’s pardus-update package lets any local user gain root on Turkish government systems; no patch
Qualys disclosed CVE-2026-46333, a nine-year-old Linux privilege escalation flaw that gives local users a reliable path to root on Debian,
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.