Endpoint Security

CVE Vulnerability Alerts
Microsoft Patches RoguePlanet Defender Zero-Day CVE-2026-50656
Microsoft silently patched CVE-2026-50656 RoguePlanet via a Defender engine update, ending over three weeks of confirmed active SYSTEM privilege exploitation.
Cybersecurity
SCMBANKER Targets Mexican Banking With AI-Written PowerShell
Elastic Security Labs found REF6045 deploying SCMBANKER, an AI-written PowerShell toolkit that lets operators control Mexican banking sessions live and hijack transfers.
Application Security
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
AI Now Institute's Friendly Fire PoC shows Claude Code and Codex in security-audit mode will execute disguised malware when seeded with strings from a legitimate ...
Cybersecurity
Microsoft Discloses GigaWiper: Disk Wiper Hidden Behind Fake Ransom
Microsoft disclosed GigaWiper, a Windows backdoor combining a real disk wiper, fake ransomware encryption, and multi-pass file overwriting in a single payload.
Cybersecurity
GodDamn Ransomware Uses PoisonX Driver to Kill EDR Before Encrypting
Symantec identified GodDamn ransomware using a kernel driver named PoisonX via the BYOVD technique to kill security software before file encryption begins.
CVE Vulnerability Alerts
Seven FatFs Flaws Threaten Cameras, Drones, and Crypto Wallets
runZero disclosed seven unpatched vulnerabilities in the FatFs filesystem library affecting hundreds of millions of IoT devices, drones, and hardware wallets.
Cybersecurity
Cisco Talos Exposes UAT-7810 LONGLEASH Backdoor on Ruckus Routers
Cisco Talos disclosed UAT-7810, a China-linked APT building the LapDogs ORB relay network using LONGLEASH malware on compromised Ruckus and ASUS routers.
Cybersecurity
Eight Predatorgate Victims Sue Intellexa for €8 Million
Eight victims of the Greek Predatorgate spyware scandal filed a €8 million civil lawsuit against Intellexa and founder Tal Dilian in a Greek court on ...
CVE Vulnerability Alerts
CVE-2026-53359 Januscape: 16-Year KVM Flaw Enables VM Escape
CVE-2026-53359 Januscape is a 16-year-old Linux KVM use-after-free that allows guest VM escape to the host on Intel and AMD systems. Patches are available.
Cybersecurity
Operation DragonReturn: DcRAT Targets India Tax Professionals
China-nexus Operation DragonReturn deploys DcRAT via a cloned Indian tax utility, targeting tax professionals and accountants during India's filing season.