
Threat Actors Use Aged GitHub Accounts to Map Corporate Orgs
Datadog Security Labs found threat actors using aged GitHub accounts to map corporate organization members and repositories before launching targeted

Datadog Security Labs found threat actors using aged GitHub accounts to map corporate organization members and repositories before launching targeted

Researchers exposed a network of 200 GitHub repositories serving as C2 dead drops for Windows malware, delivered via a malicious

Palo Alto Networks patched 13 PAN-OS vulnerabilities including buffer overflow, command injection, SSRF, and authentication bypass in its firewall platform.

Ubiquiti patched seven critical-to-maximum severity flaws in UniFi OS, led by CVE-2026-50746, a command injection requiring only network access to

Cisco Talos disclosed UAT-7810, a China-linked APT building the LapDogs ORB relay network using LONGLEASH malware on compromised Ruckus and

CERT/CC disclosed CVE-2026-11405, a hidden backdoor in Tenda router firmware granting unauthenticated full admin access. No vendor patch is available.

CVE-2026-33697 lets relay attacks redirect confidential computing traffic without breaking attestation, affecting WhatsApp, Cocos AI, and Edgeless Systems.

Researchers disclosed TrojPix, a new air-gap attack that manipulates pixel rendering to encode data as electromagnetic emissions from a computer’s

Google and the FBI dismantled NetNut, a residential proxy network that secretly hijacked 2 million home devices and served 316

A threat actor exploited CVE-2026-8451 in Citrix NetScaler within 24 hours of patch release, targeting Lupovis honeypots with confirmed memory
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.