News

Cybersecurity
Nine-Nation Advisory Flags FSB Center 16 Router Attacks
Cybersecurity agencies from nine countries issued a joint advisory on FSB Center 16 router attacks targeting energy, healthcare, and defense sectors globally.
Cybersecurity
Open Server Exposes Three Concurrent Evilginx M365 Operations
French security firm Lexfo discovered three Evilginx M365 phishing campaigns after attackers left a Python HTTP server with directory listing exposed.
Application Security
CISA Adds Two CVSS 10.0 Joomla Extension Zero-Days to KEV
CISA added CVE-2026-48939 and CVE-2026-56291 to KEV with a same-day federal deadline after both Joomla extension zero-days were exploited before disclosure.
Application Security
Progress Orders ShareFile SZC Server Shutdown Over Security Threat
Progress Software ordered ShareFile Storage Zone Controller customers to shut down internet-facing servers amid an undisclosed security threat investigation.
Cybersecurity
RedHook Android RAT Gains Shell Access via Wireless ADB Loopback
Group-IB analyzed a new RedHook Android RAT variant that gains shell-level access by turning the device into its own ADB client via loopback, without rooting.
Cybersecurity
Ryuk Ransomware Broker Pleads Guilty in $15M Bitcoin Theft Case
Armenian national Karen Vardanyan pleaded guilty to enabling Ryuk ransomware attacks on U.S. organizations that yielded about 1,610 Bitcoin for the gang.
Application Security
Ghostcommit PNG Attack Tricks AI Code Reviewers into Leaking .env
UMKC researchers demonstrated Ghostcommit, a PNG-based prompt injection attack that tricks AI code reviewers into exfiltrating .env secrets as code constants.
Application Security
Compromised jscrambler npm Package Drops Rust Infostealer on Devs
An attacker compromised jscrambler's npm credentials and published five malicious versions dropping a Rust infostealer targeting cloud and AI credentials.
CVE Vulnerability Alerts
Binarly Finds Six U-Boot CVEs That Break Secure Boot on 50+ Firmware
Binarly disclosed six flaws in U-Boot's FIT signature verification subsystem, including two RCEs that bypass Secure Boot across more than 50 firmware releases.
Application Security
Google TAG Finds Critical Stored XSS in Zimbra Classic Web Client
Google's Threat Analysis Group found a critical stored XSS flaw in the Zimbra Classic Web Client that allows mailbox takeover via a single crafted email.