Resources

Application Security
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Depthfirst's autonomous AI security agent spent $1,000 to find 21 zero-days in FFmpeg, including an unauthenticated RCE triggered by a 183-byte packet.
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Researcher Taylor Hornby used Claude Opus 4.8 to uncover a four-year-old Zcash Orchard flaw that could have enabled undetectable counterfeit ZEC creation.
CVE Vulnerability Alerts
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
Fortinet researchers found C0XMO, a Gafgyt variant exploiting CVE-2021-27137 in DD-WRT routers, that kills rival botnets and supports 19 DDoS attack methods.
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at federal civilian agencies.
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch available.
Cybersecurity
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
Play ransomware posted four US victims in a single day: a food processing manufacturer, a law firm, a religious organization, and a manufacturing company.
Cybersecurity
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
Akira ransomware posted National Standard Parts Associates and Northern Ohio Regional MLS, threatening 53 GB of employee records, contracts, and financial data.
Cybersecurity
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
Qilin ransomware posted Avcon Jet, SKUPINA Don Don, and Trican in a three-country sweep targeting private aviation, food retail, and Canadian oilfield services.
Cybersecurity
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
TheGentlemen ransomware struck Saudi Arabia, India, Thailand, and Portugal in one day, including a first GCC target, as the group exceeds 330 victims in 2026.
Cybersecurity
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
WorldLeaks claimed CH Karnchang, Thailand's major infrastructure builder, and United Auto Supply in a pure data extortion operation with no file encryption.

Weekly Newsletter

Weekly Cybersecurity Newsletter: 14th to 18th August
Cybersecurity Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
Cybersecurity Newsletter
This Week In Cybersecurity: 23rd June to 27th June
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
Cybersecurity Newsletter
This Week In Cybersecurity: 26th to 30th May, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
Cybersecurity Newsletter
This Week In Cybersecurity: 19th to 23rd May, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st - 25th April, 2025
Cybersecurity Newsletter
This Week In Cybersecurity: 21st – 25th April, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.