CISA advisory AA26-097A: Iranian IRGC-linked CyberAv3ngers exploit internet-exposed Rockwell Allen-Bradley PLCs using legitimate Studio 5000 software. 5,219 devices at risk.
Microsoft Defender signature update 1.449.424.0 incorrectly flags DigiCert root CAs as Trojan:Win32/Cerdigent.A!dha and removes them from Windows. Fix: update to 1.449.430.0.
Microsoft tests modern Windows: Microsoft has confirmed that Windows 11 is getting a new modern Run dialog with dark mode support and faster
DEEP#DOOR Python backdoor patches AMSI/ETW and tunnels via bore.pub to steal browser and cloud credentials. YARA rules, SHA-256 IOCs, and SIEM detection queries.
Criminal Securonix ThreatQ Collaborate: Raw threat intel isn't enough without real-world context. Criminal IP has partnered with Securonix to integrate ex...
CVE-2026-6807 in NSA GRASSMARLIN exposes an XXE info disclosure flaw in an ICS/SCADA network mapping tool that is end-of-life with no patch available.
ConsentFix v3 automates OAuth code theft in Microsoft Entra ID, bypassing MFA and Conditional Access on Azure CLI and first-party apps. No patch
Bluekit is a new PhaaS platform with 40+ templates, AI assistant, anti-bot evasion, session theft, and Telegram exfiltration — targeting Gmail, GitHub, iCloud,
Famous Chollima uses Claude Opus to generate malicious npm packages. Learn DPRK npm malware detection: install hook inspection and CI/CD guardrails.
Google restructures its VRP: Android zero-click Pixel Titan M exploits now worth $1.5M while Chrome rewards fall as AI tools accelerate browser bug
