Mozilla Fixes Record 423 Firefox Bugs Using Claude Mythos AI Pipeline
Mozilla fixed 423 Firefox bugs in April 2026 using Claude Mythos AI. Firefox 150 patches 41+ CVEs including High-severity UAF and sandbox escape
News
News
ShinyHunters Disrupts 9,000 Schools After Second Canvas Breach During Finals Week
ShinyHunters defaced Canvas login pages at 9,000 schools on May 7–8, 2026, escalating a breach of 275 million student records. Ransom deadline is
News
CVE-2026-6973: Ivanti EPMM Zero-Day RCE Exploited, CISA Mandates Patch by May 10
CVE-2026-6973, a CVSS 7.2 RCE flaw in Ivanti EPMM, is actively exploited in targeted attacks and added to CISA KEV. Federal agencies must
News
Google Android Binary Transparency: Public Ledger Stops Supply Chain Attacks on Android Apps
Google expands Binary Transparency to all production Android apps, creating a public cryptographic ledger for verifying authorized releases. How it works and who
News
One in Eight Workers Has Sold Corporate Login Credentials, Cifas Finds
Cifas survey reveals 13% of UK enterprise workers sold or know someone who sold corporate login credentials. C-suite is 43% likely to view
Blog
VENOMOUS#HELPER RMM Detection: Stop SimpleHelp and ScreenConnect Backdoors
VENOMOUS#HELPER hit 80+ orgs via SimpleHelp and ScreenConnect backdoors. Detection checklist, KQL queries, PowerShell scan, and Group Policy RMM allowlist.
News
GDDRHammer, GeForge, GPUBreach: NVIDIA GDDR6 Rowhammer Attacks Enable Full System Takeover
Three independent Rowhammer attacks — GDDRHammer, GeForge, and GPUBreach — target NVIDIA Ampere GDDR6 GPUs, enabling full CPU memory compromise. Enable IOMMU now.
Blog
SCA Tool EOL Dependency CVE Blind Spot Detection: What Snyk and Dependabot Miss
SCA tools miss EOL dependencies with untracked CVEs. Close the SCA tool EOL dependency blind spot with pip-audit, osv-scanner, xeol, and HeroDevs EOLDS.
Blog
UAT-8302 China APT Malware Analysis: Shared Implants, IOCs, and Detection Rules
UAT-8302 shares China APT custom malware across six clusters — IOCs, YARA rules, and MITRE ATT&CK mappings for NetDraft, SNOWRUST, and CloudSorcerer v3.
News
Oracle Launches Monthly Critical Security Patch Updates to Close Gap Between Quarterly Cycles
Oracle's new monthly CSPU program begins May 28, 2026, delivering targeted critical-severity fixes on the third Tuesday of non-quarterly months to accelerate patching.