The News.
Daily intel.
Daily breach reporting, CVE disclosures, malware analyses, and threat campaigns. Yesterday's incidents, this morning's coverage — written by practitioners for the analysts and defenders who need it first.
Claude Mythos Has Found 271 Zero-Days in Firefox
That’s a lot . No, it’s an extraordinary number: Since February, the Firefox team has been working around the clock using frontier AI models to find and f...
Former Incident Responders Get 4 Years for BlackCat Ransomware Attacks
Ryan Goldberg (Sygnia) and Kevin Martin (DigitalMint) sentenced to 4 years each for deploying BlackCat/ALPHV ransomware against US victims in 2023.
Anthropic Launches Claude Security to Combat the AI-Driven Exploit Surge
Anthropic's Claude Security initiative uses Claude Mythos Preview to help defenders find and patch vulnerabilities faster than AI-equipped attackers can exploit them.
AI Industrializes Cybercrime as Mean Time-to-Exploit Hits Negative Seven Days
Mandiant M-Trends 2026 and IBM X-Force data confirm AI has industrialized cybercrime — exploitation routinely precedes patching and 80% of ransomware now uses AI tooling.
EtherRAT Targets Enterprise Admins via 44 GitHub Facades and Ethereum Blockchain C2
EtherRAT deploys 44 spoofed GitHub repos to target enterprise admins with a blockchain-powered JavaScript RAT. Active since December 2025.
EnOcean SmartServer CVE-2026-20761 Opens Buildings to Remote Takeover
Claroty Team82 found two chained flaws in EnOcean SmartServer IoT — an ASLR bypass and RCE via IP-852 — exposing building automation networks to full compromise.
cPanel CVE-2026-41940 Was Actively Exploited for 30 Days Before Patch
CVE-2026-41940 is a CVSS 9.8 CRLF injection in cPanel and WHM confirmed exploited in the wild for 30+ days before the April 28 emergency patch.
12 Allied Agencies Warn: China-Nexus Actors Are Building Covert Botnets from Your Routers and Cameras
CISA AA26-113A: Volt Typhoon, Salt Typhoon, and Flax Typhoon are weaponizing compromised SOHO routers, IoT devices, and firewalls into relay botnets for espionage against critical infrastructure.
Ukrainian Police Arrest Three for Hijacking 610,000 Roblox Accounts via Cookie Theft
Ukrainian cyber police arrested three hackers who stole 610,000 Roblox accounts using cookie-harvesting malware, selling them on Russian platforms for $225,000.