Cybersecurity
News
CISA adds two critical Joomla extension flaws to KEV list
U.S. CISA added two maximum-severity Joomla extension flaws to its Known Exploited Vulnerabilities (KEV) catalog after zero-day attacks in the wild.Both vulnerabilities—CVE-2026-48939 in iCagenda...
News
China, India groups target Pakistani police in cyber espionage
Suspected China- and India-aligned threat actors targeted Pakistani law enforcement in a sustained cyber espionage campaign between February 2024 and April 2026.The operation compromised...
News
Three OpenClaw AI flaws allow host takeover via WhatsApp
Three high-severity flaws in the OpenClaw AI assistant (CVSS 8.8, 8.8, 8.4) could enable credential theft, privilege escalation, and arbitrary code execution.Researcher Chinmohan Nayak...
News
XRING bug lets attackers crash XQUIC servers with legal traffic
A remote crash vulnerability dubbed XRING affects all versions of Alibaba's XQUIC library, disclosed July 8.The flaw requires only 260 bytes of legitimate QPACK...
News
npm 12 disables install scripts, phases out 2FA bypass tokens
GitHub released npm version 12 with install scripts disabled by default, making previously automatic behaviors like dependency lifecycle scripts opt-in.Granular Access Tokens (GATs) designed...
News
New Webinar: Outpace AI Attacks with Zero Trust
AI-powered attacks, like the Mythos model, now execute in minutes what previously took attackers days.Traditional network-based defenses lag behind because they were built for...
News
RoguePlanet Microsoft Defender Flaw Patched After Month Delay
Microsoft patched a Defender privilege escalation flaw called RoguePlanet, tracked as CVE-2026-50656, nearly a month after public disclosure.The vulnerability, rated 7.8 on the CVSS...
News
Lurking Lizard uses fake 7-Zip installer to build proxy botnet
Threat actor Lurking Lizard has operated a residential proxy business since August 2022, using over 230 lookalike domains.The group lures victims with trojanized installers...
Latest news
Crypto Twitter Back After X Algorithm Tweak
X Head of Product Nikita Bier shipped an algorithm change this week to boost visibility of posts to mutuals,...
Alpaca Secures $135M for Tokenized Agent-First Infrastructure
Alpaca raised $135 million in a funding round led by Peak XV, with up to $300 million in debt...
Daxin malware resurfaces with Stupig backdoor in Taiwan attack
The Daxin kernel-mode rootkit, dormant for over four years, has resurfaced on a compromised host at a Taiwan-based manufacturing...
