Overview Earlier this month, security sleuth and researcher โChaotic Eclipseโ (also known as Nightmare-Eclipse) published a zero-day exploit known as YellowKey, which allowed them to access BitLoc...
Overview of the First VPN Service ๐ The Federal Bureau of Investigation (FBI) has released a FLASH report to share indicators of compromise (IOCs) and tactics related to the First VPN Service. Thi...
๐จ Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access toolโan ideal starting point for attackers to e...
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS ๐ A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured se...
Kubota Hackers Had Month-Long Access to Network Systems
Kubota Hackers Had Month-Long Access to Network Systems ๐จ Kubota North America Corporation disclosed that hackers had access to some of its network systems for more than a month earlier this year....
Hackers Breached DHS Information-Sharing Network
Hackers Breached DHS Information-Sharing Network ๐จ A key Department of Homeland Security (DHS) information-sharing database was accessed by an unknown threat actor in recent weeks, potentially exp...
Chrome Needs Another Whopper Update to Fix 382 Security Bugs
Chrome Needs Another Whopper Update to Fix 382 Security Bugs ๐ Yesterday, on the last day of June, Google published an update that includes a whopping 382 security fixes for Chrome. The stable cha...
Brazilian Banking Trojan Ousaban Targets Spain and Portugal
Brazilian Banking Trojan Ousaban Targets Spain and Portugal A banking trojan long used against victims in Brazil has been retooled to target banking customers in Spain and Portugal, using phishing...
Why Are WordPress Sites Still Running EOL PHP?
Why Are WordPress Sites Still Running EOL PHP? Despite PHP updates being freely available, a large number of websites are not maintaining the latest patches, making them prime targets for attacker...
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS ๐ A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured se...
Browser-Only Ransomware From LLM Hallucinations to a Practical Attack Technique
Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique Source: Checkpoint Research Date Published: July 1, 2026 AI can turn high-level malicious ideas into concrete tech...
2026-07-01 Daily Vulns
Vulnerabilities in OFFIS DCMTK Toolkit
Vulnerabilities in OFFIS DCMTK Toolkit The OFFIS DCMTK Toolkit has been found to have several vulnerabilities that could be exploited by attackers. ๐จ Key Vulnerabilities: CVE-2026-50003: A pat...
StoneFly Storage Concentrator Vulnerabilities Exposed
StoneFly Storage Concentrator Vulnerabilities Exposed ๐จ Critical Security Alert! ๐จ Successful exploitation of these vulnerabilities could allow attackers to gain broad unauthorized access, execut...
RPG Maker MV and MZ Vulnerable to OS Command Injection
RPG Maker MV and MZ Vulnerable to OS Command Injection ๐จ RPG Maker MV and MZ, provided by Gotcha Gotcha Games Inc., contain a critical OS command injection vulnerability. These game development to...
Mitsubishi Electric MELSOFT Update Manager Vulnerabilities
Mitsubishi Electric MELSOFT Update Manager Vulnerabilities ๐จ Mitsubishi Electric has announced critical vulnerabilities in the MELSOFT Update Manager SW1DND-UDM-M. Successful exploitation of these...
Delta Electronics DVP12SE PLC Vulnerabilities
Delta Electronics DVP12SE PLC Vulnerabilities ๐จ Source: CISA Date Published: June 30, 2026 Successful exploitation of these vulnerabilities could allow an attacker to remotely issue commands, mod...
Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools
Apple Fixes WebKit Flaws in iOS and macOS ๐ Apple has released crucial updates for iOS, iPadOS, macOS, and Safari, addressing several WebKit flaws. Notably, four of these vulnerabilities were iden...
WhatsApp Launches New Username Feature to Communicate Without Exposing Phone Numbers
WhatsAppโs New Privacy Update ๐ WhatsApp introduces a new privacy update that lets users connect using unique handles, eliminating the need to share phone numbers with strangers or new group membe...
TONResolver RAT Abuses TON Blockchain to Target Japan's Hotel Industry
Overview of the Attack ๐จ In this blog entry, TrendAI Research examines a wave of phishing emails observed in May 2026 that targeted Japanese accommodation facilities using Booking.com. This report...