Overview Earlier this month, security sleuth and researcher “Chaotic Eclipse” (also known as Nightmare-Eclipse) published a zero-day exploit known as YellowKey, which allowed them to access BitLoc...
Overview of the First VPN Service 🚀 The Federal Bureau of Investigation (FBI) has released a FLASH report to share indicators of compromise (IOCs) and tactics related to the First VPN Service. Thi...
🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...
Flipper Zero Firmware Development Continues with Community Help
Exciting News for Flipper Zero Users! 🚀 Flipper Devices has announced that the development of the Flipper Zero firmware will continue, albeit with a smaller internal team and a greater reliance on...
2026-07-05 Daily Vulns
Confidential Computing's Core Trust Mechanism is Broken
Confidential Computing’s Core Trust Mechanism is Broken 🚨 A Fix May Not Exist! 🚨 Confidential computing relies on a mechanism called remote attestation, where a server cryptographically proves to...
PamStealer Mimics Maccy Clipboard Manager Silently Harvests Data and Clipboard Contents
PamStealer: A New Threat to macOS Users 🚨 PamStealer is a newly identified macOS infostealer that disguises itself as the popular open-source clipboard manager Maccy while silently harvesting sens...
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices 🚨 Security Alert! Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library t...
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds 🚨 A former EU lawmaker was hacked with Pegasus spyware while investigating its use, according to Citizen Lab. The report documents...
New CitrixBleed-like NetScaler Flaw Sees Exploit Attempts in the Wild
New CitrixBleed-like NetScaler Flaw Sees Exploit Attempts in the Wild 🚨 Citrix NetScaler has received patches for a new memory leak vulnerability similar to CitrixBleed, along with several other c...
Claude Fable Relaunch Disappoints Users with Nerfed Performance
Claude Fable Relaunch Disappoints Users with Nerfed Performance 🚀 Claude Fable, the company’s most powerful model, is now available to all users, but early impressions are disappointing. It appear...
Google Takes Action Against Malicious Residential Proxy Networks
Google Takes Action Against Malicious Residential Proxy Networks 🚨 Today, in coordination with the FBI, Lumen, and others, Google took decisive action against the NetNut residential proxy network,...
Fake Google and Cloudflare Verification Pages Spread Multiple Malware Families
🚨 Fake Google and Cloudflare Verification Pages Spread Multiple Malware Families Source: Malwarebytes Date Published: July 2, 2026 ClickFix attacks, which trick people into running malicious comm...
Alleged Scattered Spider Hacker Arrested in Finland
Alleged Scattered Spider Hacker Arrested in Finland 🚨 A teenager has been arrested for alleged involvement with the Scattered Spider hacking group, the US Department of Justice (DOJ) has announced...
Agentic Ransomware JADEPUFFER Invades Database at Machine Speed
Agentic Ransomware JADEPUFFER Invades Database at Machine Speed 🚀 Sysdig researchers have discovered the first instance of an “agentic ransomware” attack in the wild, dubbed JADEPUFFER. This agent...
WinRAR Flaw Could Allow Attackers to Take Control of Your Computer
WinRAR Vulnerability Alert 🚨 Rarlab has released a new version of the popular WinRAR tool to patch a vulnerability that can be abused in remote code execution attacks. The issue is fixed in WinRAR...
ST Engineering iDirect iQ-Series Terminals Vulnerabilities
ST Engineering iDirect iQ-Series Terminals Vulnerabilities 🚨 Date Published: July 2, 2026 Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to d...
CVE-2026-13768 - Gardyn IoT Hub Use of Hard-coded Credentials
CVE-2026-13768 - Gardyn IoT Hub Use of Hard-coded Credentials 🚨 Attention: Gardyn devices expose a privileged iothubowner key. Access to this key allows a malicious user to invoke an IoTHub Regist...
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS 🚀 A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured se...
New ChocoPoC Malware Targets Researchers via Trojanized PoC Exploits
New ChocoPoC Malware Targets Researchers 🚨 A new threat has emerged in the cybersecurity landscape! Multiple weaponized proof-of-concept (PoC) exploits on GitHub have been discovered delivering a ...