Overview Earlier this month, security sleuth and researcher “Chaotic Eclipse” (also known as Nightmare-Eclipse) published a zero-day exploit known as YellowKey, which allowed them to access BitLoc...
Overview of the First VPN Service 🚀 The Federal Bureau of Investigation (FBI) has released a FLASH report to share indicators of compromise (IOCs) and tactics related to the First VPN Service. Thi...
🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...
2026-07-10 Daily Vulns
This iPhone Bug Won't Let Me Save Cropped Screenshots - But I Found a Fix
This iPhone Bug Won’t Let Me Save Cropped Screenshots - But I Found a Fix Unfortunately, while running iOS 26.5.2, I noticed an even more annoying bug: My cropped screenshots wouldn’t save. Normal...
Malicious Go Module Exposes GitHub Malware Lure Network
Malicious Go Module Exposes GitHub Malware Lure Network Our investigation began with a malicious Go module, github.com/kaleidora/dnsub-scanning-tool, that posed as a DNS/subdomain scanner. The mod...
Operation Dragonreturn China Nexus Cyber Espionage Campaign Targeting Indian Tax Infrastructure
Operation Dragonreturn: China Nexus Cyber Espionage Campaign As part of our latest investigation, we uncovered a campaign that demonstrates operational and technical similarities to a China-nexus ...
OpenPLC v3 Vulnerability Advisory
OpenPLC v3 Vulnerability Advisory 🚨 Source: CISA Date Published: July 9, 2026 A critical vulnerability has been identified in OpenPLC v3 that could allow an authenticated attacker to write arbitr...
One Target, Two Flags | Rival Espionage Actors Converge On Pakistani Law Enforcement
One Target, Two Flags: Rival Espionage Actors Converge On Pakistani Law Enforcement SentinelLABS has been tracking sustained cyberespionage activity against several Pakistani law enforcement organ...
New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware
New GigaWiper Windows Backdoor 🚨 Microsoft has dismantled a destructive Windows backdoor known as GigaWiper. What makes it unique is its construction: it combines three older destructive programs ...
GodDamn Ransomware Latest Beast Rebrand Uses Malicious Driver to Disable Defenses
GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver to Disable Defenses 🚨 Analysis of a recent GodDamn ransomware attack indicates that this seemingly new ransomware is, in fact, the la...
6.9 Million Driver's License Numbers Stolen from AssuranceAmerica
🚨 Data Breach Alert: 6.9 Million Driver’s License Numbers Stolen! Insurance provider AssuranceAmerica has confirmed a significant data breach affecting the personal information and driver’s licens...
Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools
🚨 Telegram-Hosted RedWing Malware: A New Threat! Zimperium’s zLabs team has uncovered RedWing, an Android spyware operation sold as a subscription service through Telegram, linked to Russian threa...
My Threat Feed Told Me It Was 'Chalubo.' The Binary Disagreed
Understanding Threat Intelligence An indicator is a claim, not a fact – and the advisory covering your own network is the one you can least afford to accept unchecked. I don’t act on a piece of in...
Mount Royal University Confirms Breach as Hackers Claim Attack
Mount Royal University Confirms Breach 🚨 Mount Royal University in Calgary has confirmed a significant data breach where hackers stole and deleted data from its file storage systems. This incident...
What Happens if China Hacks the US Water Supply? I Went to a Secret War Game to Find Out
What Happens if China Hacks the US Water Supply? 🚰 A simulated catastrophic cyberattack on US water utilities showcased alarming potential impacts. A full 24 hours of in-game time passed since hac...
GitHub Copilot Sorry Dave, I can't do that harmful thing - unless you ask me in code
GitHub Copilot: Sorry Dave, I can’t do that harmful thing - unless you ask me in code It’s the latest example of AI safety guardrails being bypassed. GitHub Copilot refuses harmful prompts almost ...
CVE-2026-55428 - Coder Vulnerability Route Hijacking Risk
CVE-2026-55428 - Coder Vulnerability: Route Hijacking Risk CVE-2026-55428 details a vulnerability in Coder concerning route hijacking through a lack of validation of agent-supplied AllowedIPs in t...
Backdoor Found in the Firmware for These Wi-Fi Routers. And There's No Patch
Backdoor Found in the Firmware for These Wi-Fi Routers 🚨 An undocumented backdoor has been discovered in the firmware of certain Tenda Wi-Fi routers, allowing hackers an easy way to gain control o...