Today's cybersecurity landscape is marked by active exploitation of critical vulnerabilities, the emergence of new malware variants, and ongoing data breaches. Threat actors are leveraging sophisticated techniques, including kernel driver abuse and AI SDK flaws, to target government entities, critical infrastructure, and end-users.

Critical Fortinet FortiSandbox Flaws Actively Exploited — Attackers are exploiting three Fortinet FortiSandbox vulnerabilities, including a recently patched path traversal flaw (CVE-2026-39813), posing significant risks to organizations using the platform. Read more →
CISA Warns of Actively Exploited cPanel Plugin Flaw — CISA has added CVE-2026-54420, a privilege escalation vulnerability in the LiteSpeed cPanel user-end plugin, to its KEV catalog, requiring federal agencies to patch by June 18. Read more →
Google Vertex AI SDK Flaw Allowed Model Upload Hijacking — A "Pickle in the Middle" flaw in the Google Cloud Vertex AI SDK for Python could have allowed attackers to hijack machine learning model uploads and execute code within Google's infrastructure. Read more →
China-Linked SprySOCKS Backdoor Expands to Windows — The FishMonger threat group is deploying new Windows variants of the SprySOCKS backdoor, which abuses kernel drivers for stealth, against government targets in Asia and Central America. Read more →
Rokarolla Android Trojan Achieves Full Device Control — An evolving Android banking trojan, Rokarolla, distributed via fake TikTok and Chrome downloads, now combines banking fraud with extensive device surveillance and remote control capabilities. Read more →
Steam Workshop Abused to Spread Malware — Threat actors are leveraging Steam Workshop to distribute various malware hidden within wallpaper packages for the Wallpaper Engine application. Read more →
iRhythm Confirms Data Stolen in Hack — Digital health company iRhythm Holdings disclosed a data breach where hackers stole patient personal and health information from third-party hosted business applications and demanded a ransom. Read more →
Ransomware Gang Abuses Microsoft Teams Relays — The DragonForce ransomware group is using custom malware named 'Backdoor.Turn' to conceal command-and-control traffic by routing it through Microsoft Teams relay infrastructure. Read more →