Today's security landscape highlights critical vulnerabilities and active exploitation across various platforms, from Cisco SD-WAN to Lantronix devices, with CISA issuing urgent warnings. We also see significant law enforcement action against major malware operations and a focus on emerging AI-driven threats and ransomware trends in Europe.

Cisco SD-WAN Zero-Day Exploited Months Before Patch — A critical Cisco SD-WAN vulnerability, CVE-2026-20245, was actively exploited for months before its public disclosure and patching, allowing attackers to gain root access. Read more →
Lantronix Serial-to-IP Converter Flaw Exploited — The CVE-2025-67038 flaw in Lantronix serial-to-IP converters, part of the BRIDGE:BREAK research, is now being actively exploited in attacks, prompting a CISA warning. Read more →
New Gaslight macOS Malware Disrupts AI Analysis — A novel Rust-based macOS malware, "Gaslight," includes a prompt injection payload designed to trick AI analysis tools into aborting or refusing to analyze the artifact. Read more →
GitLab Patches Code Execution, Info Disclosure Flaws — GitLab released updates addressing 13 vulnerabilities, including three high-severity defects that could lead to code execution and information disclosure. Read more →
Chrome 149 Update Resolves 18 Severe Vulnerabilities — Google Chrome's latest update addresses 18 severe vulnerabilities, with over half being use-after-free defects that could potentially lead to remote code execution. Read more →
New Mistic Backdoor Linked to KongTuke — A stealthy new backdoor named Mistic (MLTBackdoor) has been deployed in financially motivated attacks against organizations in insurance, education, IT, and professional services, linked to the KongTuke initial access broker. Read more →
Amadey and StealC Malware Network Disrupted — A coordinated international law enforcement operation, supported by private sector companies, successfully disrupted the criminal infrastructure behind the Amadey and StealC malware, recovering 27 million stolen credentials. Read more →
Europe Becomes Ransomware's Favorite Region — After a global lull, ransomware gangs are increasingly targeting European organizations and their suppliers, making Europe a prime region for attacks. Read more →