← Latest brief

Security news.

·Afternoon Brief

Today's cybersecurity news highlights significant disruptions to malicious infrastructure and the emergence of new sophisticated malware. A major residential proxy network, NetNut, has been dismantled, cutting off access for millions of compromised devices, while a new modular malware framework, Avalon, has been discovered packing ransomware capabilities.

THNRANSOMWARE
2h agoREAD

New Avalon Malware Framework Packs CrownX Ransomware

Researchers have uncovered Avalon, a modular malware framework distributed via multi-stage phishing, combining credential collection, lateral movement, remote access, recovery disruption, and ransomware execution.

BLEEPING
3h agoREAD

NetNut Proxy Network Disrupted, 2 Million Infected Devices Cut Off

A joint operation, including Google and the FBI, has disrupted NetNut, a residential proxy network that provided access to millions of compromised Android devices, including smart TVs and streaming boxes.

THNBREACH
5h agoREAD

North Korea-Linked npm Packages Steal Developer Secrets

Threat actors tied to North Korea are using new malicious npm packages, "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core," to mimic legitimate Rollup polyfill tooling for remote access and data theft.

SECURITYWEEKBREACH
11h agoREAD

Medtronic Data Breach Impacts 3.8 Million People

In April, the ShinyHunters group accessed Medtronic's corporate IT systems, stealing personal and medical information belonging to 3.8 million individuals.

SECURITYWEEKRANSOMWARE
10h agoREAD

Agentic AI Used to Conduct Ransomware Attack via Langflow

A recent attack demonstrated how LLM agents can combine known exploitation techniques with real-time reasoning to automate complex, multi-stage ransomware intrusions.

SECURITYWEEKRCE
13h agoREAD

Critical Cursor AI Code Editor Flaws Lead to RCE

The "DuneSlide" vulnerabilities in Cursor AI Code Editor allow zero-click prompt injection attacks to escape the sandbox and execute arbitrary code on the underlying operating system.

BLEEPINGRCE
1d agoREAD

CISA: Microsoft SharePoint RCE Flaw Actively Exploited

CISA has warned that attackers are actively exploiting a high-severity Microsoft SharePoint remote code execution vulnerability (CVE-2026-45659) that was patched in May.

BLEEPINGEXPLOIT
1d agoREAD

Cisco Confirms Exploitation of Unified CM Flaw

Cisco has confirmed that attackers are actively exploiting a Unified Communications Manager (Unified CM) vulnerability that was patched in early June.

Generated twice daily from public security RSS feeds. Informational only.