Security news.
Today's security brief highlights a critical Linux kernel flaw, widespread vulnerabilities in an embedded filesystem, and ongoing North Korean cyber espionage. Additionally, a major residential proxy network has been disrupted, impacting millions of compromised devices.
New "Bad Epoll" Linux Kernel Flaw Grants Root Access, Affects Android
A newly disclosed Linux kernel flaw, CVE-2026-46242 (Bad Epoll), allows unprivileged users to gain root control on Linux desktops, servers, and Android devices. A fix has been released.
Unpatched Flaws in FatFs Filesystem Affect Millions of Embedded Devices
Seven vulnerabilities have been disclosed in FatFs, a widely used filesystem library found in firmware for security cameras, drones, industrial controllers, and hardware crypto wallets. These flaws remain unpatched.
North Korean Hackers Publish 108 Malicious Packages in PolinRider Campaign
Threat actors linked to North Korea's Contagious Interview campaign have published 108 malicious packages and web browser extensions across npm, Packagist, Go, and Google Chrome as part of the active PolinRider campaign.
NetNut Proxy Network Disrupted, 2 Million Infected Devices Cut Off
A joint operation, including Google, has disrupted NetNut, a residential proxy network that leveraged millions of compromised Android devices, such as smart TVs and streaming boxes.
New "Avalon" Malware Framework Integrates CrownX Ransomware Capabilities
Researchers have uncovered Avalon, a modular malware framework distributed via multi-stage phishing, combining credential collection, lateral movement, remote access, recovery disruption, and ransomware execution.
Critical Cursor AI Code Editor Flaws Lead to OS-Level Remote Code Execution
The DuneSlide vulnerabilities in the Cursor AI code editor enable zero-click prompt injection attacks, allowing arbitrary code execution on the underlying operating system by escaping the sandbox.
Medtronic Data Breach Impacts 3.8 Million Individuals
In April, the ShinyHunters group accessed Medtronic's corporate IT systems, stealing personal and medical information belonging to 3.8 million people.
PamStealer Uses Fake Maccy Sites to Steal Mac Login Passwords
A new macOS information stealer, PamStealer, is being distributed as a fake Maccy clipboard manager, using clever tricks and PAM checks to siphon sensitive data.