← Latest brief

Security news.

·Afternoon Brief

Today's cybersecurity landscape highlights the growing sophistication of AI in attacks, with the first documented case of an LLM-driven ransomware operation. Meanwhile, critical vulnerabilities in widely used software and embedded devices demand immediate attention, alongside ongoing efforts to disrupt major botnets and combat nation-state hacking campaigns.

BLEEPINGRANSOMWARE
8h agoREAD

JadePuffer Ransomware Leverages AI Agent for Automated Attacks

Researchers have identified JadePuffer as the first ransomware operation believed to be conducted entirely by a large language model (LLM) agent, automating the entire attack chain.

THNBREACH
9h agoREAD

U.S. Government Entity Paid $1 Million in Data-Theft Extortion

A U.S. government entity reportedly paid approximately $1 million to a group named Kairos to prevent the leak of stolen files, raising questions about the nature of the threat actor.

THNVULN
1d agoREAD

New "Bad Epoll" Linux Kernel Flaw Grants Root Access, Affects Android

A newly disclosed Linux kernel vulnerability, CVE-2026-46242 (Bad Epoll), allows unprivileged users to gain root control on Linux desktops, servers, and Android devices; a fix is now available.

BLEEPING
1d agoREAD

NetNut Proxy Network Disrupted, 2 Million Infected Devices Cut Off

A joint operation, including Google and the FBI, has significantly disrupted NetNut, a residential proxy network that leveraged millions of compromised Android devices, including smart TVs and streaming boxes.

THNMALWARE
10h agoREAD

North Korean Hackers Publish 108 Malicious Packages in PolinRider Campaign

North Korean threat actors, linked to the Contagious Interview campaign, have published 108 malicious packages and web browser extensions across npm, Packagist, Go, and Chrome as part of the ongoing PolinRider operation.

THNPATCH
1d agoREAD

Unpatched Flaws in FatFs Filesystem Affect Millions of Embedded Devices

Seven vulnerabilities have been disclosed in FatFs, a widely used filesystem library found in millions of embedded devices like security cameras, drones, and industrial controllers, allowing for potential exploitation.

CISAKEV
3d agoREAD

CISA Adds Microsoft SharePoint RCE Flaw to KEV Catalog

CISA has added a high-severity Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability (CVE-2026-45659) to its Known Exploited Vulnerabilities Catalog, urging immediate patching.

SECURITYWEEKRCE
1d agoREAD

Critical Cursor AI Code Editor Flaws Lead to OS-Level RCE

The DuneSlide vulnerabilities in the Cursor AI code editor allow for zero-click prompt injection attacks that can escape the sandbox and execute arbitrary code on the underlying operating system.

Generated twice daily from public security RSS feeds. Informational only.