← Latest brief

Security news.

·Morning Brief

Today's threat landscape is dominated by AI-powered attacks and critical infrastructure vulnerabilities. Ransomware gangs are now automating intrusions with LLM agents, while major proxy networks enabling cybercrime have been disrupted. Multiple zero-days and actively exploited flaws demand immediate patching across enterprise systems.

BLEEPINGRANSOMWARE
1d agoREAD

JadePuffer ransomware conducted entirely by LLM agent

Researchers identified the first documented ransomware operation fully automated by a large language model, marking a significant escalation in AI-driven cyber threats.

THNMALWARE
1d agoREAD

North Korean actors publish 108 malicious packages in PolinRider campaign

Threat actors linked to Contagious Interview distributed malicious npm, Packagist, Go packages and Chrome extensions; the campaign remains active with new packages appearing regularly.

THNVULN
1d agoREAD

Bad Epoll Linux kernel flaw (CVE-2026-46242) enables unprivileged root access

A critical vulnerability in Linux kernel code allows ordinary users to gain full system control; affects desktops, servers, and Android with patches available.

BLEEPING
1d agoREAD

NetNut residential proxy network disrupted, 2 million devices disconnected

Google and FBI joint operation significantly degraded the Popa/NetNut botnet that provided access to millions of compromised Android devices for cybercriminals and nation-state actors.

THNPATCH
1d agoREAD

Seven unpatched vulnerabilities in FatFs filesystem affect millions of embedded devices

runZero disclosed critical flaws in FatFs library bundled into security cameras, drones, industrial controllers, and crypto wallets with no patches available.

BLEEPINGBREACH
3d agoREAD

ConsentFix and ClickFix attacks hijack Microsoft 365 accounts in seconds

New MFA bypass techniques using fake OAuth prompts steal M365 tokens rapidly, bypassing traditional security controls.

BLEEPINGEXPLOIT
3d agoREAD

Cisco confirms active exploitation of Unified CM vulnerability

Attackers are now exploiting a Unified Communications Manager flaw patched in early June.

BLEEPINGRCE
3d agoREAD

CISA: Microsoft SharePoint RCE flaw (CVE-2026-45659) actively exploited

High-severity deserialization vulnerability patched in May is now under active attack; added to CISA's Known Exploited Vulnerabilities catalog.

Generated twice daily from public security RSS feeds. Informational only.