← Latest brief

Security news.

·Morning Brief

Critical Linux kernel vulnerabilities and AI-driven attacks dominate today's threat landscape. A proof-of-concept exploit for the "Bad Epoll" root escalation flaw has been released, while researchers demonstrate how prompt injection attacks can manipulate AI agents into making unauthorized crypto payments. Major infrastructure disruptions continue with the NetNut proxy network seizure affecting millions of compromised devices.

SECURITYWEEKVULN
1h agoREAD

PoC Released for Linux 'Bad Epoll' Root Escalation (CVE-2026-46242)

A proof-of-concept exploit for the critical Linux kernel vulnerability enabling unprivileged users to gain root access is now public, affecting Linux desktops, servers, and Android systems.

SECURITYWEEKBREACH
3h agoREAD

Prompt Injection Attacks Exploit Autonomous AI Agents for Crypto Theft

Researchers uncovered two campaigns embedding indirect prompt injections in malicious websites to trick AI agents browsing the web into making unauthorized cryptocurrency payments.

BLEEPING
2d agoREAD

Google and FBI Disrupt NetNut Proxy Network, Affecting 2 Million Devices

A joint operation seized hundreds of domains associated with NetNut, a residential proxy service that provided access to millions of compromised Android devices including smart TVs and streaming boxes used for fraud and cyberattacks.

THNMALWARE
3h agoREAD

China-Nexus Hackers Deploy DcRAT via Fake Indian Tax Filing Utility

Operation DragonReturn targets Indian taxpayers and finance professionals with spear-phishing emails impersonating the Income Tax Department to deliver a remote access trojan for data theft.

THN
5h agoREAD

TrojPix Attack Exfiltrates Data from Air-Gapped Systems via Video Cable Emissions

Researchers demonstrated a novel technique that modulates on-screen pixels to create radio signals detectable by nearby receivers, enabling data theft from isolated systems once malware is present.

RCE
READ

Critical Cursor AI Code Editor Flaws Enable OS-Level Remote Code Execution

The DuneSlide vulnerabilities allow zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.

SECURITYWEEKEXPLOIT
3d agoREAD

CitrixBleed Vulnerability Actively Exploited Post-Disclosure

Hackers are targeting NetScaler appliances using public proof-of-concept code to retrieve arbitrary memory content in HTTP responses.

CISAKEV
5d agoREAD

CISA Adds CVE-2026-45659 (Microsoft SharePoint) to Known Exploited Vulnerabilities

Microsoft SharePoint Server deserialization vulnerability is now confirmed as actively exploited in the wild.

Generated twice daily from public security RSS feeds. Informational only.