Security news.
Today's security brief highlights a record-breaking Patch Tuesday from Microsoft, addressing numerous critical flaws, alongside urgent advisories for actively exploited vulnerabilities in SharePoint and SonicWall products. The impact of AI on cybersecurity is also a prominent theme, with reports of LLM-assisted botnet development, AI-driven vulnerability discovery, and even an AI assistant being abused for account takeovers.
Critical Updates for Firefox, Chrome, Adobe, and VMware
Mozilla has released updates fixing two critical flaws in Firefox (CVE-2026-15718, CVE-2026-15719) with public exploit code, urging immediate patching.
CISA Urges Patching of Exploited SharePoint Vulnerabilities
CISA advises immediate patching for three actively exploited SharePoint vulnerabilities, including two zero-days, that allow remote code execution and unauthorized access.
Two SonicWall SMA 1000 Zero-Days Actively Exploited
SonicWall has warned about active exploitation of two zero-day vulnerabilities (CVE-2026-15409, CVE-2026-15410) in SMA 1000 series appliances, one of which can lead to arbitrary command execution.
Unpatched Cursor Vulnerability Exposes Users to Code Execution
An unpatched vulnerability in the Cursor IDE allows attackers to execute arbitrary code by creating a malicious Git repository containing a `git.exe` in the project root, which Cursor automatically runs.
AsyncAPI npm Packages Infected with Credential-Stealing Malware
Five malicious versions of AsyncAPI packages were published to npm in a supply-chain attack, distributing a remote access trojan with info-stealing capabilities.
Google Gemini CLI Abused as Hacking Agent and Botnet Operator
A Russian-speaking threat actor known as "bandcampro" has been observed abusing Google's open-source Gemini CLI AI tool to act as a hacking agent and operate a small-scale botnet.
TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development
Researchers found a new IoT botnet framework, TuxBot v3 Evolution, that appears to have been developed with assistance from a large language model (LLM), despite some unsuccessful attempts.
Progress Confirms Zero-Day Vulnerability Behind ShareFile Disruption
Progress has confirmed a zero-day vulnerability caused a disruption in ShareFile and has released a fix, urging Storage Zones Controller customers to apply it immediately.