Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering…
July 7, 2026
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented…
July 7, 2026
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access…
July 7, 2026
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
An Iranian hacking group affiliated with Iran’s Ministry of Intelligence and Security (MOIS) has been wielding a previously…
July 6, 2026
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux’s KVM hypervisor can be triggered from a guest virtual machine to corrupt the…
July 6, 2026
New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions
Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from…
July 6, 2026
New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS
Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows,…
July 6, 2026
Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages
Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website…
July 6, 2026
SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
Scanners meant to catch malicious add-on “skills” for AI coding agents can be fooled by a few simple…
July 6, 2026
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a…
July 4, 2026