Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the…
July 3, 2026
New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access…
July 3, 2026
New Avalon Malware Framework Packs CrownX Ransomware Capabilities
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a…
July 3, 2026
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages…
July 3, 2026
Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies…
July 3, 2026
European Parliament Member Investigating Spyware Was Hacked With Pegasus
A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou…
July 3, 2026
PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords
Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks…
July 3, 2026
Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices
Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for…
July 2, 2026
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability…
July 2, 2026
ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all…
July 2, 2026