Quasar Linux RAT (QLNX) harvests DevOps credentials to enable software supply chain attacks with fileless execution and dual ...

PamDOORa Linux backdoor abuses PAM modules for SSH persistence and credential theft, increasing Linux server compromise risks ...

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.

Ivanti EPMM flaw CVE-2026-6973 exploited in limited attacks; CISA mandates fixes by May 10, 2026, increasing urgency.

PCPJack steals credentials via 6 Python modules exploiting 5 CVEs, enabling cloud spread and fraud-driven attacks.

CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April ...

Delayed IR access and 14-day logs limit visibility during breaches, increasing attacker dwell time and recovery costs.

AI-driven phishing enables initial device compromise in 2026, causing rapid breach escalation within minutes, increasing ...

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP ...

MuddyWater used Teams phishing in 2026 to steal credentials, enabling stealthy data exfiltration and persistence without ...