Security Intelligence

Dirty Frag Linux kernel flaw disclosed, active exploitation observed

Dirty Frag, a Linux kernel flaw, is being used in post‑compromise scenarios where existing access is leveraged to...

Security Intelligence

OPNsense addresses code execution issue with POC available

OPNsense has released fixes for two vulnerabilities that affect firewall management security, both disclosed with...

Security Intelligence

Palo Alto firewall zero-day allows unauthenticated root access

Palo Alto Networks has disclosed an actively exploited zero-day allowing threat actors to take full control of affected...

Security Intelligence

Instructure data breach exposes education sector to extortion

Instructure has disclosed a breach affecting users at selected educational institutions after extortion group...

Security Intelligence

Critical authentication bypass in Progress MOVEit Automation

Progress Software has disclosed a critical authentication bypass vulnerability in MOVEit Automation that enables...

Security Intelligence

Copy Fail: Linux kernel privilege escalation flaw publicly disclosed

A deterministic Linux kernel privilege escalation flaw affecting most distros since 2017. Local attackers can gain...

Security Intelligence

cPanel and WHM authentication bypass flaw publicly disclosed

Critical cPanel/WHM flaw (CVE-2026-41940) enables auth bypass and full server compromise. Patch immediately and...

Security Intelligence

Vimeo data exposure linked to third‑party analytics platform breach

Vimeo breach linked to third-party analytics provider highlights growing risk of SaaS supply chain attacks and need for...

Security Intelligence

FIRESTARTER backdoor persists on Cisco firewalls after patching

FIRESTARTER backdoor on Cisco firewalls survives patches, allowing persistent access—highlighting risks of perimeter...

Security Intelligence

IT helpdesk impersonation campaign uses Teams to gain initial access

Threat actors tracked as UNC6692 are impersonating IT helpdesk staff over Microsoft Teams to gain initial access...

Blog Post

Field Effect detects AMOS Stealer delivered via Cursor AI agent session

Field Effect MDR detected AMOS Stealer delivered via AI coding agent social engineering, highlighting a new,...

Security Intelligence

Bitwarden CLI compromised as part of supply-chain campaign

A malicious release of the Bitwarden CLI was published to npm in April 2026 as part of an expanding software...