“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions [email protected] (The Hacker News)
Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a faint radio signal a nearby receiver can decode. But TrojPix works only once malware…
-

New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS [email protected] (The Hacker News)
Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows, Linux, and macOS environments. According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model, costing anywhere between $150 for one month to $1,200 for lifetime access. Other subscription tiers include $300 forRead More
-

Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages [email protected] (The Hacker News)
Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits. In a proof of concept, they reconstructed a signed-in user’s full Gmail address from a single visit, with no…
-

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing [email protected] (The Hacker News)
Scanners meant to catch malicious add-on “skills” for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology. Their strongest trick slipped past every scanner tested more than 90% of the time, and the same…
-

U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case [email protected] (The Hacker News)
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that took the money calls itself Kairos, but it may not be…
-

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign [email protected] (The Hacker News)
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. “The campaign remains active, and new malicious packages are likely to continue appearing as threat actors…
-
Ivanti Sentry Pre-Authentication RCE
What is the Vulnerability? FortiGuard Labs continues to observe exploitation attempts targeting CVE-2026-10520 following the public release of technical details and proof-of-concept (PoC) exploit code. CVE-2026-10520 is a critical vulnerability affecting Ivanti Sentry that allows remote, unauthenticated attackers to execute arbitrary operating system commands with root privileges. The flaw stems from improper handling of internal…
-

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices [email protected] (The Hacker News)
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside the firmware that runs security cameras, drones, industrial controllers, hardware crypto wallets, and other devices…
-

New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android [email protected] (The Hacker News)
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in the same small stretch of kernel code where Anthropic’s most powerful AI model,…
-

New Avalon Malware Framework Packs CrownX Ransomware Capabilities [email protected] (The Hacker News)
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, bringing together diverse functions under oneRead More
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova
