Linux Kernel Flaw 'Dirty Frag' Exploited in Wild; PAN-OS Zero-Day Under Active Attack; Google Spots First AI-Developed Exploit

Poland Sounds Alarm as Russian Hackers Target Water Supply Systems for Physical Disruption

Poland's Internal Security Agency (ABW) has issued a stark warning about a significant increase in cyberattacks targeting the nation's critical infrastructure, specifically water utilities. The agency confirmed that hackers, attributed to the Russian Federatio...

Citing Lack of Faith in Government, US Corporations Launch New Infrastructure Defense Alliance

A coalition of major U.S. critical infrastructure operators, including JPMorgan Chase, AT&T, and Mastercard, has launched the Alliance for Critical Infrastructure (ACI). The group aims to fill a leadership void in cybersecurity crisis planning, citing a loss o...

UK Water Company Fined £1M After Cl0p Lurked on Network for 20 Months Undetected

The UK's Information Commissioner's Office (ICO) has fined South Staffordshire Water nearly £1 million for extensive data protection failures that led to a major cyberattack by the Cl0p ransomware group. An attacker gained access via a malicious email in Septe...

Critical Flaw in Cline AI Agent Lets Any Website Hijack Developer Workspaces

A critical vulnerability (CVSS 9.7) has been discovered in Cline, a popular open-source AI coding agent. The flaw resided in the agent's local Kanban server, whose WebSocket connections lacked proper origin validation. This allowed any website visited by a dev...

Unit 42: Frontier AI Models Can Autonomously Find Zero-Days, Posing Major Threat to Software Security

Update:Google's Threat Analysis Group (GTIG) has discovered and thwarted what is believed to be the first zero-day exploit actively developed by AI. The exploit targeted a critical vulnerability in a popular open-source web administration tool, designed to bypass two...

MOVEit Automation Hit with Critical 9.8 CVSS Auth Bypass Flaw (CVE-2026-4670)

Update:New information confirms that the critical authentication bypass (CVE-2026-4670) and high-severity privilege escalation (CVE-2026-5174) in MOVEit Automation can be chained by an unauthenticated attacker to gain full administrative control over the system. Prog...

Critical Palo Alto Networks Zero-Day (CVE-2026-0300) Actively Exploited for RCE

Update:The CVSS score for CVE-2026-0300 has been updated from 9.3 to 9.8, reflecting an increased critical impact. Exploitation is now attributed to sophisticated state-sponsored threat actors, indicating a higher level of threat. Palo Alto Networks has released Thre...

Iranian APT MuddyWater Masquerades as Ransomware Group in Microsoft Teams-Based Espionage Campaign

Update:New analysis by Rapid7 reinforces the attribution of the MuddyWater false flag operation, which masquerades as Chaos ransomware, to the Iranian state-sponsored group. A key finding explicitly links the 'Donald Gay' code-signing certificate, used in the campaig...

ShinyHunters' Extortion Attack on Canvas Cripples 9,000 Schools, Exposing Student Data

Update:Further analysis of the Canvas LMS breach by ShinyHunters reveals more specific attack techniques. The initial access via 'Free-For-Teacher' accounts is now linked to MITRE T1078 (Valid Accounts), followed by T1098.005 (Cloud Accounts) for privilege escalation...

Braintrust AI Platform Breach Exposes Customer API Keys in AWS Account

Update:Further analysis of the Braintrust AI platform breach reveals additional MITRE ATT&CK techniques involved, including T1528 (Steal Application Access Token), T1539 (Steal Web Session Cookie), and T1496 (Resource Hijacking). The report highlights the potential f...

Report Details "Operation HookedWing," a Four-Year Phishing Campaign Targeting 500+ Organizations

Update:Further analysis of the 'Operation HookedWing' phishing campaign reveals advanced technical details. Threat actors utilize a custom phishing kit with dynamically loaded C2 server locations via external JavaScript, making detection more challenging. In addition...