Active Zero-Day Exploits Target Microsoft Defender & Windows; Widespread Supply Chain Attacks Hit Open-Source Ecosystems

New 'Underminr' Flaw in CDNs Puts 88 Million Domains at Risk of Evasive Attacks

A newly disclosed vulnerability named 'Underminr' affects shared Content Delivery Network (CDN) infrastructure, enabling a sophisticated form of domain fronting. The flaw allows attackers to hide malicious command-and-control (C2) traffic behind an estimated 8...

Laravel-Lang Supply Chain Attack Injects Credential Stealer into 233 Package Versions

A major supply chain attack has targeted the popular Laravel-Lang project, used for language localization in the Laravel PHP framework. Attackers compromised 233 version tags across three key repositories, injecting a multi-stage credential-stealing payload. T...

Packagist Supply Chain Attack Uses Clever Evasion to Infect PHP Projects with Linux Malware

A coordinated supply chain attack has compromised at least eight packages on Packagist, the main PHP package repository. The attackers modified the packages to download and execute a Linux binary hosted on GitHub. In a clever evasion tactic, the malicious code...

Critical Unauthenticated SQLi Flaw in Drupal Core Hits PostgreSQL Sites

The Drupal project has released security updates to patch a critical SQL injection vulnerability, tracked as CVE-2026-9082. The flaw affects Drupal Core sites that use a PostgreSQL database backend. It can be exploited by an unauthenticated, anonymous user, ma...

Gartner Names LinkShadow a 'Visionary' in 2026 Magic Quadrant for Network Detection and Response

The technology research firm Gartner has positioned LinkShadow in the Visionaries Quadrant of its 2026 Magic Quadrant for Network Detection and Response (NDR). This recognition highlights LinkShadow's completeness of vision and ability to execute in the compet...

New 'MiniPlasma' Windows Zero-Day Resurrects Patched Flaw for Full System Control

Update:The 'MiniPlasma' Windows zero-day, previously reported with a public PoC, is now confirmed to be actively exploited in the wild. This escalation significantly increases the threat level, as attackers are leveraging the vulnerability to gain SYSTEM privileges o...

Microsoft and FBI Takedown 'Fox Tempest' Malware-Signing Service Fueling Ransomware Attacks

Update:Microsoft has confirmed that over 1,000 malicious code-signing certificates associated with the Fox Tempest Malware-Signing-as-a-Service (MSaaS) platform were revoked as part of the recent takedown operation. This specific number highlights the scale of the di...

Massive HIPAA Breach Wave Hits U.S. Healthcare, Exposing Thousands of Patient Records

Update:This update details additional breaches impacting the healthcare sector, bringing the total to at least nine HIPAA-regulated entities. Notably, the University of Nebraska Medical Center (UNMC) disclosed a breach affecting 26,937 individuals due to an exploited...

New 'Aur0ra' Ransomware Emerges with Stealthy Dual-Extortion Tactics

Update:A new report from CYFIRMA confirms that the Aur0ra ransomware explicitly deletes Volume Shadow Copies using the command `vssadmin.exe Delete Shadows /all /quiet` to hinder recovery efforts. This provides a more concrete indicator for detection and response. Th...

Actively Exploited Microsoft Defender Flaws Allow Privilege Escalation, Evasion

Update:Microsoft has deployed emergency security updates to address the actively exploited CVE-2026-41091 and CVE-2026-45498 vulnerabilities in Microsoft Defender. These patches are rolling out automatically, but administrators should verify successful deployment. Fo...