100 News Cybersecurity Radar
Cybersecurity, threat intelligence, AI security, privacy, vulnerabilities, malware research and critical infrastructure.
[remote] Hydra - Stack Buffer Overflow
Hydra - Stack Buffer Overflow
Read original →[webapps] WordPress Bricks Builder Theme - RCE
WordPress Bricks Builder Theme - RCE
Read original →[webapps] Tenable Nessus 10.12.1 - SQL Injection
Tenable Nessus 10.12.1 - SQL Injection
Read original →[webapps] Discuz! X5.0 - Authentication Bypass
Discuz! X5.0 - Authentication Bypass
Read original →[webapps] Flowise 3.1.3 - arbitrary code execution
Flowise 3.1.3 - arbitrary code execution
Read original →
'BusySnake' Infostealer Slithers into Critical Infrastructure Networks
A threat group researchers call "Armored Likho" has gained access to government agencies and electrical power entities in Russia, Brazil, and Kazakhstan.
Read original →
CitrixBleed-ing Again? NetScaler Vulnerability Under Attack
Attackers wasted little time targeting the latest memory disclosure flaw in Citrix's NetScaler products, after researchers published a proof-of-concept exploit (PoC).
Read original →Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks
Securonix says the sophisticated framework abuses compromised websites, Blogspot, PowerShell, and fileless techniques to evade detection and deploy the PureLog information stealer. The post...
Read original →
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed...
Read original →
US Army websites defaced with pro-Kurdish sentiments, insults to Trump
At least two websites appear to be victim to 404 hijacking attacks. Army officials took the sites down after being contacted by CyberScoop. The...
Read original →
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel...
Read original →
JadePuffer: The First Complete LLM-Driven Ransomware Attack
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.
Read original →
5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management
Read five key learnings from the Frost & Sullivan 2025 Frost Radar™ for CSPM to learn how CSPM is evolving from point-in-time compliance to...
Read original →The Shift Toward Business-Aligned Risk Management
Moving from isolated, technical data to a continuous risk lifecycle can help organizations align security controls with actual business consequences. The post The Shift...
Read original →Sysdig clocks first documented case of agentic ransomware
The AI agent didn’t accomplish every step in the late June 2026 attack, but it allowed the threat actor to significantly reduce complexity, speed...
Read original →RCS and DNS: The NAPTR Record, (Mon, Jul 6th)
Over the last year, with recent updates to iOS and Android, RCS (Rich Communication Services) has become an increasingly used protocol [1]. RCS is...
Read original →ISC Stormcast For Monday, July 6th, 2026 https://isc.sans.edu/podcastdetail/9994, (Mon, Jul 6th)
Read original →France to Stop Certifying Non-Quantum-Safe Encryption
France is accelerating its transition to post-quantum encryption: France’s cybersecurity agency ANSSI said on Tuesday it would stop certifying security products that lack quantum-resistant...
Read original →Finding vulnerabilities was never the hard part
AI is surfacing vulnerabilities at a scale the industry has never seen, and most organizations have no way to determine which ones actually matter....
Read original →How AI-leading Security Teams Are Building the Agentic SOC
Read original →[local] Windows Defender (MsMpEng.exe) - Race Condition
Windows Defender (MsMpEng.exe) - Race Condition
Read original →[webapps] KeepInMind 0.8.4.2 - Stored XSS
KeepInMind 0.8.4.2 - Stored XSS
Read original →
Chinese LLMs Broaden the Gap Between Attackers & Defenders
Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?
Read original →Cyber readiness for SMBs: Getting the basics right
AI is changing cybercrime, but SMB cyber readiness still largely depends on closing the familiar gaps
Read original →


