Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
How CVE-2026-53359 Lets KVM Guests Crash the Host
A use-after-free vulnerability (CVE-2026-53359) has been discovered in the KVM hypervisor of the Linux kernel, allowing a guest virtual machine ...
CVE-2026-20896 in Gitea Docker Images: No-Auth Account Takeover
A critical vulnerability CVE-2026-20896 with a CVSS 9.8 score has been discovered in Docker images of the Gitea platform. It ...
How Operation DragonReturn Uses DCRat to Exploit India’s Tax Season
Researchers at Seqrite Labs have uncovered a multi-stage phishing campaign code-named Operation DragonReturn, targeting Indian taxpayers, tax professionals, and corporate ...
CVE-2026-46242 Bad Epoll: Local Root via Linux epoll Race
A vulnerability CVE-2026-46242 has been discovered in the Linux kernel’s epoll subsystem, dubbed Bad Epoll. It is a use-after-free bug ...
TrojPix reveals fast RF exfiltration from air-gapped PCs
Researchers from Shandong University have presented TrojPix, a data exfiltration technique for physically isolated (air-gapped) computers that uses imperceptible pixel ...
Inside QuimaRAT, a MaaS Java RAT for Windows, Linux and macOS
Researchers at LevelBlue have identified a new cross-platform remote access trojan QuimaRAT, written in Java and targeting Windows, Linux and ...
Why Static Scanners Miss Malicious Skills for AI Coding Agents
Static scanners designed to detect malicious add-on “skills” for AI programming agents such as Claude Code, OpenAI Codex, and OpenClaw ...
How a GX Mods bug in Opera GX exposed Gmail addresses
Opera has fixed a critical vulnerability in the GX Mods mechanism of its gaming browser Opera GX, which allowed a ...
Inside the Kairos Data-Extortion Case Against a US County
A government entity in the US paid about $1 million to extortionists who, according to researchers, did not encrypt a ...
Gaslight: Rust-Based macOS Backdoor Targeting Analyst LLM Tools
Researchers at SentinelOne have discovered a previously unknown family of malware for macOS called Gaslight, which combines backdoor and infostealer ...