Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

GreatXML bypasses BitLocker via Defender offline scan artifacts, giving SYSTEM shell in Recovery Mode. No patch exists. Any machine that ran an offline scan is vulnerable. On June 10,... Read more »

Fortinet patched a new critical FortiSandbox flaw

Fortinet patched a critical FortiSandbox vulnerability that could let unauthenticated attackers remotely execute commands via crafted HTTP requests. Fortinet released security updates to address several vulnerabilities affecting FortiSandbox, FortiOS,... Read more »

JDY Botnet Evolves After KV Takedown, Targets Military Networks

JDY botnet scans SOHO/IoT devices globally to map services and targets, especially US military networks. Lumen’s Black Lotus Labs reported the resurgence of the JDY botnet, a covert reconnaissance... Read more »

Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088

Despite a 2025 patch, Russian-linked groups still exploit a WinRAR flaw (CVE-2025-8088) to deploy malware via phishing archives. CVE-2025-8088 is a path traversal flaw in WinRAR that lets an... Read more »

U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog. The U.S.... Read more »

Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows

The researcher Chaotic Eclipse released a PoC for the RoguePlanet Microsoft Defender zero-day, which can grant SYSTEM privileges on fully patched Windows systems. Security researcher Chaotic Eclipse, also known... Read more »

“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT devices. A group of researchers... Read more »

France’s Government Messaging App Tchap Got Breached

France’s government chat app Tchap was breached after a single account was compromised, exposing messages and data from public channels. Tchap, the encrypted messaging platform developed by the French... Read more »

Microsoft Releases Record-Breaking Patch Tuesday With 208 CVEs

Microsoft Patch Tuesday security updates for June 2026 fix a record 208 CVEs, including one actively exploited zero-day and multiple critical RCE flaws. Microsoft Patch Tuesday security updates for... Read more »

Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers

Veeam addressed a critical RCE vulnerability flaw in Backup & Replication that lets low-privileged domain users take control of backup servers. Veeam has patched a critical remote code execution... Read more »
Subscribe to our Newsletter