FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials

FBI says TeamPCP poisoned trusted developer tools to steal cloud credentials, spread malware through software updates, and extort victims. On July 2, 2026, the FBI published a FLASH alert... Read more »

Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs

81 Million Login Attempts, 78 Compromised Accounts: The LSHIY Password Spray Hitting Azure CLI Huntress researchers have been tracking a massive automated password spray campaign against Microsoft Azure CLI... Read more »

Hospitality Sector Hit by Phishing Campaign Using Fake Guest Complaint Emails

Microsoft warns of a phishing campaign targeting the hospitality sector with fake guest emails that install TonRAT using resilient persistence. Microsoft Threat Intelligence published a detailed analysis on an... Read more »

DirtyClone: Fourth Linux Kernel Flaw in Six Weeks Escalates to Root

DirtyClone: a Linux kernel privilege escalation that silently rewrites executables in memory, leaving no disk trace. Patch now. JFrog Security Research published a working exploit walkthrough on June 25... Read more »

Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild

Attackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access Cisco Unified Communications Manager has a serious vulnerability, tracked... Read more »

Security Affairs newsletter Round 582 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Inside GentleKiller: The EDR-Killer Powering The Gentlemen

The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ESET published a detailed breakdown of The Gentlemen‘s technical... Read more »

Tor-Based Clipper Malware Targets Wallet Seed Phrases

USB .lnk malware steals crypto via clipboard hijack, replaces wallet addresses, steals seed phrases, and screenshots. Microsoft Threat Intelligence has been tracking a clipboard-stealing malware (Clipper) campaign since February... Read more »

Cisco fixed a critical ISE vulnerability that lets attackers to gain root access

Cisco addressed CVE-2026-20181, a critical ISE vulnerability that lets authenticated admins execute commands and gain root access. Cisco addressed a critical command execution vulnerability, tracked as CVE-2026-20181 (CVSS score... Read more »

Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise

The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in... Read more »
Subscribe to our Newsletter