CVE-2026-31431 (Copy Fail) lets any unprivileged Linux user gain root via a 732-byte Python PoC — no race, no offsets, no disk artifacts. Affects every distro since 2017.
Read More
TeamPCP exploited a permissive npm OIDC trust policy to poison SAP's mbt and @cap-js packages, exfiltrating cloud and developer secrets to victim-owned GitHub repos. Here's the full attack chain and how to detect it.
Read More
Trojanized LiteLLM releases on PyPI enabled data exfiltration with Kubernetes persistence—here’s the full attack chain and how to check if you’re affected.
Read More
Axios npm package compromised—attackers hijacked the maintainer’s account and injected a phantom dependency that dropped a cross-platform RAT. Here’s the full attack chain.
Read More
Check Point found ChatGPT’s code sandbox could leak data via DNS. Separately, Codex’s branch name field allowed command injection to steal GitHub tokens.
Read More
A custom .NET RAT dubbed CTRL uses weaponized Windows shortcuts to hijack RDP sessions via FRP tunnels—here’s the full attack chain and how to defend against it.
Read More
Red Menshen’s upgraded BPFdoor backdoor embeds kernel-level sleeper cells in telecom networks worldwide. Here’s how it works and how to detect it.
Read More
Uncover the decade‑long MSS‑backed campaign targeting Southeast Asian critical infrastructure—USBFect, Bronze Mohawk, and more.
Read More
Telegram zero‑click RCE flaw (ZDI‑CAN‑30207) exposes users to full system compromise—update now or disable media auto‑download.
Read More
Handala Hack exposes how Iranian actors leveraged Intune admin rights and Telegram C2 to wipe 200k systems—here’s the technical deep dive.
Read MorePage 1 of 2 • Showing 1 to 10 of 18 posts
