Skip to content
Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

Ravie LakshmananJun 27, 2026Messaging Security / Cyber Espionage The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to… 

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys

Swati KhandelwalJun 26, 2026Secure Messaging / Social Engineering The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over… 

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks

A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the… 

Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign

Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign

Ravie LakshmananJun 26, 2026Cyber Espionage / Malware A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical… 

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

Swati KhandelwalJun 26, 2026AI Security / Vulnerability A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud credentials. The path was short: a developer opens the repo,… 

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

Swati KhandelwalJun 26, 2026Linux / Vulnerability A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is an out-of-bounds write in the… 

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

Ravie LakshmananJun 26, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management… 

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets

Swati KhandelwalJun 26, 2026Linux / Vulnerability DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for…