2+ day, 20+ hour ago  (444+ words) Flipper Devices has officially unveiled'Flipper One, a modular, Linux-based cyberdeck designed to push the boundaries of open hardware and portable network analysis platforms. Flipper One is not an upgrade but a separate platform built for IP-based operations (Layer 1), focusing on…...

1+ day, 14+ hour ago  (376+ words) Microsoft Threat Intelligence disclosed the full attack chain on May 22, 2026, documenting how a single compromised edge appliance cascaded into domain-level compromise spanning Linux hosts, an internal Atlassian Confluence server, and Windows authentication systems. In the documented incident, investigators traced the…...

1+ day, 15+ hour ago  (407+ words) A critical zero-day privilege escalation vulnerability in the Lite Speed User-End c Panel plugin is being actively exploited in the wild, enabling any authenticated c Panel user to execute arbitrary scripts as'root'and gain full server control. Tracked as'CVE-2026-48172'with a…...

1+ day, 15+ hour ago  (489+ words) Ubiquiti has released urgent security patches for five critical and high-severity vulnerabilities across its Uni Fi OS platform, addressing flaws that could allow remote attackers to execute arbitrary commands and escalate privileges on a wide range of Uni Fi devices....

1+ day, 16+ hour ago  (271+ words) Financially motivated threat actors are running an active campaign that impersonates Google's Gemini CLI and Anthropic's Claude Code, using SEO poisoning to deliver a fileless Power Shell infostealer to developer workstations worldwide. First identified in early March 2026 by Eclectic IQ…...

1+ day, 17+ hour ago  (276+ words) A sophisticated and active supply chain attack has struck the Laravel-Lang open-source organization, compromising over 700 historical package versions across four widely used PHP localization repositories. The attack, detected on May 22, 2026, and reported by both'Aikido Security'and'the Socket Research Team, introduces a…...

1+ day, 19+ hour ago  (441+ words) Anthropic has published an update on Project Glasswing, its collaborative AI-powered vulnerability discovery initiative launched last month, revealing that Claude Mythos, the company's most capable and tightly restricted model, has already surfaced more than 10, 000 high- or critical-severity zero-day vulnerabilities across…...

3+ day, 20+ hour ago  (328+ words) A newly disclosed attack technique dubbed'Ghost Tree'is raising concerns among defenders after researchers demonstrated how it can disrupt endpoint detection and response (EDR) tools and bypass file scanning mechanisms on Windows systems. The technique, discovered by Varonis Threat Labs, abuses…...

2+ day, 11+ hour ago  (329+ words) The flaw, first reported in late 2022 by security researcher Lyra Rebane, remains unresolved after more than three years, exposing millions of users of Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera. The issue has been classified as…...

2+ day, 13+ hour ago  (352+ words) This multi-vector approach allows them to bypass perimeter defenses, blend in with legitimate traffic, and maintain long-term persistence for espionage and disruptive operations. Russian operators continue to abuse exposed remote access services, such as RDP and VPN gateways, to gain…...