AI Found 21 FFmpeg Zero-Days for $1,000. Chrome Patched 429 in One Shot.
An AI agent found 21 FFmpeg zero-days for ~$1,000. That same week, Chrome 149 patched a record 429 bugs.
ThreatsThreat Intelligence Feed
-
-
Miasma Worm Tears Through 73 Microsoft GitHub Repositories
A self-replicating worm has compromised 73 Microsoft GitHub repositories across Azure, MicrosoftDocs, and related orgs, disabling developer access.
Threats -
OpenAI's Lockdown Mode Closes ChatGPT's Data Exfiltration Exits
OpenAI's new Lockdown Mode restricts outbound network features in ChatGPT to reduce prompt injection-based data exfiltration risks.
Tools -
SolarWinds Serv-U Crash Flaw Now Under Active Exploitation
CISA added CVE-2026-28318, a DoS flaw in SolarWinds Serv-U, to its KEV catalog with a federal patch deadline of June 19, 2026.
Threats -
WordPress Sites Under Fire From Everest Forms Pro Code Injection Flaw
CVE-2026-3300 in Everest Forms Pro lets unauthenticated attackers run arbitrary PHP and create rogue admin accounts.
Threats -
Your Smart TV's Idle Hours Are Selling Your Bandwidth
Free apps embed Bright Data's SDK to route web-scraping traffic through home IPs, including always-on smart TVs, with consent screens that don't match actual da
Threats
Analysis & Guides
Threats
26 Years for Dark Web Drug Sales Built on Free Meth Samples
San Jose man Darren Hughes sentenced to 26+ years for fentanyl and meth sales on Nemesis Market, paid in cryptocurrency.
Threats
900 Gas Station Gauges Are Online and Undefended
Over 900 ATG systems in the US sit exposed on the open internet, vulnerable to command execution attacks that could disable fuel leak detection.
Tools
AI in the SOC Is Everywhere and Delivering Almost Nothing
SOC-CMM 2026 data shows only 10% of security teams report excellent AI value, despite record adoption rates across every tool category.
Threats
Android Spyware Asin Targets Arabic Journalists Through Fake Conflict Apps
ESET has identified Android spyware called Asin spreading through fake news, PDF, and war map apps targeting Arabic-speaking users since early 2025.
Threats
Cisco SD-WAN Zero-Day Grants Root Access Before Patches Exist
A high-severity zero-day in Cisco Catalyst SD-WAN Manager lets low-privilege attackers escalate to root. No patch is available yet.
Threats
OP-512 Is the Fourth China-Linked Group Hitting IIS Servers This Year
A new espionage cluster called OP-512 is deploying a custom three-shell web framework against Microsoft IIS servers, with China attribution at moderate-to-high
Threats
PCPJack Built a 230-Node SMTP Relay Network Inside Cloud Infrastructure
PCPJack compromised 230 AWS, Azure, and Google Cloud servers to build a covert SMTP relay network, leaving tools exposed on an open C2 directory.