Threats

An AI agent found 21 FFmpeg zero-days for ~$1,000. That same week, Chrome 149 patched a record 429 bugs.

A self-replicating worm has compromised 73 Microsoft GitHub repositories across Azure, MicrosoftDocs, and related orgs, disabling developer access.

CISA added CVE-2026-28318, a DoS flaw in SolarWinds Serv-U, to its KEV catalog with a federal patch deadline of June 19, 2026.

CVE-2026-3300 in Everest Forms Pro lets unauthenticated attackers run arbitrary PHP and create rogue admin accounts.

Free apps embed Bright Data's SDK to route web-scraping traffic through home IPs, including always-on smart TVs, with consent screens that don't match actual da

San Jose man Darren Hughes sentenced to 26+ years for fentanyl and meth sales on Nemesis Market, paid in cryptocurrency.

Over 900 ATG systems in the US sit exposed on the open internet, vulnerable to command execution attacks that could disable fuel leak detection.

ESET has identified Android spyware called Asin spreading through fake news, PDF, and war map apps targeting Arabic-speaking users since early 2025.

A high-severity zero-day in Cisco Catalyst SD-WAN Manager lets low-privilege attackers escalate to root. No patch is available yet.

A new espionage cluster called OP-512 is deploying a custom three-shell web framework against Microsoft IIS servers, with China attribution at moderate-to-high

PCPJack compromised 230 AWS, Azure, and Google Cloud servers to build a covert SMTP relay network, leaving tools exposed on an open C2 directory.

Polyfill.io reactivated in late May 2026, serving HTTP 401 prompts that tricked browsers on Toshiba and Muji sites into showing fake login screens.