Secure Bulletin Navigating the cyber sea with knowledge
Home
Latest news

Accenture Data Breach: Hackers Claim Theft of 35 GB of Source Code and Azure Credentials

8 July 2026  |  dark6  |  Databreach

A threat actor known as "888" claims to have stolen 35 GB of Accenture source code, RSA/SSH keys, and Azure access tokens, offering the data for sale in...

>> read more

The Gentlemen Ransomware: Custom EDR/AV Killers Fuel Rapid Global Expansion

8 July 2026  |  dark6  |  Ransomware

The Gentlemen ransomware group, tracked by Microsoft as Storm-2697, has claimed over 500 victims in 70+ countries using a custom EDR/AV-killing toolkit called GentleKiller and a self-propagating worm...

>> read more

GitLost: How a Single GitHub Issue Can Trick AI Agents Into Leaking Private Repos

8 July 2026  |  dark6  |  Vulnerability

Researchers at Noma Labs disclosed GitLost, a prompt-injection flaw that let a single crafted GitHub Issue trick AI-powered Agentic Workflows into leaking private repository contents publicly, using a...

>> read more

Rogue Agent: Critical GCP Dialogflow Flaw Let Attackers Inject Malicious Code Into AI Chatbots

8 July 2026  |  dark6  |  Vulnerability

Varonis Threat Labs disclosed a critical Dialogflow CX flaw, dubbed Rogue Agent, that let attackers with a single edit permission inject persistent malicious code into shared chatbot execution...

>> read more

Cavern Manticore: Iranian-Linked APT Abuses SysAid RMM and DLL Sideloading to Deploy Modular C2 Framework

7 July 2026  |  dark6  |  Malware

A newly identified Iranian-linked group, Cavern Manticore, is abusing the SysAid RMM platform and DLL sideloading via WinDirStat to deploy a modular C2 framework against Israeli organizations. Check...

>> read more

Januscape: 16-Year-Old Linux KVM Flaw (CVE-2026-53359) Lets Malicious VMs Corrupt Host Kernel Memory

7 July 2026  |  dark6  |  Vulnerability

A 16-year-old flaw in Linux KVM, tracked as CVE-2026-53359 and dubbed Januscape, lets a malicious guest VM corrupt host kernel memory via a use-after-free in the shadow MMU's...

>> read more

Tenda Router Backdoor (CVE-2026-11405) Lets Attackers Skip Login and Seize Full Admin Control

7 July 2026  |  dark6  |  Vulnerability

A hardcoded authentication backdoor in Tenda FH1201, W15E, AC10, AC5, and AC6 routers (CVE-2026-11405) lets attackers log in as admin with any username. The undocumented flaw sits in...

>> read more

Critical BeyondTrust Flaws (CVSS 9.2) in Remote Support and PRA Let Attackers Bypass Access Controls

7 July 2026  |  dark6  |  Vulnerability

BeyondTrust disclosed critical flaws (advisory BT26-03, CVSS 9.2) in Remote Support and Privileged Remote Access that let limited-privilege users bypass access controls. Cloud customers were auto-patched in April...

>> read more