Latest news

Microsoft Defender “RedSun” Zero-Day (CVE-2026-33825): Unpatched Exploit Grants Full SYSTEM Access
Vulnerability

Microsoft Defender “RedSun” Zero-Day (CVE-2026-33825): Unpatched Exploit Grants Full SYSTEM Access

28 April 2026 dark6

An unpatched zero-day dubbed RedSun (CVE-2026-33825) actively exploits a flaw in Windows Defender's cloud file rollback mechanism to grant attackers...
Read more 0
Critical CVSS 9.8 Flaw in CrowdStrike LogScale Lets Unauthenticated Attackers Read Server Files
Vulnerability

Critical CVSS 9.8 Flaw in CrowdStrike LogScale Lets Unauthenticated Attackers Read Server Files

28 April 2026 dark6

CrowdStrike has issued an emergency advisory for CVE-2026-40050, a CVSS 9.8 unauthenticated path-traversal flaw in LogScale that lets remote attackers...
Read more 0
Pack2TheRoot: Critical Linux Privilege Escalation Flaw in PackageKit Affects 12+ Years of Releases (CVE-2026-41651)
Vulnerability

Pack2TheRoot: Critical Linux Privilege Escalation Flaw in PackageKit Affects 12+ Years of Releases (CVE-2026-41651)

28 April 2026 dark6

Deutsche Telekom's Red Team has disclosed Pack2TheRoot (CVE-2026-41651), a critical local privilege escalation flaw in the PackageKit daemon affecting all...
Read more 0
ShinyHunters Claims Udemy Data Breach: 1.4 Million User Records at Risk as Ransom Deadline Expires
Databreach

ShinyHunters Claims Udemy Data Breach: 1.4 Million User Records at Risk as Ransom Deadline Expires

28 April 2026 dark6

ShinyHunters has claimed a breach of Udemy affecting 1.4 million user records, setting a "Pay or Leak" ransom deadline of...
Read more 0
Bitwarden CLI npm Package Compromised in Sophisticated GitHub Actions Supply Chain Attack
Malware

Bitwarden CLI npm Package Compromised in Sophisticated GitHub Actions Supply Chain Attack

28 April 2026 dark6

Security researchers at Socket have confirmed that the official Bitwarden CLI npm package (version 2026.4.0) was tampered with via a...
Read more 0
GlassWorm Escalates: 73 New “Sleeper” Extensions Discovered on Open VSX Marketplace
Malware

GlassWorm Escalates: 73 New “Sleeper” Extensions Discovered on Open VSX Marketplace

27 April 2026 dark6

Aikido Security has identified 73 new GlassWorm "sleeper" extensions on the Open VSX marketplace, marking a dangerous escalation in a...
Read more 0
State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities
Malware

State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities

26 April 2026 dark6

Cisco Talos has uncovered an active espionage campaign by state-sponsored group UAT-4356, which chains two Cisco Firepower FXOS vulnerabilities (CVE-2025-20333...
Read more 0
CISA Adds Two Actively Exploited SimpleHelp Vulnerabilities to KEV Catalog — May 8 Patch Deadline
Vulnerability

CISA Adds Two Actively Exploited SimpleHelp Vulnerabilities to KEV Catalog — May 8 Patch Deadline

26 April 2026 dark6

CISA has added two chained vulnerabilities in SimpleHelp remote support software — CVE-2024-57726 (missing authorization) and CVE-2024-57728 (path traversal) —...
Read more 0
ADT Confirms Data Breach: ShinyHunters Claims 10 Million Records Stolen via Vishing Attack
Databreach

ADT Confirms Data Breach: ShinyHunters Claims 10 Million Records Stolen via Vishing Attack

26 April 2026 dark6

Home security giant ADT Inc. has confirmed a data breach following a ShinyHunters claim of stealing over 10 million records....
Read more 0
PhantomRPC: Unpatched Windows RPC Flaw Enables SYSTEM-Level Privilege Escalation on All Windows Versions
Vulnerability

PhantomRPC: Unpatched Windows RPC Flaw Enables SYSTEM-Level Privilege Escalation on All Windows Versions

26 April 2026 dark6

Kaspersky researchers have revealed PhantomRPC, an unpatched architectural flaw in the Windows RPC runtime that allows local privilege escalation to...
Read more 0
Kali Linux 2026.1 Released: Eight New Hacking Tools, Kernel 6.18, and Enhanced Mobile Pentesting
Vulnerability

Kali Linux 2026.1 Released: Eight New Hacking Tools, Kernel 6.18, and Enhanced Mobile Pentesting

25 April 2026 dark6

Kali Linux 2026.1 has been released with eight new hacking tools including AdaptixC2, Atomic-Operator, and MetasploitMCP, alongside the Linux 6.18...
Read more 0
Microsoft Confirms Windows Server 2025 Domain Controllers Enter Reboot Loops After April 2026 Patch
Vulnerability

Microsoft Confirms Windows Server 2025 Domain Controllers Enter Reboot Loops After April 2026 Patch

25 April 2026 dark6

Microsoft has confirmed that the April 2026 cumulative update KB5082063 causes Windows Server 2025 domain controllers to enter reboot loops,...
Read more 0