Latest news

Accenture Data Breach: Hackers Claim Theft of 35 GB of Source Code and Azure Credentials
Databreach

Accenture Data Breach: Hackers Claim Theft of 35 GB of Source Code and Azure Credentials

8 July 2026 dark6

A threat actor known as "888" claims to have stolen 35 GB of Accenture source code, RSA/SSH keys, and Azure...
The Gentlemen Ransomware: Custom EDR/AV Killers Fuel Rapid Global Expansion
Ransomware

The Gentlemen Ransomware: Custom EDR/AV Killers Fuel Rapid Global Expansion

8 July 2026 dark6

The Gentlemen ransomware group, tracked by Microsoft as Storm-2697, has claimed over 500 victims in 70+ countries using a custom...
GitLost: How a Single GitHub Issue Can Trick AI Agents Into Leaking Private Repos
Vulnerability

GitLost: How a Single GitHub Issue Can Trick AI Agents Into Leaking Private Repos

8 July 2026 dark6

Researchers at Noma Labs disclosed GitLost, a prompt-injection flaw that let a single crafted GitHub Issue trick AI-powered Agentic Workflows...
Rogue Agent: Critical GCP Dialogflow Flaw Let Attackers Inject Malicious Code Into AI Chatbots
Vulnerability

Rogue Agent: Critical GCP Dialogflow Flaw Let Attackers Inject Malicious Code Into AI Chatbots

8 July 2026 dark6

Varonis Threat Labs disclosed a critical Dialogflow CX flaw, dubbed Rogue Agent, that let attackers with a single edit permission...
Cavern Manticore: Iranian-Linked APT Abuses SysAid RMM and DLL Sideloading to Deploy Modular C2 Framework
Malware

Cavern Manticore: Iranian-Linked APT Abuses SysAid RMM and DLL Sideloading to Deploy Modular C2 Framework

7 July 2026 dark6

A newly identified Iranian-linked group, Cavern Manticore, is abusing the SysAid RMM platform and DLL sideloading via WinDirStat to deploy...
Januscape: 16-Year-Old Linux KVM Flaw (CVE-2026-53359) Lets Malicious VMs Corrupt Host Kernel Memory
Vulnerability

Januscape: 16-Year-Old Linux KVM Flaw (CVE-2026-53359) Lets Malicious VMs Corrupt Host Kernel Memory

7 July 2026 dark6

A 16-year-old flaw in Linux KVM, tracked as CVE-2026-53359 and dubbed Januscape, lets a malicious guest VM corrupt host kernel...
Tenda Router Backdoor (CVE-2026-11405) Lets Attackers Skip Login and Seize Full Admin Control
Vulnerability

Tenda Router Backdoor (CVE-2026-11405) Lets Attackers Skip Login and Seize Full Admin Control

7 July 2026 dark6

A hardcoded authentication backdoor in Tenda FH1201, W15E, AC10, AC5, and AC6 routers (CVE-2026-11405) lets attackers log in as admin...
Critical BeyondTrust Flaws (CVSS 9.2) in Remote Support and PRA Let Attackers Bypass Access Controls
Vulnerability

Critical BeyondTrust Flaws (CVSS 9.2) in Remote Support and PRA Let Attackers Bypass Access Controls

7 July 2026 dark6

BeyondTrust disclosed critical flaws (advisory BT26-03, CVSS 9.2) in Remote Support and Privileged Remote Access that let limited-privilege users bypass...
New “Bad Epoll” Linux Zero-Day Lets Local Users Root Servers and Android Devices
Vulnerability

New “Bad Epoll” Linux Zero-Day Lets Local Users Root Servers and Android Devices

6 July 2026 dark6

A newly disclosed Linux kernel flaw dubbed “Bad Epoll” (CVE-2026-46242) lets a local, unprivileged user escalate to root on Linux...
PamStealer: New macOS Infostealer Disguises Itself as the Maccy Clipboard Manager
Malware

PamStealer: New macOS Infostealer Disguises Itself as the Maccy Clipboard Manager

6 July 2026 dark6

PamStealer is a newly discovered macOS infostealer that impersonates the Maccy clipboard manager, using a two-stage AppleScript-to-Rust infection chain to...
Seven New CVEs in FatFs Filesystem Driver Put Millions of Embedded and IoT Devices at Risk
Vulnerability

Seven New CVEs in FatFs Filesystem Driver Put Millions of Embedded and IoT Devices at Risk

6 July 2026 dark6

runZero has disclosed seven new CVEs in FatFs, the FAT/exFAT filesystem driver used across ESP-IDF, STM32Cube, Zephyr, MicroPython, and countless...
New T3MP3ST Framework Turns AI Coding Agents Into Autonomous 0-Day Hunters
AI

New T3MP3ST Framework Turns AI Coding Agents Into Autonomous 0-Day Hunters

6 July 2026 dark6

T3MP3ST, a new open-source framework, turns AI coding agents like Claude Code and Codex into autonomous red-teaming operators, claiming strong...