Spirals Ransomware: From First Foothold to Full Encryption in Under 24 Hours
A newly identified ransomware strain called Spirals encrypted an entire IT services company's network in South Asia within a single day, using an IIS web shell, tunneling tools,...
Hugging Face Breach Reveals a New Front: AI Agents Attacking, AI Agents Defending
Hugging Face has confirmed a production infrastructure intrusion driven by an autonomous AI agent, exploiting two flaws in its dataset processing pipeline. The company's own AI-based forensic analysis...
Citrix Patches Privilege Escalation Flaw That Hands Standard Users Full SYSTEM Control
Cloud Software Group has disclosed two vulnerabilities in Citrix Secure Access and Endpoint Analysis clients for Windows, including a high-severity flaw (CVSS 8.5) that lets a low-privileged local...
Inside NadMesh: The Shodan-Powered Botnet Hunting Exposed AI Servers
Researchers at XLab have identified NadMesh, a Go-based botnet that uses Shodan to hunt down exposed AI and MCP infrastructure before hijacking it with more than 20 exploitation...
EY Notifies Clients After Breach of IT Support Platform Exposes Tax Documents
Ernst & Young is notifying clients that attackers accessed a third-party IT support ticketing platform for roughly two weeks this spring, downloading documents containing sensitive tax and investment...
Coca-Cola’s Fairlife Brand Halts US Production After Ransomware Hits Manufacturing Systems
Coca-Cola disclosed in an SEC filing that its Fairlife dairy subsidiary suffered a ransomware attack that forced a temporary halt of US production, while Canadian operations continued unaffected....
Unpatched LegacyHive Bug Lets Standard Windows Users Hijack Admin Accounts
A newly disclosed Windows zero-day called LegacyHive abuses the User Profile Service to let a low-privileged user tamper with an administrator's registry hive, opening a path to persistence...
CISA Confirms Active Exploitation of Critical SharePoint Deserialization Flaw
CISA has added CVE-2026-58644, a critical unauthenticated remote code execution flaw in Microsoft SharePoint, to its Known Exploited Vulnerabilities catalog after confirming real-world attacks. Federal agencies must remediate...