Secure Bulletin Navigating the cyber sea with knowledge
Home
Latest news

SonicWall SMA1000 Zero-Days Under Active Attack: Perfect-10 Flaw Chained for Root Access

17 July 2026  |  dark6  |  Vulnerability

Attackers were exploiting a maximum-severity SonicWall SMA1000 flaw before the vendor's advisory even landed, chaining it with a privilege-escalation bug to seize root and pivot into corporate Active...

>> read more

Critical 7-Zip Flaw Lets Booby-Trapped Archives Hijack Your System

17 July 2026  |  dark6  |  Vulnerability

A newly patched 7-Zip vulnerability lets attackers achieve remote code execution simply by getting a victim to open a maliciously crafted compressed file. With 7-Zip installed on millions...

>> read more

CISA Sounds Alarm as Attackers Exploit Critical FortiSandbox Command Injection Flaws

17 July 2026  |  dark6  |  Vulnerability

CISA has confirmed active exploitation of two OS command injection vulnerabilities in Fortinet's FortiSandbox product line, adding both to its Known Exploited Vulnerabilities catalog and giving federal agencies...

>> read more

Scattered Spider Duo Sentenced Over £29 Million Transport for London Cyberattack

17 July 2026  |  dark6  |  Cybercrime

Two young members of the Scattered Spider hacking collective have been jailed for over five years each after a 2024 breach knocked out 148 Transport for London systems...

>> read more

Accenture Data Breach: Hackers Claim Theft of 35 GB of Source Code and Azure Credentials

8 July 2026  |  dark6  |  Databreach

A threat actor known as "888" claims to have stolen 35 GB of Accenture source code, RSA/SSH keys, and Azure access tokens, offering the data for sale in...

>> read more

The Gentlemen Ransomware: Custom EDR/AV Killers Fuel Rapid Global Expansion

8 July 2026  |  dark6  |  Ransomware

The Gentlemen ransomware group, tracked by Microsoft as Storm-2697, has claimed over 500 victims in 70+ countries using a custom EDR/AV-killing toolkit called GentleKiller and a self-propagating worm...

>> read more

GitLost: How a Single GitHub Issue Can Trick AI Agents Into Leaking Private Repos

8 July 2026  |  dark6  |  Vulnerability

Researchers at Noma Labs disclosed GitLost, a prompt-injection flaw that let a single crafted GitHub Issue trick AI-powered Agentic Workflows into leaking private repository contents publicly, using a...

>> read more

Rogue Agent: Critical GCP Dialogflow Flaw Let Attackers Inject Malicious Code Into AI Chatbots

8 July 2026  |  dark6  |  Vulnerability

Varonis Threat Labs disclosed a critical Dialogflow CX flaw, dubbed Rogue Agent, that let attackers with a single edit permission inject persistent malicious code into shared chatbot execution...

>> read more