“An operator tied to FortiBleed’s infrastructure was found actively working negotiation panels for both groups, tying mass FortiGate credential theft directly to ransomware deployment
Category Added in a WPeMatico Campaign
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the attacker a shell on your machine. YesWeHack and
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
The vulnerability, tracked as CVE-2026-45659 (CVSS score: 8.8), is a case of remote code execution arising from the deserialization of untrusted data. The issue
Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
Synacktiv, which found the bug, says it can lead to a full cluster takeover. There is no fix and no CVE. The firm says it reported the flaw to Argo CD’s maintainers in
19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
Peter Stokes, 19, a dual U.S. and Estonian citizen, appeared in a Chicago federal court on June 30, where a judge ordered him held in custody.
Finnish police
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
Kaspersky said the activity is part of a “massive, multi-domain, multi-language” campaign that distributes malicious installer archives hosted on spoofed websites.
These installers masquerade as popular software like OBS Studio, DNS Jumper, DS4Windows, and Bandicam, among others.
VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer
The activity has been codenamed VEIL#DROP by Securonix. It’s suspected that the initial payloads are distributed either via spear-phishing or a drive-by compromise, which occurs when an unsuspecting user lands on
Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures
It opens with a phishing PDF disguised as a corrupted file, checks that the visitor is really in Spain or Portugal, and hides its real payload inside an image.
The goal is the usual one: steal banking logins and take
Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic
The ColdFusion updates “resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass,” Adobe said in an alert released Tuesday.
The vulnerabilities are listed
Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands
Cato AI Labs found the pair and named them DuneSlide. They are tracked as CVE-2026-50548 and CVE-2026-50549, both rated 9.8 out of 10 (or 9.3
