Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS

08/07/2026 0 Comments 0 tags

Ubiquiti has shipped updates to address multiple critical security flaws impacting UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS that could result in privilege escalation and arbitrary

SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users

08/07/2026 0 Comments 0 tags

A new banking fraudulent operation is targeting customers of Mexican banks, fintech, payment processors, and cryptocurrency exchanges using ClickFix lures. The activity cluster, tracked by Elastic Security Labs under the

New Ghost Phishing Wave Is Breaking Traditional Email Security

08/07/2026 0 Comments 0 tags

A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This “ghost phishing” technique keeps the malicious page hidden until it

GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code

08/07/2026 0 Comments 0 tags

An AI coding assistant that refuses to answer a dangerous request in its chat box can answer it anyway if the same request is broken into small, ordinary-looking steps inside

The Verification Step Is the New ATO Battleground in 2026

08/07/2026 0 Comments 0 tags

For years, account takeover (ATO) followed a predictable script. Attackers bought stolen credentials in bulk, ran them through automated tools, and waited for matches. Credential stuffing was cheap, scalable, and

GitHub ‘Verified’ Commits Can Be Rewritten Into New Hashes Without Breaking Signatures

08/07/2026 0 Comments 0 tags

New research shows that a signed Git commit’s hash is not the one-of-a-kind name that much of the software world assumes it to be. Given any signed commit, someone without

China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

08/07/2026 0 Comments 0 tags

A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box (ORB) network by breaking into internet-facing networking devices. According to findings

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

08/07/2026 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities are listed

15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

08/07/2026 0 Comments 0 tags

Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched. The vulnerable code has

Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

07/07/2026 0 Comments 0 tags

A critical flaw in Google’s Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud