TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development

15/07/2026 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things (IoT) botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance from a large language model

OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps

15/07/2026 0 Comments 0 tags

A malware framework called OkoBot has been running on Windows machines since April 2025, and one of its modules is built to con hardware wallet owners out of their recovery

Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws

15/07/2026 0 Comments 0 tags

Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published. The vulnerabilities are listed below – CVE-2026-15718, an invalid

New Webinar: Closing the Approval Gap in AI-Era Ad Tech

15/07/2026 0 Comments 0 tags

A single approved marketing tag can quietly load fourth-party code your security team has never seen, granting full access to your forms, customer data, and checkout pages. This on-demand webinar

Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday

15/07/2026 0 Comments 0 tags

Security researcher Chaotic Eclipse (aka Nightmare-Eclipse) has released a new proof-of-concept (PoC) exploit called LegacyHive. It has been described as a Windows User Profile Service arbitrary hive load elevation of

SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.

15/07/2026 0 Comments 0 tags

For years, routing traffic through cloud proxies was good enough. Then work moved to the browser, AI entered the workflow, and the inspection model stopped keeping up. Enterprise workflows now

Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution

15/07/2026 0 Comments 0 tags

Open a repository in Cursor on Windows and, if a file named git.exe is sitting in the project root, Cursor runs it. No click, no approval dialog, no warning that anything in the

Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware

15/07/2026 0 Comments 0 tags

Four compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security, SafeDep, Socket, and StepSecurity. The affected packages are

Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

15/07/2026 0 Comments 0 tags

SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution. The

Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack

14/07/2026 0 Comments 0 tags

Microsoft shipped its largest Patch Tuesday on record today, and two of the fixes close holes that attackers are already exploiting. The release covers 622 of Microsoft’s own CVEs by