Intelligence · Updated daily
AI-analysed threats, vulnerabilities and campaigns. Not just what happened — what it means, who's affected, and what to do about it.
The shell-quote library fails to escape line terminators in object token `.op` fields, allowing callers who pass attacker-controlled object tokens to `quote()` to inject shell commands. The vulnerability exists in documented API surface and bypasses the intended shell-safety boundary.
Unit 42 research demonstrates practical techniques for disabling or manipulating cloud logging services (AWS CloudTrail, Azure Monitor, GCP Cloud Logging) to evade detection. This represents a critical post-compromise capability that undermines forensic investigation and compliance monitoring.
Microsoft's latest Patch Tuesday addressed 200 vulnerabilities, but three were publicly disclosed before patches became available, creating an active exploitation window. This pattern highlights coordination failures in coordinated disclosure processes.
Six vulnerabilities in protobuf.js, a widely-used Protocol Buffers library for JavaScript/TypeScript, allow remote code execution and denial-of-service attacks when processing malicious protobuf schemas or payloads. The widespread adoption of protobuf.js in Node.js applications makes this a significant supply-chain concern.
Anyquery's chrome_tabs plugin fails to escape user-supplied URLs before interpolating them into AppleScript templates executed via osascript, allowing authenticated local users to inject arbitrary AppleScript commands and achieve OS-level code execution on macOS.
nebula-mesh API endpoints lack per-resource ownership validation, trusting only bearer tokens for authorization. This allows any operator API key to escalate privileges by minting admin keys or hijacking resources across tenant boundaries.
CISA is issuing a binding operational directive requiring federal agencies to prioritise vulnerability remediation based on new assessment criteria, deprioritising certain vulnerabilities whilst elevating others. This represents a significant shift in how the US federal government allocates security resources.
Anthropic has released Claude Fable 5, a new AI model based on its Mythos architecture, with unspecified availability constraints. The security implications of this release remain unclear from the available information.
Attackers are conducting social engineering campaigns through Microsoft Teams, impersonating IT staff to obtain credentials and access. This represents a significant threat because Teams' position as a trusted internal communication channel makes users more likely to comply with requests.
Google patched CVE-2026-11645, a Chrome zero-day reported by an anonymous researcher in late April, marking the fifth such vulnerability exploited in 2026. The frequency warrants investigation into whether this reflects genuine market targeting or a shift in responsible disclosure practices.
CVE-2026-23111, a use-after-free in the Linux kernel's nf_tables packet-filtering subsystem, has a public working exploit that enables local privilege escalation to root and container escape. The vulnerability was patched upstream in February 2026, but widespread deployment of the fix remains incomplete.
The UK government has issued a formal directive requiring technology companies to deploy built-in or technical controls on smartphones and tablets to detect and block child sexual abuse material (CSAM) within three months. This represents a significant regulatory escalation with substantial technical and privacy implications.
NFCShare Android malware variants are being distributed as fake updates for legitimate banking applications hosted on GitHub repositories. This attack exploits developer trust in source code platforms and user expectations of app updates, bypassing traditional mobile security controls.
A new Gafgyt botnet variant called C0XMO is actively targeting DD-WRT router firmware vulnerabilities to establish a botnet capable of spreading to multiple device architectures. This represents an evolution in router-targeting malware with potential for rapid propagation across heterogeneous IoT environments.
Emphere has raised $2.1 million to commercialise AI-driven vulnerability remediation tools for software companies. This reflects growing industry investment in automating the time-consuming patch and fix cycle.
Microsoft has released an open-source fork of Windows Terminal integrating AI capabilities directly into the terminal environment. The security implications of embedding AI-assisted command execution into a privileged context require careful evaluation.
Bright Data embeds a reverse-engineered SDK in free consumer applications that converts devices, particularly always-on smart TVs, into unwitting exit nodes for its residential proxy network, enabling large-scale web scraping operations marketed to AI companies without explicit user consent.
CrowdStrike has published guidance on scaling agentic AI systems safely, proposing three organisational principles rather than disclosing a specific threat or vulnerability.
Opal Security has raised $23 million in Series B funding to develop AI-native identity governance solutions, bringing total funding to $59 million. This reflects growing enterprise investment in automating identity access management through machine learning.
OpenAI is rolling out Lockdown Mode for ChatGPT to restrict tool usage and mitigate prompt injection attacks that could lead to data exfiltration. The feature addresses a real attack vector but represents defensive hardening rather than remediation of a specific active threat.
A critical remote code execution flaw in the Everest Forms Pro WordPress plugin is under active exploitation, allowing attackers to achieve complete administrative control of affected websites.
Two independent authorization flaws in Shopper admin panel team settings allow any authenticated user to escalate from read-only to full administrator, remove legitimate admins, and take over role-based access control entirely.
UNC3753 conducted a financially motivated data theft extortion campaign from January to May 2026 targeting US law firms and financial services using vishing and social engineering to gain remote access. The group's focus on high-value professional services sectors and reliance on human manipulation rather than technical exploits makes this a persistent threat requiring non-technical defences.
OWASP has released CVE Lite CLI, a free open-source command-line tool that scans project dependencies for known vulnerabilities. This represents a practical contribution to supply-chain security tooling for developers.
Threat actors have compromised over 50 npm packages to distribute IronWorm (a Rust-based information stealer with kernel rootkit capabilities) and a new Miasma worm variant capable of self-propagation. Developers using these poisoned packages face immediate risk of credential theft and persistent system compromise.