Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
SecurityWeek

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.
The Hacker News

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

Cisco Unified CM CVE-2026-20230 is under active exploitation, allowing file writes on WebDialer-enabled systems.
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
CBS News

Federal judge blocks implementation of shortened appeals process for detainees

Jennifer Mayerle happily returned to Minnesota and WCCO, where she began her career as a summer intern. The Emmy and Edward R. Murrow award-winning journalist returned to WCCO as a reporter in 2014 ...
BusinessMirror

PHL files protest over dangerous moves by Chinese ships to block PCG, BFAR

THE Department of Foreign Affairs (DFA) has lodged a diplomatic protest against China over the October 12 ramming and water cannon attack on a Philippine fisheries vessel near Pagasa Island in the ...