Sophos Workspace Protection update
Sophos Workspace Protection has been one of our most successful launches ever, thanks to the fact that it’s an innovative,...
Year: 2026
Sophos Workspace Protection update
Sophos Workspace Protection has been one of our most successful launches ever, thanks to the fact that it’s an innovative,...
Google fixes the fifth actively exploited Chrome zero-day of 2026
Google fixes the fifth actively exploited Chrome zero-day of 2026 Pierluigi Paganini June 09, 2026 Google fixed a new Chrome...
U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini June...
CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits
CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits Pierluigi Paganini June 09, 2026 A Linux kernel nf_tables bug lets local users...
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Ravie LakshmananJun 09, 2026Vulnerability / Cyber Espionage Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in...
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large...
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now
Ravie LakshmananJun 09, 2026Vulnerability / Browser Security Google has released security updates to address 74 vulnerabilities, including one that has...
The Hidden Security Risk in Modern Networks: The Work Between Tools
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI...
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and...
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
Ravie LakshmananJun 09, 2026Vulnerability / Artificial Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity...
You do surprise me.exe: An unexpected executable in Hola Browser
During review work related to an AppEsteem Windows Certified Application test, Sophos X-Ops recently identified an unexpected executable delivered alongside...
Meta Accuses NSO of Violating WhatsApp Court Injunction
Meta Accuses NSO of Violating WhatsApp Court Injunction Pierluigi Paganini June 08, 2026 Meta says NSO violated a court injunction...
One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public
Swati KhandelwalJun 08, 2026Linux / Vulnerability Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that...
Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
We track the binary payload chain (CVE-2025-8088 to LNK to PowerShell to result.dll) under SHADOW-EARTH-066, our temporary designation for the...