CyberSecurity Updates

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

JFrog has published technical details and a proof of concept (PoC) targeting a recent high-severity Linux kernel vulnerability that could allow any local user to gain root privileges. Tracked as CVE-2026-43503 (CVSS score of 8.8) and referred to as DirtyClone, the local privilege escalation bug was resolved on May 24, shortly after being reported to the Linux kernel maintainers. Now, JFrog explains that the flaw is a variant of DirtyFrag (also known as Copy Fail…

Read More

Chinese Framework Powers 200,000 Scam Sites

More than 200,000 websites are using investment scam templates built with the Chinese open source framework Uni-App, Infoblox reports. A cross-platform development toolkit, Uni-App allows developers to create Vue.js codebases that can be deployed as mobile and desktop applications, or as mobile-optimized websites simultaneously. Widely used in China and supported by a developer ecosystem, the framework powers thousands of legitimate products, and its maker DCloud does not appear to be involved in its fraudulent use.…

Read More

SMB cyber readiness: the road to resilience starts here

Business Security Your business may be small, but its attack surface is anything but. Readiness is the first step to resilience. Phil Muncaster 26 Jun 2026  •  , 5 min. read SMB cybersecurity isn’t always given the attention it deserves, including by small businesses themselves. That’s concerning for various reasons, notably because the companies comprise 90% of the world’s businesses, 70% of its employees, and 50% of global GDP, according to the World Economic Forum…

Read More

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Researchers at Wiz have disclosed a high-severity vulnerability in the Amazon Q Developer extension for Visual Studio Code that could allow attackers to steal developers’ cloud credentials by luring them into opening a booby-trapped code repository. Amazon Q Developer is an AI-powered coding assistant that offers developers features such as code suggestions, automated refactoring, and access to external tools and services via integrations with local processes. AWS was notified about the issue on April 20…

Read More

Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances

Cyberespionage has remained a constant feature of Russia’s war against Ukraine. ESET Research has long tracked Gamaredon, one of the most active Russia-aligned advanced persistent threat (APT) groups targeting Ukraine. The group, attributed by the Security Service of Ukraine (SSU) to the 18th Center of Information Security of Russia’s FSB, maintained a high operational tempo throughout 2025. In our latest research, we analyze Gamaredon’s activity during 2025, including new tools added to its arsenal, significant…

Read More

Linux Foundation Unveils New Open Source Security Project Akrites

The Linux Foundation on Thursday announced a new industry effort aimed at efficiently addressing vulnerabilities in the open source software (OSS) ecosystem. Named Akrites, it establishes a shared Security Incident Response Team (SIRT) for coordinated discovery, patching, and public disclosure of OSS security defects. If it sounds familiar, it should. Less than two weeks ago, Chainguard announced Athena, a coalition of over two dozen fintech and technology organizations aimed at addressing OSS bugs before public…

Read More

ESET takes part in Operation Endgame to disrupt Amadey and Stealc

A year ago, ESET Research was part of two major operations that disrupted some of the leading cybercriminal operations at the time, Lumma Stealer and Danabot. More recently, our researchers are once again collaborating with private partners and law enforcement, but this time taking aim at the Amadey botnet and Stealc infostealer, both provided via malware-as-a-service (MaaS) offerings. Operation Endgame – coordinated by Microsoft Digital Crimes Unit (DCU), BitSight, Lumen, Mitsui Bussan Secure Directions (MBSD),…

Read More

25-Year-Old Vulnerability Patched in Curl

The open source data transfer tool and library curl has been updated this week with patches for 18 vulnerabilities, including one introduced 25 years ago. The flaws, four medium and 14 low-severity, were discovered as part of a community effort after Anthropic’s Mythos discovered a single curl bug in early May. This release resolves the highest number of CVEs patched with a single curl update, including an issue that was introduced in version 7.7, shipped…

Read More

Advancing Product Security: New IoT Guidance and New Engagement

It may be summertime, but the NIST Cybersecurity for the Internet of Things (IoT) Program isn’t hitting the hammock! Organizations are managing growing device complexity, evolving threats, and pressure to turn guidance into operational decisions…so we remain focused on helping stakeholders apply security guidance in ways that are practical and actionable. What’s Been Happening Lately?  The IPD reflects current needs, with lessons learned from stakeholders who use these guidelines. Particularly, it’s focused on providing clearer…

Read More

Webinar Today: Modern Exposure Validation in the AI Era

Weeks to hours. That’s how fast AI now turns a new vulnerability into a working exploit. Patch-and-pentest cycles were built for a slower world. The question has changed from “are we patched?” to “are we secure right now, and can we prove it?” Here’s the hard truth: finding exposures was never the problem. Proving which ones an attacker could actually use, and deciding the right call on evidence, is the hard part. And no single tool gets…

Read More