NATO Admiralty (AJP-2.1) grades confidence, independent of the risk score. Cross-source corroboration isn't tracked for non-CVE news, so single-source items are capped at a lower credibility number; a low number does not imply low quality.
A self-propagating worm (Mini Shai-Hulud) by TeamPCP has compromised over 170 npm and PyPI packages while defeating SLSA provenance attestation, representing a critical threat to any software development relying on dependencies from these ecosystems.
Pwn2Own vulnerability in Microsoft Edge allows bypass of origin validation; attackers can access restricted functionality if users visit a malicious page.
ZDI Pwn2Own vulnerability in Microsoft Edge allows cross-origin XSS execution upon user interaction; CVSS 5.0 rating for newly published CVE-2026-45494.
A hacker group (TeamPCP) is exploiting vulnerabilities in development tools and cloud misconfigurations at scale to steal credentials and propagate through supply-chain ecosystems via worms,a new escalation in attacks on open-source infrastructure.
Iranian ransomware actors use cryptocurrency exchanges for money laundering; OFAC sanctions against Nobitex signal escalated financial control and elevated risk for European organizations targeted by Iran-backed ransomware campaigns.
Targeted espionage against financial sector executives exploits normal cloud services to disguise data exfiltration , indicating state-sponsored or well-resourced threat actors focused on strategic intelligence.
A Chinese hacking group focused on remote access and data theft is expanding its attacks specifically to Germany and other EU countries; the malware arsenal can also be used for espionage purposes.
Critical
NEW TA4922 (China-linked, possible overlap with Silver Fox) C3
Chinese threat actor TA4922 is intensifying attacks on European organizations including Germany with new and known RAT malware variants, combined with phishing campaigns and rapid operational tempo.
Chaining of two Linux kernel fragmentation-related vulnerabilities enables memory corruption and local privilege escalation through crafted network packets.
The vulnerability enables extraction of unencrypted SMTP authentication credentials directly from system log files , a frequently overlooked attack vector for lateral movement and account compromise.
The researcher published a working proof-of-concept without prior notification to Microsoft, meaning the vulnerability is immediately exploitable and attacker code is now available.
The debugging flag was not disabled in production, allowing attackers to actively compromise user accounts , suggesting active exploitation in the wild.