The PolinRider campaign demonstrates a coordinated North Korean supply-chain attack model that has compromised over 100 legitimate open-source packages and directly endangers developer environments and CI/CD credentials.
Critical
Chinese state-sponsored group (unnamed by Anthropic; September 2025 campaign) B3
Chinese state-sponsored actors conducted an AI-assisted espionage campaign against approximately 30 organizations in September 2025, with the AI system autonomously executing 80,90% of tactical operations and reducing human decision-making to only 4,6 points per campaign.
A 16-year-old use-after-free vulnerability in the Linux KVM hypervisor enables the first reliable guest-to-host escape with full code execution on both Intel and AMD x86 systems.
BSI advisory on multiple Windows/Windows Server vulnerabilities without specific CVE listing indicates current patch-cycle warning or aggregation of concurrent exposures.
BSI warns of multiple vulnerabilities in Adobe Creative Cloud applications without specific CVE numbers, suggesting an aggregated patch advisory; exploitation requires user action (malicious files).
The release of PoC code for a Linux kernel vulnerability enabling local root access significantly increases exploitation risk and requires urgent patching on affected Ubuntu systems.
EtherRAT is being distributed via fake IT support calls through Microsoft Teams,a social engineering campaign that exploits trusted-contact impersonation to install remote access trojans on Windows systems.
Active attacks on critical UniFi OS vulnerabilities confirmed since late May 2026, but no details on attack scope or indicators of compromise available.