New Januscape Linux flaw allows VM escape on Intel, AMD devices
A 16-year-old Linux kernel vulnerability, dubbed Januscape, allows attackers to escape a virtual machine and execute arbitrary code on the host. According to Hyunwoo Kim, the security researcher who discovered it, this guest-to-host escape flaw (tracked as CVE-2026-53359) stems from a use-after-free weakness in the shadow MMU emulation of KVM/x86, the kernel-based virtual machine built for x86 and […]
Microsoft to enable Windows settings backup by default for orgs
Microsoft says the Windows settings backup and restore tool will be enabled by default on Microsoft Entra-joined or Microsoft Entra hybrid-joined enterprise systems after upgrading to Windows 11 26H2. Formerly known as Windows Backup for Organizations, this backup tool helps back up and restore enterprise users’ Windows settings after a device is reset, replaced, upgraded, or […]
BeyondTrust warns of critical flaws in remote access software
BeyondTrust warned customers to patch two critical security flaws in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow attackers to bypass authentication. The first vulnerability, tracked as CVE-2026-40138, affects the company’s RS remote desktop and assistance platform (versions 25.3.2 or earlier) and the PRA enterprise cybersecurity solution (versions 25.3.2 or earlier). […]
Microsoft testing new Cloud Rebuild Windows 11 recovery feature
Microsoft has begun testing the Cloud Rebuild recovery feature in the latest Windows 11 Insider Preview builds released for users in the Experimental channel. First introduced at the Ignite developer conference in November 2025, Cloud Rebuild is a tool that can remotely trigger a complete system reinstall from the cloud for Windows 11 devices experiencing persistent […]
Phishing poses as big-brand job interview to steal Google accounts
A phishing campaign is impersonating more than 30 well-known brands, including Adobe, Netflix, Coca-Cola, and OpenAI, in fake job interviews to steal Google account credentials from marketing professionals. The operation is abusing the legitimate cloud-based PeopleForce human resources platform and a domain associated with the Salesforce Marketing Cloud service before redirecting the recipient to a […]
Fake IT support calls on Microsoft Teams push EtherRAT malware
Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into installing the EtherRAT malware, giving attackers initial access to corporate networks. The campaign, reported by Palo Alto Networks’ Unit 42, combines phishing emails, Microsoft Teams voice calls, legitimate remote management tools, and a Node.js-based malware loader to […]
Vietnam arrests suspects behind HiAnime anime piracy service
​Vietnamese authorities have arrested and are prosecuting seven suspects believed to have run HiAnime, the largest anime piracy streaming service before its shutdown in June. HiAnime provided access to a massive library of English-subbed and dubbed anime without subscription fees, attracting several hundred million visitors each month and temporarily surpassing legal streaming platforms like Disney+ and Crunchyroll […]
Max severity Adobe ColdFusion flaw now exploited in attacks
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, the Canadian Center for Cyber Security (CCCS) warned on Thursday. ColdFusion is a commercial web app development platform designed to help build and deploy enterprise-grade websites. The CVE-2026-48282 security flaw affects ColdFusion versions 2025.9, 2023.20, and earlier, and can be exploited by attackers […]
Flipper Zero firmware development continues with community help
Flipper Devices says development of the Flipper Zero firmware will continue, albeit with a smaller internal team and greater reliance on community contributions. The announcement comes as the gadget maker decided to focus on building new devices, like the Flipper One open Linux platform, for which the company turned to the community’s help to complete development. There […]
JadePuffer ransomware used AI agent to automate entire attack
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent. According to cloud security company Sysdig, JadePuffer used an autonomous AI agent for reconnaissance on the target, to steal credentials, move laterally, establish persistence, escalate privileges, and to encrypt data. The […]