⚠️ Critical Notepad++ Vulnerabilities Allow Attackers to Execute Arbitrary Code
Source: https://t.co/iSort2Ikje
Notepad++, one of the most widely used open-source text editors for Windows, has released an urgent security update addressing three vulnerabilities, including two arbitrary code execution flaws that could allow attackers to silently run malicious programs on a victim's machine.
The most severe of the three is CVE-2026-48778, which targets the <GUIConfig name="commandLineInterpreter"> tag inside Notepad++'s config.xml file.
📌 CVE-2026-48770 - Crash via malformed XML structure
📌 CVE-2026-48778 - Arbitrary code execution via config.xml
📌 CVE-2026-48800 - Arbitrary code execution via shortcuts.xml
#cybersecuritynews
⚠️ New BTMOB Malware Lets Attackers Remotely Control Android Devices
Source: https://t.co/RoTwZpLAny
New Android malware dubbed BTMOB is arming even low-skilled attackers with full remote control over infected phones by combining a powerful RAT engine with a no-code campaign builder toolkit.
Unlike classic banking trojans focused only on financial data, BTMOB is designed for full device surveillance and control. The malware can exfiltrate a wide range of sensitive data, capture screenshots, record on-device activity, and give operators persistent remote access to the compromised phone.
#cybersecuritynews
🚨 New 7-Zip Flaws Let Attackers Execute Arbitrary Code and Compromise Systems
Source: https://t.co/WqnpW3mfn2
A critical heap buffer overflow vulnerability has been disclosed in 7-Zip version 26.00, enabling attackers to achieve arbitrary code execution via a vtable hijack by exploiting a defect in the tool's NTFS archive handler.
Tracked as CVE-2026-48095 and assigned advisory GHSL-2026-140, the flaw resides in the CInStream::GetCuSize() function inside NtfsHandler.cpp. The function computes the NTFS compression-unit buffer size using a 32-bit shift operation: (UInt32)1 << (BlockSizeLog + CompressionUnit).
Users are strongly advised to update 7-Zip to a patched version v26.01 immediately and avoid opening untrusted archive files or disk images of any extension until a fix is applied.
#cybersecuritynews
🛡️ Anthropic's Claude Mythos Moves Toward Public Release via Claude Code & Security
Source: https://t.co/wuj9vuGgpH
Anthropic appears to be loosening its grip on Claude Mythos, the company’s most powerful and previously restricted AI model, with new signals pointing to a commercially versioned release under the name Mythos 1 (claude-mythos-1-preview), integrated directly into Claude Code and a revamped Claude Security dashboard targeting enterprise customers.
Rather than a general release, Anthropic launched Project Glasswing on April 7, 2026, a restricted defensive cybersecurity initiative that gave exclusive access to over 40 partner organizations.
The model was deployed to scan critical infrastructure, and within weeks had identified more than 10,000+ high- or critical-severity vulnerabilities.
#cybersecuritynews
@cybervergent Hello @Cybervergent, good day. I’m a cybersecurity student currently seeking SIWES placement and I’m very interested in your organization. Please, how can I submit my application or reach your recruitment team? Thank you.
A massive data leak has exposed the personal information of global leaders and executives, proving no one is off-limits ‼️
High-value targets require high-value defense. This leak is a stark reminder that an organization's attack surface extends far beyond its corporate firewall and into the personal digital lives of its leadership. 📲
See the impact of the leak: https://t.co/L1Va2rf7Zw
AI agents are the shiny new toy in security, but can they actually land you a P1? 🕵️♂
@hbenja_m went down the rabbit hole, moving from classic Bash scripts to a multi-agent CrewAI setup for OSINT and bug hunting. The result was a wild ride through automated report generation, a mountain of false positives, and a crucial lesson: ⤵
AI is an amplifier of skill, not a substitute for it 👌
Read this before your LLM hallucinates another P5: https://t.co/IYEK8YHvxb
Earlier this year, I completed a course on Coursera.
Committed to continuous learning and skill development as I grow in tech and cybersecurity.
#Coursera#ContinuousLearning#CyberSecurity
FINAL ADVICE Man to man
If Allah gives you wealth but not discipline, it won’t last.
If He gives you discipline first, wealth must follow.
```Pix-flix```
Congratulations HUI class of 2025, on your convocation ceremony 🎉
You came, you saw and you have conquered ✨
Wishing you the best that is yet to come, the sky is just your starting point 🫶🏽
#classof2025#GDGoCHUI
Ever been waiting for the perfect time to plug into something impactful?
Join us at our first 2025/2026 info session at GDGoC HUi, where you find support, build skills and create impact with the community🔥
RSVP: https://t.co/shZgUQJKxT
#GDGDoCHUI#BuidNetworkGrow