I sat in on a close-door war game where insurance execs simulated a cyberattack against US water utilities by Volt Typhoon, Chinese state hackers who have been penetrating US critical infrastructure since at least 2023. The results were catastrophic. https://t.co/j1pdUvYvtX
Don't believe that this is real? OpenWRT pre-auth remote root exploit 0day (CVSS 9.6, CRITICAL). Submitted this morning to the project. Technical details with-held for future publication. I have so far ran against OpenWRT, Horde, Django, WordPress, Gitlab, Dropbear & more.
CVE-2026-56842 A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to… https://t.co/ZilgPxvWGk
CVE-2026-55114 A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate … https://t.co/uDQ9SGGRrd
CVE-2026-55112 A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS … https://t.co/bkVtwbZPNq
CVE-2026-8699 A stored Cross-Site Scripting (XSS) vulnerability has been identified in the web-based management interface of Archer C5 v6.8 routers, due to insufficient server-side v… https://t.co/3hNPbwnS7r
CVE-2026-55118 A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi Network… https://t.co/OmcoM5GBKQ
🚨 Reports of activity referred to as FortiBleed indicate malicious cyber activity targeting Fortinet FortiGate devices across government & private sector organizations. Review our Alert and take immediate action to protect your organization’s systems. 👉 https://t.co/VhDx0zq2o1
Today @rapid7 and Cisco are disclosing CVE-2026-20182, a critical (CVSS 10.0) auth bypass affecting Cisco Catalyst SD-WAN Controller, found by @_CryptoCat and I when we were researching CVE-2026-20127 last Feb. An unauth attacker can become the vmanage-admin and issue arbitrary NETCONF commands. Cisco has also disclosed that the new CVE is already EITW as of this month. Read our blog here with full technical details: https://t.co/5l9FCqJvv3
🛡️ We added Cisco Catalyst SD-WAN Manager vulnerability CVE-2026-20262 and LiteSpeed cPanel Plugin vulnerability CVE-2026-54420 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity
We've made the latest set of updates to reflect changes in silicon pricing. DDR5 costs remain stable month over month. The biggest updates are around SSDs, where we've consumed most of the inventory that we brought in earlier at lost cost.
Hackers have spent decades fighting for an open, decentralised internet. It's been a losing battle against big tech.
We lost search. The way we find information now runs through one private company that accepts money to change what you find.
We lost social. The social algorithms got optimised (by private for-profit companies) for what keeps you scrolling and what sells ads, not what's true or useful.
Now we are banned from using most powerful technology ever built, frontier AI.
Thankfully, open models are catching up fast. We still have a chance to win this one back!
.@Volexity has published details from an incident response engagement in September 2025 involving multiple #BRICKSTORM variants deployed by a threat actor that Volexity tracks as VerdantBamboo. This case involved the breach of the victim organization’s MSP and multiple malware implants found on firewalls, cloud storage sync devices & NAS appliances. VerdantBamboo used a #0day privilege escalation exploit in the process and was also observed using administrative access to the victim organization's firewall to enable a custom VPN.
For more details on how the incident unfolded, the malware used by the threat actor, and the end goal of the intrusion, check out the full blog post: https://t.co/Qd0SWaLIgY
#dfir
CVE-2026-0265, the PAN-OS auth bypass (when Cloud Auth Services are enabled) was fun to reproduce and load into the watchTowr Platform.
Our friends @ @HacktronAI are publishing their analysis this week, so we won’t be publishing. Looking forward to it 🚀
Warning: Critical, actively-exploited MFA Bypass in #SonicWall#SSL-VPN CVE-2024-12802 CVSS: 9.1 Follow all 6 manual reconfiguration steps for remediation on Gen6 devices and update firmware. For details, see: https://t.co/JPQeegmBXl #Patch#Patch#Patch