Security Articles

The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors

Google Threat Intelligence Group (GTIG) details DarkSword, a full-chain iOS exploit leveraging six zero-day vulnerabilities, adopted by multiple threat actors since November 2025.

Claude Code Security and Magecart: Getting the Threat Model Right

This article explains why static code analysis tools like Claude Code Security cannot detect Magecart-style web supply chain attacks that execute entirely at runtime in the browser.

9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

Eclypsium researchers disclosed nine vulnerabilities across four low-cost IP KVM devices that can grant unauthenticated root access and arbitrary code execution.

Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels

This article introduces Mesh CSMA, a platform implementing Gartner's Cybersecurity Mesh Architecture to discover and eliminate cross-domain attack paths to critical assets.

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit

A high-severity privilege escalation vulnerability (CVE-2026-3888, CVSS 7.8) affects default Ubuntu Desktop 24.04+ installations via a timing-based exploit chain.

11 min read

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Apple released Background Security Improvements to patch a WebKit vulnerability (CVE-2026-20643) that allows same-origin policy bypass on iOS and macOS.

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

A critical unauthenticated remote code execution vulnerability (CVE-2026-32746, CVSS 9.8) has been disclosed in GNU InetUtils telnetd, affecting all versions through 2.7.

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

This article covers critical security vulnerabilities in three AI platforms—Amazon Bedrock, LangSmith, and SGLang—that enable data exfiltration and remote code execution.

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

LeakNet ransomware group has adopted ClickFix social engineering via compromised websites and a Deno-based in-memory loader as new attack vectors.

AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds

A 2026 benchmark report reveals that most CISOs are securing AI systems using outdated tools and skills not designed for AI-specific threats.