News

The Utility of Intelligence: Sarah Friar Reveals OpenAI’s $20B Infrastructure Roadmap

OpenAI confidential IPO filing OpenAI code signing certificate rotation AI private equity joint ventures OpenAI Axios Supply Chain Attack OpenAI Promptfoo acquisition OpenAI military resignation ChatGPT Plus military fraud OpenAI smart speaker Jony Ive OpenAI Frontier platform ChatGPT AI age prediction 2026, OpenAI Persona age verification Sarah Friar OpenAI infrastructure, AI Scaling Law revenue OpenAI Gumdrop AI pen, Jony Ive OpenAI hardware 2027 OpenAI New CRO, Denise Dresser Monetization Strategy OpenAI Competitive Pressure Gemini 3 Overtake OpenAI Infrastructure, AI Closed Loop Economy

The Utility of Intelligence: Sarah Friar Reveals OpenAI’s $20B Infrastructure Roadmap

Do Son January 19, 2026

Sarah Friar, the Chief Financial Officer of OpenAI, has recently disseminated a seminal treatise entitled A Business...

The Pixel 9 Zero-Click Exploit Chain That Breaks the Kernel Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

Android zero day flaw June 2026 security bulletin RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

The Pixel 9 Zero-Click Exploit Chain That Breaks the Kernel

Do Son January 19, 2026

One need not even open a missive or engage the “play” interface for a device to commence...

PoC Exploit Released: Failed Windows Patch Leaks Kernel Secrets Windows Kernel Exploit CVE-2025-53136

Windows Kernel Exploit CVE-2025-53136

PoC Exploit Released: Failed Windows Patch Leaks Kernel Secrets

Do Son January 19, 2026

A security patch intended to fix a Windows kernel vulnerability inadvertently created a new information disclosure flaw....

The RAM Crunch: Why Your Next Smartphone Will Cost More in 2026 FCC Chinese lab ban iPhone NATO certification iPhone 18 Pro Deep Red iOS 27 Snow Leopard update 2026 smartphone memory shortage, IDC mobile market forecast iPhone Satellite Natural Usage iPhone 17 Speaker Issue, USB-C Static iPhone 17 Pro, MagSafe Scratches iPhone 17 Pro, professional filmmaking

FCC Chinese lab ban iPhone NATO certification iPhone 18 Pro Deep Red iOS 27 Snow Leopard update 2026 smartphone memory shortage, IDC mobile market forecast iPhone Satellite Natural Usage iPhone 17 Speaker Issue, USB-C Static iPhone 17 Pro, MagSafe Scratches iPhone 17 Pro, professional filmmaking

The RAM Crunch: Why Your Next Smartphone Will Cost More in 2026

Do Son January 19, 2026

Notwithstanding the dual tribulations of tariff-induced turbulence and persistent inflationary pressures in 2025, the global smartphone sector...

The $134 Billion Gambit: Musk Sues OpenAI While California Crackdown Hits xAI Musk $134B OpenAI lawsuit, xAI Grok deepfake cease and desist xAI Series E $20 billion funding, Grok 5 NVIDIA supercomputer trade secret theft, xAI lawsuit Grok 2, Open Source AI Grok AI, xAI Investment xAI, MacroHard

Musk $134B OpenAI lawsuit, xAI Grok deepfake cease and desist xAI Series E $20 billion funding, Grok 5 NVIDIA supercomputer trade secret theft, xAI lawsuit Grok 2, Open Source AI Grok AI, xAI Investment xAI, MacroHard

The $134 Billion Gambit: Musk Sues OpenAI While California Crackdown Hits xAI

Do Son January 19, 2026

In a legal offensive against OpenAI and Microsoft, Elon Musk has demanded a staggering $134 billion in...

Defending the Data Moat: Google Appeals Monopoly Ruling to Block Forced Data Sharing

Defending the Data Moat: Google Appeals Monopoly Ruling to Block Forced Data Sharing

Do Son January 19, 2026

Google has formally initiated an appeal against the federal court ruling that declared its dominance in the...

Fake Malwarebytes Campaign Exploits DLL Sideloading to Drop Infostealers GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Fake Malwarebytes Campaign Exploits DLL Sideloading to Drop Infostealers

Do Son January 19, 2026

A new and sophisticated malware campaign masquerading as legitimate software installers has been uncovered. In a recent...

CVE-2026-0695: High-Severity XSS Flaw Patched in ConnectWise PSA 2026.1

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2026-0695: High-Severity XSS Flaw Patched in ConnectWise PSA 2026.1

Do Son January 19, 2026

ConnectWise has released a crucial security update for its Professional Services Automation (PSA) platform, addressing two significant...

DragonForce: The Rise of a New “Ransomware Cartel” Built on LockBit and Conti DNA INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

DragonForce: The Rise of a New “Ransomware Cartel” Built on LockBit and Conti DNA

Do Son January 19, 2026

A comprehensive new analysis by security researchers at S2W details the inner workings of the DragonForce Ransomware...

Fake Productivity Tools: 5 Malicious Chrome Extensions Hijack Enterprise Sessions Amazon Ads Blocker Affiliate Link Hijacking Malicious browser extensions

Amazon Ads Blocker Affiliate Link Hijacking Malicious browser extensions

Fake Productivity Tools: 5 Malicious Chrome Extensions Hijack Enterprise Sessions

Do Son January 19, 2026

A new and sophisticated campaign targeting enterprise environments has been uncovered by Socket’s Threat Research Team. Five...

Sitting Ducks and Scammy Notifications: Inside a Global Malvertising Operation Sitting Ducks Vulnerability Push Notification Scam

Sitting Ducks Vulnerability Push Notification Scam

Sitting Ducks and Scammy Notifications: Inside a Global Malvertising Operation

Do Son January 19, 2026

Researchers at Infoblox have peeled back the curtain on a massive, deceptive push notification network, revealing how...

Unpatched RCE: Livewire Filemanager Upload Flaw (CVE-2025-14894) Exposes Laravel Apps Livewire Filemanager RCE CVE-2025-14894

Livewire Filemanager RCE CVE-2025-14894

Unpatched RCE: Livewire Filemanager Upload Flaw (CVE-2025-14894) Exposes Laravel Apps

Do Son January 19, 2026

A critical new security flaw has been unearthed in Livewire Filemanager, a popular tool used within the...

KnownSec Data Leak Exposes State-Aligned Cyber Espionage Pipeline Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

KnownSec Data Leak Exposes State-Aligned Cyber Espionage Pipeline

Do Son January 19, 2026

A massive data leak from KnownSec, a prominent Beijing-based cybersecurity firm, has exposed the inner workings of...

Bluetooth “Heartbleed” and DoS Flaws Found in Xiaomi Redmi Buds, No Patch Xiaomi Redmi Buds Vulnerability CVE-2025-13834

Xiaomi Redmi Buds Vulnerability CVE-2025-13834

Bluetooth “Heartbleed” and DoS Flaws Found in Xiaomi Redmi Buds, No Patch

Do Son January 19, 2026

A pair of critical vulnerabilities has been discovered in Xiaomi’s popular Redmi Buds series, exposing users to...

Invisible Intruder: Fileless Remcos RAT Hides in Shipping Emails Fileless Remcos RAT Phishing Campaign

Fileless Remcos RAT Phishing Campaign

Invisible Intruder: Fileless Remcos RAT Hides in Shipping Emails

Do Son January 19, 2026

A sophisticated new phishing campaign has been detected in the wild, leveraging a fileless variant of the...

Critical Deno Flaws Risk Secrets (CVE-2026-22863) & Execution (CVE-2026-22864) Deno Vulnerability CVE-2026-22863

Deno Vulnerability CVE-2026-22863

Critical Deno Flaws Risk Secrets (CVE-2026-22863) & Execution (CVE-2026-22864)

Do Son January 19, 2026

Deno, the modern JavaScript and TypeScript runtime famous for its “secure by default” architecture, has hit a...

New “LOTUSLITE” Backdoor Targets U.S. Government in Suspected Mustang Panda Campaign Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

New “LOTUSLITE” Backdoor Targets U.S. Government in Suspected Mustang Panda Campaign

Do Son January 19, 2026

A new espionage campaign targeting U.S. government entities has been uncovered, utilizing a custom backdoor dubbed LOTUSLITE....

Critical ABB Alert: OPTIMAX Flaw Allows Full System Takeover ABB T-MAC Plus vulnerabilities terminal system flaws ABB OPTIMAX Vulnerability CVE-2025-14510 ABB Edgenius Auth Bypass, Critical RCE ABB, ASPECT BMS CVE-2024-48841, CVE-2024-48849, and CVE-2024-48852 CVE-2024-48510

ABB T-MAC Plus vulnerabilities terminal system flaws ABB OPTIMAX Vulnerability CVE-2025-14510 ABB Edgenius Auth Bypass, Critical RCE ABB, ASPECT BMS CVE-2024-48841, CVE-2024-48849, and CVE-2024-48852 CVE-2024-48510

Critical ABB Alert: OPTIMAX Flaw Allows Full System Takeover

Do Son January 19, 2026

Industrial automation giant ABB has released a critical security advisory warning of a severe vulnerability in its...

The Fake “RedLine”: Imposter Malware Hijacks Crypto Wallets on Discord RedLineCyber Clipboard Hijacker TangleCrypt Packer, STONESTOP EDR Killer Gamaredon APT - BoneSpy and PlainGnome

RedLineCyber Clipboard Hijacker TangleCrypt Packer, STONESTOP EDR Killer Gamaredon APT - BoneSpy and PlainGnome

The Fake “RedLine”: Imposter Malware Hijacks Crypto Wallets on Discord

Do Son January 19, 2026

A sophisticated new cybercrime operation is preying on the trust of the cryptocurrency community by masquerading as...

Decades-Old Flaw & New Heap Corruption: Critical glibc Bugs Revealed glibc Security Legacy DNS Flaws glibc Vulnerabilities Linux Security Alert glibc Vulnerability CVE-2026-0861

glibc Security Legacy DNS Flaws glibc Vulnerabilities Linux Security Alert glibc Vulnerability CVE-2026-0861

Decades-Old Flaw & New Heap Corruption: Critical glibc Bugs Revealed

Do Son January 19, 2026

The maintainers of the GNU C Library (glibc), the core library that underpins the vast majority of...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
Admin intel🗓 Updated: Jun 25, 2026
CVE-2026-12569
PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary...
🗓 Added to KEV: Jun 25, 2026
CVE-2025-67038CVSS 9.8
Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34910CVSS 10.0
Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34909CVSS 10.0
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34908CVSS 10.0
Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
Admin intel🗓 Updated: Jun 22, 2026
CVE-2026-20253CVSS 9.8
Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create...
🗓 Added to KEV: Jun 18, 2026