Nicholas Robert

Flat white line-art of a browser window with a cracked engine gear, on a terracotta background — the Chrome V8 zero-day CVE-2026-11645.

Vulnerabilities

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild — Patch Now

The fifth in-the-wild Chrome zero-day of the year, in the V8 JavaScript engine, is now patched — but the attack pattern shows no sign of slowing.

Flat white line-art of a single node duplicating into two identical copies beside an open book, on a peacock background — academic self-replicating AI research.

Artificial Intelligence (AI)

Researchers Publish Prototype of Self-Replicating AI Worm Concept on Open-Weight Models

Half a century after Brunner imagined it, researchers publish a prototype — and the defender community gets a new detection-research agenda rather than an immediate operational threat.

Flat white line-art of a proxy gateway routing requests between an application and stacked model servers, on an Indigo background — LiteLLM patch.

Vulnerabilities

LiteLLM Project Patches CVE-2026-42271

An AI proxy that increasingly sits between corporate apps and model providers issues a patch — defenders should verify deployments and review proxy logs.

Flat white line-art of a large backup-storage vault with an open hatch, on a Brick Rust background — Veeam Backup & Replication RCE patch.

Vulnerabilities

Veeam Discloses Veeam Backup & Replication Remote Code Execution Vulnerability

A patch cycle on the backup-of-record for the enterprise — high-priority, given the ransomware-response context.

Editorial science-poster illustration of cyber threat intelligence symbols — a radar dish, a dossier folder, a pinned bulletin board, a magnifying lens, a signal waveform, and a fountain pen.

Cybersecurity 101

What Is Cyber Threat Intelligence (CTI)? Types and Use Cases

Cyber threat intelligence (CTI) explained — the four types, the CTI lifecycle, where intelligence comes from, and how organizations turn it into action.

Flat white line-art of a VPN gateway with an open keyhole and an unlocked padlock, on a Crimson background — Check Point VPN zero-day.

Vulnerabilities

Check Point VPN Zero-Day CVE-2026-50751 Exploited for a Month Before Patch; Qilin Ransomware Involved

A logic-flow weakness in Check Point's Remote Access VPN gave a Qilin ransomware affiliate and other attackers a month to operate before a patch arrived.

Flat white line-art of a code repository folder linked to two robot heads, on a Forest Green background — Miasma worm targeting AI coding agents.

Supply Chain Attack

Microsoft Pulls 70+ GitHub Repos as Miasma Worm Targets AI Coding Agents

For the second time in weeks, Microsoft packages were laced with credential stealers — this time targeting users of AI coding agents, forcing the company to pull more than 70 of its own GitHub repositories.

Flat white line-art of a classical law-firm building beside a magnifying glass, on a Mulberry background — Mandiant UNC3753 report.

Threat Intelligence

Mandiant Documents UNC3753 Extortion Campaign Against US Legal-Services Firms

Mandiant's published findings on a financially motivated campaign give defenders in legal and financial services a sector advisory to act on.

Flat white line-art of a gavel beside a smartphone speech bubble, on a Cobalt background — Meta contempt motion against NSO Group over WhatsApp.

Threat Intelligence

Meta Files Federal Contempt Motion Against NSO Group Over Alleged WhatsApp Targeting

Meta's contempt filing tests whether court-ordered restrictions are effectively binding on a commercial spyware vendor.

Flat white line-art of a Python package box flagged and pulled from a shelf of registry crates, on a Forest Green background — Hades PyPI package-poisoning incident.

Supply Chain Attack

PyPI Discloses "Hades" Package-Poisoning Incident; 19 Packages Removed

Another package-poisoning incident lands across a language registry, reinforcing the case for default-behavior reform that GitHub has now begun applying to npm.

Editorial science-poster illustration of threat intelligence symbols — a magnifying lens, a pinned map, an antenna, a dossier folder, a masked silhouette, and a network of nodes.

Cybersecurity 101

Threat Intelligence and Threat Actors: The Complete Guide

A complete guide to threat intelligence and threat actors — the four types of CTI, the major actor categories, the intelligence lifecycle, and the frameworks defenders use.

See all

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild — Patch Now

Researchers Publish Prototype of Self-Replicating AI Worm Concept on Open-Weight Models

LiteLLM Project Patches CVE-2026-42271

Veeam Discloses Veeam Backup & Replication Remote Code Execution Vulnerability

What Is Cyber Threat Intelligence (CTI)? Types and Use Cases

One-Character Linux Kernel Flaw Gets Public Root Exploit

Check Point VPN Zero-Day CVE-2026-50751 Exploited for a Month Before Patch; Qilin Ransomware Involved

Microsoft Pulls 70+ GitHub Repos as Miasma Worm Targets AI Coding Agents

Mandiant Documents UNC3753 Extortion Campaign Against US Legal-Services Firms

Meta Files Federal Contempt Motion Against NSO Group Over Alleged WhatsApp Targeting

PyPI Discloses "Hades" Package-Poisoning Incident; 19 Packages Removed

Threat Intelligence and Threat Actors: The Complete Guide