Espresso

Sign in Subscribe

Cybersecurity

100k Firms Rekt by One AI .url: EDR Blind, WMI Undead

100k Firms Rekt by One AI .url: EDR Blind, WMI Undead

TL;DR * DeepLoad AI-powered malware loader evades detection via 100,000+ lines of obfuscated code, steals credentials via Windows lock screen processes * Fortinet FortiClient EMS CVE-2026-21643 exploited in the wild, allowing unauthenticated RCE on nearly 1,000 exposed instances * New Zealand government launches national cybersecurity framework after 120,000-patient health

1M Israelis’ Phones Raided by IRGC via Fake Bomb-Shelter App: 12 TB Looted

1M Israelis’ Phones Raided by IRGC via Fake Bomb-Shelter App: 12 TB Looted

TL;DR * Iran-linked spyware campaign targets Israeli civilians via fake bomb shelter app, exploiting Android devices * AI-assisted malware development reaches operational maturity with VoidLink framework, exploiting agent-based code generation * Gemini 2.5 Flash achieves 100% interception rate in multi-turn jailbreak defense tests using Precepts-Samadhi-Teacher-Wisdom architecture 🫠 1M Israeli Phones Backdoored by

100k Bot Graveyard Daily: Reddit’s Face-Tax Kills Anonymity

100k Bot Graveyard Daily: Reddit’s Face-Tax Kills Anonymity

TL;DR * Stately Taurus APT deploys USBFect malware and EggStremeFuel backdoor in Southeast Asian government cyberespionage campaign * Ajax Amsterdam discloses cybersecurity breach exposing 538 season ticket holders' accounts via mobile app vulnerabilities * Reddit implements non-human account labeling system, blocking 100,000 suspicious accounts daily with App labels and proof-of-personhood

500k Creds in 7 Days: Free AV Fail Dunks US Corps

500k Creds in 7 Days: Free AV Fail Dunks US Corps

TL;DR * Microsoft Defender and macOS XProtect remain primary defenses as enterprises face rising endpoint threats, per 2026 security trends * TeamPCP expands campaign to target Checkmarx KICS scanner and OpenVSX extensions, exfiltrating 300GB of corporate credentials * TeamPCP supply chain attack compromises LiteLLM on PyPI, exfiltrates 500K+ credentials via backdoored versions

511K Unpatched IIS Servers: US vs CN Ransomware Roulette

TL;DR * US and China host 511,000+ exposed End-of-Life IIS servers, CISA warns of critical cyber risk * Dutch Ministry of Finance hacked; unauthorized access detected, systems blocked after cyber intrusion targeting government infrastructure 😱 511,000 EOL IIS Servers Exposed: US-China Face Zero-Day Freefall 511k zombie IIS servers still online—

$290M AI Anti-Phish Flunks Lunch-Order Test: US Firms Face 50 % Leak Odds

$290M AI Anti-Phish Flunks Lunch-Order Test: US Firms Face 50 % Leak Odds

TL;DR * Dataminr launches AI-powered CyberDefense suite integrating client-tailored threat intelligence with internal telemetry * Proofpoint achieves 99.999% detection efficacy with unified email security platform for AI-driven agent threats * Chinese hackers infiltrate Microsoft GCC cloud system, exposing DOJ data and triggering federal audit * CrowdStrike Expands Falcon Platform with AI Agent