FFmpeg fixes PixelSmash flaw in widely used video decoder

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...
The Hacker News

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

Kaspersky says attackers are using fake WhatsApp document attachments to run VBScript malware and install ManageEngine RMM ...
Network World

Attackers exploit Cisco Unified CM flaw weeks after patch release

New activity targets CVE‑2026‑20230, an SSRF bug that can allow unauthenticated file writes and potential root‑level access ...
SecurityWeek

FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances

PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...
XDA Developers on MSN

4 tools I install on every new home server before setting up anything else

Learn about the tools I setup up on every new home server for remote access, container management, dashboard, and monitoring ...
Dark Reading

In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...

CISA sets urgent deadline to fix Cisco flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
SecurityWeek

Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets

Russia-linked APT Turla has been using the StockStay backdoor against government and military organizations in Ukraine.
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
WeLiveSecurity

ESET takes part in Operation Endgame to disrupt Amadey and Stealc

ESET researchers assisted in the global disruption of the Amadey botnet and Stealc infostealer, providing technical analysis, ...

The Rise of Sovereign File Architectures in Enterprise IT

Two decades ago, using a “borderless Cloud” to house data felt like an exciting innovation. And in reality, it was. Companies jumped at the ability to create, store, and organize their data in the ...