Overview Security analysts have recently uncovered a sophisticated malspam campaign that leverages the Brazilian remote‑management tool Tiflux to establish stealthy persistence on victim machines. The threat actors combine Tiflux with legacy and commercial remote‑access products—UltraVNC, Splashtop,
Continue ReadingMonth: May 2026
Aerospace Supply Chains Face Intense Data Extortion Pressure
The latest threat intelligence released by AlienVault on 06 May 2026 highlights a dramatic escalation in data extortion efforts targeting the global aerospace and aviation sector. The report, titled Data Extortion Groups Intensify Pressure On Global
Continue ReadingKernel Exploit Lets Local Users Gain Root on Every Major Linux Distribution
Kernel Exploit Lets Local Users Gain Root on Every Major Linux Distribution On 2026-05-06 a new, high‑severity local privilege escalation flaw, identified as CVE-2026-31431, was disclosed by CODERED_VTA. The vulnerability affects virtually every mainstream Linux distribution
Continue ReadingMulti stage Code Of Conduct Phishing Campaign Exposes AiTM Token Compromise
Introduction Microsoft Security Research unveiled a sophisticated multi‑stage phishing operation in early May 2026 that leveraged a “code of conduct” narrative to lure victims into a seemingly legitimate sign‑in flow. Attackers then hijacked that flow in
Continue ReadingSupply Chain Attack on SAP CAP and Cloud MTA Packages
The latest supply‑chain breach discovered on 29 April 2026 targets critical npm packages used across the SAP Cloud Application Programming Model (CAP) ecosystem. Four packages – [email protected], @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected] – were compromised with a
Continue Reading