Field notes from the edge.
What our engineers learned this week. Hands-on technical deep-dives, postmortems, and strategy frameworks.
AIIvanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti has issued a warning about CVE-2026-6973, a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) that is being actively exploited in limited attacks. The flaw, caused by improper input validation, allows authenticated users with administrative access to execute remote code on affected systems running EPMM versions prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1.
AIDarkSword Malware
DarkSword is a sophisticated, likely government-designed iOS malware exploiting six zero-day vulnerabilities across iOS versions 18.4-18.7, deployed by multiple commercial surveillance vendors and state-sponsored actors since November 2025. The exploit chain has been used in targeted campaigns across Saudi Arabia, Turkey, Malaysia, and Ukraine, deploying three distinct malware families post-compro
AIRowhammer Attack Against NVIDIA Chips
Two independent research teams have demonstrated critical Rowhammer attacks against NVIDIA Ampere-generation GPUs that exploit GDDR memory bitflips to gain complete control over host CPU memory and achieve full system compromise. The attacks, named GDDRHammer and GeForge, work by corrupting GPU page tables to escalate privileges to root access, with a third attack variant functioning even when IOM
AIAnti-DDoS Firm Heaped Attacks on Brazilian ISPs
Huge Networks, a Brazilian DDoS protection firm, was found to be harboring infrastructure used to launch massive DDoS attacks against Brazilian ISPs through a botnet exploiting vulnerable TP-Link routers. The company's CEO claims the malicious activity resulted from a January 2024 security breach that compromised development servers and his personal SSH keys, suggesting a competitor may be attempt
AIAttacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA
Cybercriminals are exploiting Windows Phone Link functionality to intercept SMS messages and bypass two-factor authentication through a new attack campaign. The attacks deploy CloudZ RAT malware alongside a novel plugin called Pheno to compromise the connection between Windows PCs and smartphones, enabling unauthorized access to text messages and authentication codes.
AIFrom Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
Dark Reading commemorates its 20th anniversary by identifying 20 pivotal cybersecurity news events from the past two decades that have fundamentally shaped today's enterprise threat landscape. The retrospective spans from landmark incidents like Stuxnet to emerging AI-driven security challenges exemplified by ChatGPT, illustrating the evolution of cyber risks facing modern organizations.
AIThe Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open
The Hacker News, a cybersecurity news publication with nearly 20 years of experience, has announced the launch of its 'Cybersecurity Stars Awards 2026' with submissions now open. The awards aim to recognize and celebrate the often-overlooked achievements of cybersecurity leaders, teams, and security products that work continuously to defend against threats.
AIMuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
Iranian state-sponsored threat actor MuddyWater conducted a false flag ransomware attack in early 2026, using Microsoft Teams as an initial attack vector through social engineering techniques. Rapid7 identified this operation, which represents a concerning evolution in nation-state tactics that disguise espionage activities as financially-motivated cybercrime.
AI‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
Tyler Robert Buchanan, a 24-year-old British national and senior member of the Scattered Spider cybercrime group, has pleaded guilty to wire fraud conspiracy and aggravated identity theft for his role in 2022 SMS phishing attacks targeting major technology companies. The attacks compromised at least a dozen firms including Twilio, LastPass, and DoorDash, enabling SIM-swapping schemes that stole at