- Operationalizing Threat Intelligence
- TrojPix Air-Gap Data Theft Attack
- Multiple PHP Flaws Enable DoS
- Microsoft Edge Remote Code Execution Flaw
- OpenSSH 10.4 Ships Security Fixes
- 16-Year-Old Linux KVM Flaw
- Ubiquiti Discloses 25 UniFi Flaws
- Accenture Data Breach Claims
- GhostLock: 15-Year-Old Kernel Bug
- Android 17 One-Click Root Exploit
- Claude Desktop Turned into RCE Vector
- Palo Alto PAN-OS Code Execution Flaw
- GhostApproval Hits AI Coding Assistants
- AI Coding Agents Hijacked via “Friendly Fire”
- Linux DRM Bug Enables Passwordless Root
- Attackers Abuse Microsoft Entra Passkeys
- Roundcube Zero-Click XSS Flaws
- AI-Driven AWS Compromise in 72 Hours
- Django SQL Injection Exploited in the Wild
- WhatsApp Message Weaponizes OpenClaw
This week’s bulletin exposes just how long dangerous flaws can hide in plain sight, with a 16-year-old Linux KVM escape bug and a 15-year-old kernel privilege escalation flaw both surfacing after more than a decade undetected.
Enterprise infrastructure took a hit too, with Ubiquiti disclosing 25 vulnerabilities across its UniFi ecosystem and Accenture facing claims of a 35 GB source code theft.
Add a one-click Android 17 root exploit, a novel air-gap data theft technique, and fresh flaws in Microsoft Edge, OpenSSH, PHP, and Palo Alto’s PAN-OS, and it’s clear attackers are finding new angles across every layer of the stack.
Here’s a roundup of the 20+ most significant threats, vulnerabilities, and research findings from the past week.
Operationalizing Threat Intelligence
A persistent gap exists between purchasing threat intelligence feeds and actually operationalizing them into SOC detection and response workflows . The article breaks down why most feeds sit unused due to lack of context and slow update cycles, and outlines what a fully integrated, bidirectional intelligence pipeline looks like across SIEM, SOAR, firewall, and EDR platforms . Read more
TrojPix Air-Gap Data Theft Attack
Researchers unveiled TrojPix, a novel electromagnetic covert-channel attack that can exfiltrate data from already-compromised air-gapped computers from up to 208 meters away, even through concrete walls, by exploiting pixel-level HDMI signal leakage . The technique achieves a peak throughput of 8.1 Mbps with near-100% accuracy while remaining completely invisible to the human eye. Read more
Multiple PHP Flaws Enable DoS
Two PHP vulnerabilities, CVE-2026-12184 and CVE-2026-14355, allow attackers to trigger denial-of-service conditions and memory corruption in widely deployed web applications. The more severe flaw affects PHP’s HTTP stream wrapper and can crash PHP-FPM entirely, while the second corrupts memory via a buffer miscalculation in the OpenSSL extension’s AES-WRAP-PAD handling. Read more
Microsoft Edge Remote Code Execution Flaw
Microsoft disclosed CVE-2026-57992, a Use-After-Free vulnerability in Edge’s Chromium engine rated 7.5 (High), that can lead to remote code execution when a victim visits a malicious page and performs two tap gestures triggering autofill . No official patch is available yet, so organizations are advised to restrict autofill and monitor MSRC for updates. Read more
OpenSSH 10.4 Ships Security Fixes
OpenSSH 10.4, released July 6, 2026, patches multiple vulnerabilities including a malicious-server file redirection flaw in sftp, an scp path traversal issue, and a client-side use-after-free bug in ssh triggered by mid-session host key changes. The release also introduces experimental post-quantum cryptography support, combining ML-DSA 44 and Ed25519. Read more
16-Year-Old Linux KVM Flaw
Dubbed “Januscape” and tracked as CVE-2026-53359, this vulnerability sat unnoticed in KVM’s shadow MMU logic for nearly 16 years, allowing a malicious guest to corrupt host kernel memory and potentially achieve a full guest-to-host escape with root privileges. It was actively exploited as a zero-day in Google’s kvmCTF before disclosure and affects both Intel and AMD platforms. Read more
Ubiquiti Discloses 25 UniFi Flaws
Ubiquiti’s Security Advisory Bulletin 066 disclosed 25 vulnerabilities across the UniFi ecosystem, including CVE-2026-50746, a perfect 10.0-rated command injection flaw in UniFi Connect that is exploitable without authentication. Several other critical bugs scored 9.9, spanning SQL injection, SSRF, and access control issues across UniFi Talk, Access, and Protect. Read more
Accenture Data Breach Claims
A threat actor known as “888” claims to have stolen roughly 35 GB of source code, RSA/SSH keys, and Azure access tokens from Accenture in a July 2026 breach, posting sample screenshots of Azure DevOps activity as proof. Accenture confirmed an “isolated matter” that has been remediated but has not verified the scope of the alleged data. Read more
GhostLock: 15-Year-Old Kernel Bug
Tracked as CVE-2026-43499, “GhostLock” is a privilege escalation flaw in the Linux kernel’s real-time mutex subsystem that went undiscovered for over a decade since its introduction in 2011 . Researchers demonstrated a 97% reliable exploit earning a $92,337 bounty, using a dangling pointer bug to hijack kernel control flow and gain root access. Read more
Android 17 One-Click Root Exploit
Dubbed “IonStack,” this proof-of-concept chains a Firefox zero-day with a 15-year-old Linux kernel flaw to achieve full remote code execution and root access on Android 17 with just a single malicious link click. Researchers say the exploit was responsibly disclosed and never seen in the wild, but it highlights how legacy kernel code can harbor severe flaws for years. Read more
Claude Desktop Turned into RCE Vector
Researchers at Pentera Labs showed that a compromised email inbox can lead to full remote code execution on a victim’s machine by hijacking Claude Desktop’s synced “Personal Preferences” field to inject attacker-controlled instructions. The payload silently directs Claude to run commands through installed extensions like Desktop Commander, or tricks the user into installing that extension via a fake error message, with Anthropic calling the behavior “expected functionality” rather than a vulnerability. Read more
Palo Alto PAN-OS Code Execution Flaw
Palo Alto Networks disclosed CVE-2026-0288, a 9.2-severity buffer overflow in PAN-OS’s User-ID Terminal Server Agent that lets unauthenticated attackers achieve remote code execution or crash the service via crafted network traffic . The flaw affects multiple PAN-OS branches with TSA configured, though Panorama and Cloud NGFW on AWS remain unaffected, and the vendor is unaware of active exploitation so far. Read more
GhostApproval Hits AI Coding Assistants
Wiz researchers uncovered “GhostApproval,” a symlink-following flaw (CWE-61) affecting Amazon Q, Claude Code, Augment, Cursor, Google Antigravity, and Windsurf that lets malicious repositories bypass human-in-the-loop approval and write attacker SSH keys directly to a developer’s authorized_keys file . AWS, Cursor, and Google have shipped fixes, while Anthropic initially disputed the finding before patching symlink resolution in later Claude Code versions. Read more
AI Coding Agents Hijacked via “Friendly Fire”
A new exploit dubbed “Friendly Fire” hijacks Claude Code and Codex CLI during routine security reviews by hiding prompt injections inside a modified open-source library’s documentation, tricking auto-mode classifiers into approving a malicious binary as safe . The attack transferred directly from Claude Code to Codex without modification, suggesting the underlying weakness lies in how frontier models distinguish trusted instructions from untrusted data. Read more
Linux DRM Bug Enables Passwordless Root
CVE-2026-46215, a use-after-free race condition in the Linux kernel’s DRM GEM core ioctl, let any local user with GPU render node access escalate to root with a 99% success rate across 100 test boots . The bug stemmed from AMD’s CRIU checkpoint/restore code added in v6.18-rc1, and kernel maintainers responded by disabling the vulnerable ioctl entirely in the upcoming 7.1 release. Read more
Attackers Abuse Microsoft Entra Passkeys
Threat group ONC 066 (aka “Pink”) has run a phone-based phishing campaign since April 2026, tricking employees into registering attacker-controlled passkeys on their own Microsoft accounts, using live operators to relay MFA codes in real time. The scheme plants a persistent foothold that outlasts password resets, primarily for extortion, with victims spanning food and beverage, healthcare, and aviation sectors. Read more
Roundcube Zero-Click XSS Flaws
Roundcube 1.7 patches six vulnerabilities, including two critical zero-click stored XSS flaws (CVE-2026-54432 and CVE-2026-54433) that execute malicious JavaScript merely by loading an attachment-warning page or viewing an email in plain-text mode. Both were reported by Samsung R&D Institute Ukraine, and administrators are urged to prioritize this update given the near-zero interaction required for exploitation. Read more
AI-Driven AWS Compromise in 72 Hours
Sygnia’s investigation found a threat actor used AI-assisted tooling to move from initial AWS access to full environmental compromise in roughly 72 hours by chaining familiar techniques at unprecedented speed and scale . Forensic evidence, including four access keys used simultaneously from one IP, pointed to agentic automation rather than manual operation, echoing an earlier Sysdig case where AI escalated to full AWS admin control in just eight minutes. Read more
Django SQL Injection Exploited in the Wild
CVE-2026-1207, a SQL injection flaw in Django’s GeoDjango module affecting PostGIS-backed applications, is now being actively exploited through crafted raster field “band” parameters . Exploitation began shortly after February 2026 disclosure and appears targeted rather than opportunistic, prompting patched releases in Django 6.0.2, 5.2.11, and 4.2.28. Read more
WhatsApp Message Weaponizes OpenClaw
Three high-severity flaws in OpenClaw, an open-source AI coding assistant with over 100,000 daily users, let attackers achieve remote code execution through a single WhatsApp message by bypassing environment-variable filters, abusing Git’s ext:: transport, or escaping its Docker sandbox . Researcher Chinmohan Nayak showed that payloads framed as routine developer debugging requests succeeded in every tested session, prompting an urgent upgrade to version 2026.6.6. Read more
Strengthen Your SOC by Accelerating Threat Detection & Rapid Investigations. -> Integrate ANY.RUN With Your SOC Now.

