RedLine Infostealer Thread Reveals Hidden Maritime Phishing and BEC Infrastructure

A routine threat-feed alert for a RedLine Stealer command-and-control (C2) IP morphed into a full-scale pivot investigation that exposed a tailored maritime spear‑phishing and business email compromise (BEC) ecosystem. The starting signal a UniqueSignal entry from VMRay identified 194[.]156.79.122:55615 as…

Fluentd Security Flaws Enable Remote Code Execution, SSRF, DoS, and Credential Exposure

Fluentd, a widely used open-source data collector for unified logging, has reported several high-impact vulnerabilities that could enable attackers to achieve remote code execution (RCE), server-side request forgery (SSRF), denial-of-service (DoS), and the exposure of sensitive credentials. These issues, documented…

Supreme Court To Hear Apple Contempt Case

US Supreme Court agrees to hear Apple’s challenge to district court ruling finding it in civil contempt for violating App Store order This article has been indexed from Silicon UK Read the original article: Supreme Court To Hear Apple Contempt…

New RustDuck Botnet Targets IoT Devices and Servers With Weak Passwords and RCE Exploits

A sophisticated new botnet family dubbed RustDuck emerged in early 2026, leveraging a two-stage Loader and Core architecture to compromise IoT devices, routers, and enterprise servers through brute-force credential attacks and remote code execution vulnerabilities. RustDuck employs a multi-pronged infection…

Anthropic buffa Library Zero-Day Lets Attackers Trigger Memory-Amplification DoS

Anthropic’s Rust-based protobuf library, buffa, has been discovered to have a zero-day memory amplification denial-of-service (DoS) vulnerability. This flaw allows attackers to deplete system memory using relatively small inputs. Endor Labs identified the issue through its AI-powered static application security…

Bash hits AI, DHS announces ANCHOR-CI, Aikido buys Root

Bash can spell trouble GNU for AI agents  DHS to unveil critical infrastructure council  Aikido buys Root Get the show notes here: https://cisoseries.com/cybersecurity-news-bash-hits-ai-dhs-announces-anchor-ci-aikido-buys-root/  Huge thanks to our sponsor, Silent Push Most cybersecurity approaches are completely reactive. Victim organizations are hit…