Daily News
GodDamn Ransomware PoisonX Driver Kills EDR
The GodDamn ransomware PoisonX driver is a Microsoft-signed kernel tool that ransomware operators use to silently kill EDR and antivirus processes before deploying encryption — and because the driver carries a legitimate Microsoft signature, standard driver-trust checks wave it straight through. What Happened Symantec disclosed on July 9, 2026 that a ransomware family called GodDamn…
Read MoreMicrosoft July 2026 Patch Tuesday Zero-Day Hits SharePoint
The Microsoft July 2026 Patch Tuesday zero-day count is the largest disclosure on record — trackers put the total at 570 to 622 CVEs depending on methodology — and two of the fixed flaws were already being exploited before the patch shipped: one in Active Directory Federation Services, one in SharePoint Server. A separate, publicly…
Read MoreNightmare Eclipse Windows Zero-Day Trilogy
The Nightmare Eclipse Windows zero-day trilogy has moved from proof-of-concept code on GitHub to a confirmed, real-world intrusion: Huntress found BlueHammer, RedSun, and UnDefend deployed together in one attack chain that started with a compromised FortiGate VPN appliance. What Happened A researcher operating under the handle “Nightmare Eclipse” (also seen as “Chaotic Eclipse”) has published…
Read MoreGitea Docker CVE-2026-20896 Auth Bypass
Gitea Docker CVE-2026-20896 is now under active exploitation: a single crafted HTTP header lets an unauthenticated attacker impersonate any user of a self-hosted Gitea instance — including an administrator — and walk away with private repositories and any secrets committed by mistake. What Happened Gitea’s official Docker image ships with REVERSE_PROXY_TRUSTED_PROXIES=*. On deployments that also…
Read MoreLangflow CVE-2026-55255 KEV: AI Agent Flaw Explained
The Langflow CVE-2026-55255 KEV entry, added by CISA on July 7, marks the first time an AI agent orchestration platform has ever appeared in the Known Exploited Vulnerabilities catalog. The flaw carries a CVSS score of just 6.1 from CISA, yet KEVIntel and CIRCL independently score the same bug 9.9, because it lets an authenticated…
Read More
