Skip to content
RiverCore
pragma blog/security >=6.0.0;

Cybersecurity

// News, case studies and technical insights
Google Flags First AI-Built Zero-Day in the Wild
AI zero-day exploitcybersecuritythreat intelligence

Google Flags First AI-Built Zero-Day in the Wild

Google says it caught the first zero-day exploit likely built with AI assistance, a 2FA bypass against an open source admin tool. Here's what platform leads should do.

29 Jun 20267 min
Read article
// LATEST ARTICLES
Amazon Q Extension Flaw Leaked AWS Credentials on Repo Open
Amazon Q Developer flawAWS credentials

Amazon Q Extension Flaw Leaked AWS Credentials on Repo Open

A Wiz-discovered flaw in Amazon Q Developer auto-ran commands from workspace configs on repo open, putting AWS credentials in reach via a single cloned repo.

Cisco SD-WAN Zero-Day CVE-2026-20245 Exploited Two Months Pre-Disclosure
Cisco SD-WAN zero-dayCVE-2026-20245

Cisco SD-WAN Zero-Day CVE-2026-20245 Exploited Two Months Pre-Disclosure

A 7.8 CVSS Cisco Catalyst SD-WAN zero-day was exploited at least two months before disclosure, chaining with two undisclosed auth bypass flaws to plant a hidden 'troot' account at a telco.

Novo Nordisk Breach Story Has Zero Extractable Facts: A Disclosure Problem
Novo Nordisk breachdata breach disclosure

Novo Nordisk Breach Story Has Zero Extractable Facts: A Disclosure Problem

A reported Novo Nordisk data breach story renders as a privacy consent wall, not an article. The interesting security question is what that tells us about disclosure pipelines.

FortiBleed and Three FortiSandbox CVEs: The Fortinet Bill Comes Due
Fortinet vulnerabilitiesFortiBleed

FortiBleed and Three FortiSandbox CVEs: The Fortinet Bill Comes Due

Three FortiSandbox CVEs under active exploitation and a 30,000-device FortiBleed campaign turn the Fortinet renewal cycle into a board-level conversation.

APT28 Turns Home Routers Into a Shadow Network for State Hacking
APT28 router hijackingGRU hacking

APT28 Turns Home Routers Into a Shadow Network for State Hacking

APT28's pivot to 18,000 hijacked routers and cloud-API command channels rewrites the threat model for every platform team relying on commodity edge gear and OAuth.

Splunk CVE-2026-20253: Unauthenticated RCE in PostgreSQL Sidecar
Splunk RCE vulnerabilityCVE-2026-20253

Splunk CVE-2026-20253: Unauthenticated RCE in PostgreSQL Sidecar

A 9.8 CVSS bug in Splunk Enterprise lets unauthenticated attackers write files and pop a shell via an exposed PostgreSQL sidecar. Patch this week, not next sprint.

Showing 15–21 of 52 articles
1234...8
HomeSolutionsWorkAboutContact
News06
Dublin, Ireland · EUGMT+1
LinkedIn
🇬🇧EN