
Unpatched HTTP/3 DoS in Alibaba XQUIC — 260-Byte Crash
Alibaba XQUIC unpatched HTTP/3 DoS flaw crashes servers with 260 bytes. Zimbra critical XSS patched. GigaWiper destructive backdoor analyzed.
Posts tagged: Daily-Brief

Alibaba XQUIC unpatched HTTP/3 DoS flaw crashes servers with 260 bytes. Zimbra critical XSS patched. GigaWiper destructive backdoor analyzed.

CVE-2026-50746 UniFi OS CVSS 10 command injection, CVE-2026-50656 Defender RoguePlanet exploit, UAT-7810 LONGLEASH ORB malware, ColdFusion KEV deadline.

CVE-2026-43499 GhostLock grants instant root on Linux since 2011. CVE-2026-48282 ColdFusion CVSS 10 added to KEV. KDDI 12M credential breach confirmed.

CVE-2026-53359 KVM VM escape has public PoC after 16 years. Plus BeyondTrust CVSS 9.2 auth bypass and China-nexus ORB malware from Talos.

Prompt injection forces autonomous AI agents to send crypto to attackers. Plus Opera GX silent install flaw and SkillCloak 90% AI plugin evasion.

FBI dismantles NetNut residential proxy botnet enrolling 2M+ IoT devices. Plus CitrixBleed 2.0 exploited same day and Medtronic 3.8M-record breach.

Cisco UCM zero-day exploited with public PoC. CVE-2026-45659 SharePoint RCE hits CISA KEV. DHS confirms HSIN breach. JADEPUFFER AI ransomware.

Citrix patches CVE-2026-8451 NetScaler info disclosure and HTTP/2 Bomb DoS. Talos exposes ARToken M365 PhaaS panel.

CVE-2026-46817 Oracle EBS Payments auth bypass actively exploited. Aflac Japan subsidiary breach and BlueHammer in ransomware toolkits.

CVE-2026-55200 public PoC turns SSH clients into targets. Plus 14.2M credentials exposed at six ISPs and Russian APTs exploiting messaging apps.