An unknown actor published a trojaned version of the Checkmarx Jenkins AST plugin to the Jenkins Marketplace, compromising CI/CD pipelines of any organization that updated the plugin.
A multi-year phishing campaign has compromised more than 500 organizations across aviation, energy, logistics, critical infrastructure, and public administration sectors.
Persistent battlefield surveillance by drones has made rapid casualty evacuation—the cornerstone of Western military medical doctrine—increasingly untenable in peer or near-peer conflicts.
Escalating disputes over Syria's post-Assad order and Palestinian territories have raised credible risk of direct Turkish-Israeli military clash, with Netanyahu and Erdogan trading public warnings since December 2025. A NATO member in active armed conflict with a key U.S.
A cyberattack took down the Canvas learning management system during final exam season, cutting off tens of thousands of students globally before service was restored.
A new TrickMo variant targeting European banking users routes command-and-control traffic through The Open Network blockchain, making infrastructure takedowns by defenders effectively impossible.
An active malvertising campaign abuses Google Ads and legitimate Claude.ai shared-chat URLs to redirect Mac users searching for Claude to malware installers. Hijacking a trusted AI platform's own domain as a lure defeats URL-reputation defenses and exploits user trust in branded AI services.
Two Linux vulnerabilities tracked as CVE-2026-43284 and CVE-2026-43500, dubbed Dirty Frag and Copy Fail 2, were publicly disclosed and possibly exploited before a patch was released. Pre-patch disclosure with active exploitation signals a coordinated or irresponsible release that hands attackers a guaranteed window.
Cyera disclosed CVE-2026-7482 (CVSS 9.1), an unauthenticated out-of-bounds read in Ollama that allows remote attackers to exfiltrate the entire process memory of affected AI inference servers.