# Top Stories

Google released emergency Chrome 146 updates patching CVE-2026-3909 (Skia out-of-bounds write) and another high-severity V8 vulnerability, both actively exploited in zero-day attacks. These flaws enable remote attackers to perform out-of-bounds memory access and potentially execute code via crafted HTML pages.

International law enforcement dismantled the SocksEscort proxy botnet that infected 369,000 residential routers across 163 countries since 2020, generating $5.8 million for cybercriminals. The operation used AVrecon malware to compromise home and business routers, creating a massive proxy network for fraud operations.

Operation Synergia III resulted in law enforcement sinkholing 45,000 malicious IP addresses and seizing servers linked to phishing, malware, and ransomware campaigns across 72 countries. INTERPOL coordinated the international effort that also led to 94 arrests of cybercriminals worldwide.

Qualys disclosed nine "CrackArmor" vulnerabilities in Linux AppArmor that allow unprivileged users to escalate to root privileges and bypass container isolation. These confused deputy flaws affect the kernel's security module and enable attackers to circumvent fundamental Linux protections.

Veeam patched multiple critical remote code execution vulnerabilities in its Backup & Replication solution that could expose backup servers to attacks. The flaws allow attackers to compromise backup infrastructure, potentially destroying recovery capabilities during ransomware incidents.

Storm-2561 threat actors distribute fake VPN clients impersonating Ivanti, Cisco, and Fortinet through SEO poisoning to steal enterprise credentials. Microsoft identified this campaign uses digitally signed trojans delivered via malicious ZIP files from attacker-controlled websites.

Palo Alto Networks Unit 42 identified Chinese espionage group CL-STA-1087 targeting Southeast Asian militaries with AppleChris and MemFun malware since 2020. The campaign demonstrates strategic operational patience typical of state-sponsored cyber espionage operations.

DOJ charged incident responder Angelo Martino for allegedly providing information to BlackCat ransomware operators during victim negotiations and conducting cyberattacks on the same clients he was hired to help. Prosecutors claim this insider scheme resulted in higher ransom payouts for attackers.

Telus Digital confirmed a security breach after threat actors claimed to steal nearly 1 petabyte of data from the Canadian business process outsourcing company. The multi-month breach represents one of the largest data theft claims in recent cybersecurity incidents.

IBM researchers identified "Slopoly" malware, likely generated using AI tools, deployed by Hive0163 in Interlock ransomware attacks. The AI-assisted malware enabled threat actors to maintain persistent access on compromised servers for over a week before data exfiltration.