top of page
ALL POSTS
High-Severity Infrastructure Vulnerabilities Expose Critical Systems and Live Surveillance Feeds
Key Findings Ivanti ITSM vulnerability CVE-2026-9614 carries CVSS score of 8.8 and allows authenticated privilege escalation to administrator access KMW CCTV vulnerability CVE-2026-5386 has critical CVSS score of 9.1 and enables unauthenticated password reset on camera systems SaaS Ivanti deployments already patched automatically; on-premises versions 2025.4 and prior require immediate manual updates KM-IP521 and KM-IP421 camera models affected; vendor patches available but K
Jun 22 min read
PAN-OS RCE Exploit Actively Exploited for Root Access and Surveillance Operations
Key Findings CVE-2026-0300, a critical buffer overflow in PAN-OS User-ID Authentication Portal, is under active exploitation by suspected state-sponsored actors Unsuccessful exploitation attempts began April 9, 2026, with successful remote code execution achieved a week later Attackers achieved root-level access and injected shellcode into nginx worker processes Post-exploitation activities included Active Directory enumeration and deployment of EarthWorm and ReverseSocks5 to
May 83 min read
Law Enforcement's Mass Surveillance Through Ad Data: The Webloc Tracking of 500 Million Devices
Key Findings Webloc, an ad-based geolocation surveillance system, tracks up to 500 million mobile devices globally without warrant requirements Law enforcement agencies in the U.S., Hungary, and El Salvador have deployed the tool, including ICE, DHS, and local police departments across multiple cities The system accesses device identifiers, location coordinates, and personal data harvested from mobile apps and digital advertising networks Israeli company Cobwebs Technologies
Apr 113 min read
Red Menshen APT Deploys Stealthy BPFDoor Implants Across Telecom Networks for Surveillance Operations
Key Findings China-linked threat actor Red Menshen has maintained a long-term espionage campaign targeting telecom networks in the Middle East and Asia since at least 2021 The group deploys BPFDoor, a kernel-level Linux backdoor that operates as a "digital sleeper cell" with no visible listening ports or command-and-control beaconing BPFDoor inspects network traffic inside the kernel using Berkeley Packet Filter functionality, activating only when receiving a specially crafte
Mar 274 min read
FBI Investigating Breach of Sensitive Surveillance System
Key Findings The FBI is investigating suspicious cyber activity affecting an internal system that stores sensitive data tied to surveillance operations and investigations. The affected system is unclassified but contains law enforcement-sensitive information, including data from legal tools like pen register and trap-and-trace orders, and personally identifiable information linked to investigations. The FBI has identified and addressed the suspicious activities, using all ava
Mar 72 min read
Real-Time Surveillance and Data Theft Enabled by New ZeroDayRAT Mobile Spyware
Key Findings Security researchers have uncovered details of a new mobile spyware platform called ZeroDayRAT that is being sold openly on Telegram. ZeroDayRAT provides comprehensive remote control capabilities over compromised Android and iOS devices, including real-time surveillance and data theft. The malware supports Android versions 5 through 16 and iOS up to version 26, allowing it to target a wide range of mobile devices. ZeroDayRAT is distributed through social engineer
Feb 162 min read
bottom of page
