The discovery of all five nucleobases on Ryugu strengthens the idea that life’s molecular ingredients formed in space before reaching Earth.
Get the latest international news and world events from around the world.
Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME).
The vulnerability, tracked as CVE-2026–20230 (CVSS score: 8.6), is a case of improper input validation for specific HTTP requests that could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device.
“An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device,” Cisco said in an advisory released earlier this month. “A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root.”
New macOS ClickFix attack silently mounts DMGs to push infostealer
A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from malicious disk image (DMG) files.
The campaign is infecting Mac devices with the Atomic macOS Stealer (AMOS) infostealer, which steals browser credentials, cryptocurrency wallet data, Keychain data, messaging app information, and user documents.
Researchers at Palo Alto Networks Unit 42 first discovered the campaign and say it begins with a fake CAPTCHA page that tells users to open Terminal and paste a malicious command to verify themselves.
