The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
Cohere Terrarium sandbox flaw lets AI-generated code escape the container as root
A vulnerability in Cohere's Terrarium, the sandboxed Python execution environment used to run code produced by AI agents, allowed attackers to break out of the
Cross-App Permission Stacking Creates Hidden Privilege Escalation Paths
Modern SaaS environments rarely fail because of a single over-permissioned integration. They fail because individually reasonable grants — a calendar read here,
France's ANTS document agency breached, 19M records allegedly up for sale
The Agence nationale des titres sécurisés (ANTS), the French Interior Ministry body that issues passports, national IDs, driver's licenses, and immigration pape
GoGra Linux backdoor abuses Microsoft Graph API and Outlook for C2
Symantec has identified a Linux build of the GoGra backdoor attributed to Harvester, a state-aligned espionage group active since 2021 against telecom, governme
Google Patches Critical RCE in Antigravity AI Development Tool
Google has shipped a fix for a critical remote code execution vulnerability in Antigravity, its AI-powered development platform. The flaw allowed attackers to e
Graph API code change exposes race condition in Universal Print share creation
Microsoft has attributed an ongoing Universal Print outage (UP1287359) to a recent Microsoft Graph API code change that increased Entra ID directory replication
Harvester APT Port GoGra Backdoor to Linux, Abuses Microsoft Graph API for C2
The Harvester threat group has expanded its Linux tooling with a port of the GoGra backdoor, previously seen only on Windows, and is using it against targets in
ICE Confirms Use of Graphite Spyware in Domestic Operations
U.S. Immigration and Customs Enforcement has acknowledged deploying Graphite, a zero-click spyware product from Israeli vendor Paragon Solutions. The agency fra
Kyber ransomware ships dual ESXi/Windows payloads, fakes post-quantum crypto on Linux
Rapid7 analyzed two Kyber ransomware variants deployed in tandem during a March 2026 incident, with one targeting VMware ESXi and a Rust-built sibling hitting W
Lotus Wiper Hits Venezuelan Energy Grid in Destructive Campaign
A previously uncatalogued wiper dubbed Lotus has surfaced in attacks against Venezuelan energy infrastructure, destroying data rather than encrypting it for ran
Microsoft patches critical ASP.NET Core flaw letting attackers forge SYSTEM-level auth
Microsoft pushed an emergency fix for CVE-2026-40372, a high-severity bug in the Microsoft.AspNetCore.DataProtection NuGet package (versions 10.0.0 through 10.0
Microsoft Ships Emergency Fix for Critical ASP.NET Core Auth Bypass
Microsoft has issued out-of-band patches for CVE-2026-40372, a critical privilege escalation flaw in ASP.NET Core's Data Protection cryptographic APIs. A regres