Shop
Support
Home
Voice Solutions
On-Premise
Cloud Hosted
Paging
Services
Data Solutions
IT Support
Managed IT
CO-Managed IT
Cybersecurity
Compliance
Cloud Solutions
Project Management
Cloud
BCDR
M365
Cloud Security
Cloud Migration
Consulting
Azure
Industries
Manufacturing
Healthcare
Financial Services
Professional Services
Oil and Gas
Non-Profit
GovEd
Retail
Support
Service Request
Client Portal
Support Links
Quick Tabs
N2K
Contact Us
Shop
N2K
Need 2 Know
Ho ho ho! December’s Patch Tuesday delivers three zero-days
January 2, 2026
Credit: Clint Patterson / Unsplash
JUL
07
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data
By:
info@thehackernews.com (The Hacker News)
on
JUL
07
A public issue can trick GitHub Agentic Workflows into leaking the contents of an organization's private repositories, researchers at Noma Security have shown. The attacker needs only to open a normal-looking issue on a public repository, with no stolen credentials and no access to the organization. If that organization has given the agent read access across its repositories, private ones
Read more >>
JUL
07
Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker
By:
info@thehackernews.com (The Hacker News)
on
JUL
07
U.S. prosecutors linked an alleged Scattered Spider hacker to a break-in at a luxury jewelry retailer using a persistent Windows device ID, according to a newly unsealed federal complaint. Microsoft records tied that ID first to the account the attackers used to keep access during the May 2025 intrusion, then to online accounts prosecutors say belong to 19-year-old Peter Stokes. Stokes is
Read more >>
JUL
07
Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants
By:
info@thehackernews.com (The Hacker News)
on
JUL
07
Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial intelligence (AI) platform, that could result in cross-tenant compromise. The one-click vulnerability has been codenamed WriteOut by the Sand Security Research team. "An outsider could go from having no access to taking over any Writer AI
Read more >>
JUL
07
What Changes When Your Software Supply Chain Includes AI Writing Your Code?
By:
info@thehackernews.com (The Hacker News)
on
JUL
07
Software supply chain security was hard enough. Then AI joined the build pipeline. For five years, "software supply chain security" meant one question: what's in your code? Which open-source packages, which versions, which transitive dependencies three layers deep that nobody chose on purpose? SolarWinds, Log4Shell, and XZ Utils all taught the same lesson: the risk lives less in the code a
Read more >>
JUL
07
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
By:
info@thehackernews.com (The Hacker News)
on
JUL
07
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign. The activity involves the exploitation of now-patched, critical security flaws in the open-source email solution, such as CVE-2024-42009 (CVSS score: 9.3), to siphon credentials,
Read more >>
JUL
07
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
By:
info@thehackernews.com (The Hacker News)
on
JUL
07
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday. "An attacker can exploit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process
Read more >>
JUL
07
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
By:
info@thehackernews.com (The Hacker News)
on
JUL
07
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices. The vulnerabilities are listed below - CVE-2026-40138 (CVSS score: 9.2) - A pre-authentication vulnerability exists in the
Read more >>
JUL
06
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
By:
info@thehackernews.com (The Hacker News)
on
JUL
06
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations. The activity, which has primarily singled out IT providers and government sectors, has been attributed to a threat cluster tracked by Check Point Research
Read more >>
JUL
06
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
By:
info@thehackernews.com (The Hacker News)
on
JUL
06
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the researcher claims that a separate, unreleased exploit
Read more >>
JUL
06
Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure
By:
info@thehackernews.com (The Hacker News)
on
JUL
06
Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from the DevOps platform trusting the "X-WEBAUTH-USER" header from any source IP address, effectively allowing an unauthenticated internet client to get elevated
Read more >>
More posts
JUL
07
Discord accidentally banned over 8,000 people for posting grids and other ‘benign’ images
By:
Emma Roth
on
JUL
07
Discord says a bug affecting its safety system caused it to mistakenly ban more than 8,000 accounts since May. The platform's statement follows a wave of reports from users over the past week, who say they've been banned for posting images containing grids, such as chessboards, game textures, and even Minecraft inventories. Stanislav Vishnevskiy, Discord […]
Read more >>
JUL
07
Anker’s noise-blocking earbuds for sleeping are nearly half off
By:
Sheena Vasani
on
JUL
07
You might have a great bed and a good sleepy time routine, but if you’re still struggling to fall (or stay) asleep, Anker’s Soundcore Sleep A20 are worth considering. They’re designed to help muffle distracting sounds, and they’ve hit a new all-time low price of $99.99 ($80 off) at Best Buy and Target. In his […]
Read more >>
JUL
07
iRobot’s newest floor cleaner isn’t a robot
By:
Jennifer Pattison Tuohy
on
JUL
07
iRobot just announced its first-ever non-robotic floor cleaner. The $399 Roomba Electro Plus is a 5-in-1 hard-floor cleaner that combines vacuuming, mopping, and disinfecting, but you have to operate it yourself. The company also announced updates to its line of Roomba robot vacuums, launching five new models with higher suction power, smaller footprints, and lower […]
Read more >>
JUL
07
Microsoft fixes storage-hogging Windows 11 folder
By:
Emma Roth
on
JUL
07
Microsoft is addressing a Windows 11 bug that caused a folder to take up several gigabytes of storage space. As spotted earlier by Windows Latest, Microsoft included the patch in its optional June 2026 update (KB5095093), which "improves disk space usage for the CapabilityAccessManager.db-wal file." The CapabilityAccessManager.db-wal file is installed on Windows 11 PCs by […]
Read more >>
JUL
07
Solos debuts an even lighter version of its camera-less smart glasses
By:
Andrew Liszewski
on
JUL
07
Solos announced a new version of its AirGo smart glasses, one that forgoes cameras for a sleeker design and an AI assistant that relies on voice interactions. Last year's AirGo A5 weighed 36 to 40 grams depending on the frame style, but the new AirGo A6 weigh around 19 grams. Part of the weight savings […]
Read more >>
JUL
07
Google Search lets creators know more about their reach
By:
Jay Peters
on
JUL
07
Google is going to give content creators and website owners a better idea of how people find their social media profiles and YouTube content through Search. With a new feature in the Google Search Console called "platform properties," Google says that you'll be able to "easily track which search terms lead people to your Instagram, […]
Read more >>
JUL
07
iFixit has a new toolkit for fixing appliances, building furniture, and household repairs
By:
Andrew Liszewski
on
JUL
07
iFixit is best known for its detailed gadget teardowns and toolkits designed to help you crack open and troubleshoot your own electronics. Today it announced a new toolkit that's instead tailored to household repairs or DIY projects like fixing appliances or assembling flat-packed furniture. iFixit describes its $34.95 Megalodon Driver Kit as a "compact kit […]
Read more >>
JUL
07
Marshall upgrades the bass and repairability of two wireless speakers
By:
Andrew Liszewski
on
JUL
07
Marshall announced new versions of its Acton and Stanmore Bluetooth speakers today with upgraded tweeters, bass ports, and internal designs that improve their ability to fill a room with sound. Both the Acton IV and Stanmore IV replace their four-year-old predecessors with a new focus on repairability. Parts including knobs, feet, and the speakers' front […]
Read more >>
JUL
07
Xbox’s bold plan for the future sounds nearly impossible
By:
Andrew Webster
on
JUL
07
It's another bad week for the video game industry. Microsoft outlined a series of layoffs on Monday that Xbox CEO Asha Sharma described as "the most significant restructure in Xbox history." But buried in Sharma's memo was a curiously optimistic statement: "I want Xbox to be one of the few companies that entertains more than […]
Read more >>
JUL
07
Are you ready for what it takes to stop ghost guns?
By:
Mack DeGeurin
on
JUL
07
In the summer of 2024, former Army National Guard member Andrew Scott Hastings spent a sweaty afternoon carefully packing boxes with parts he made using his 3D printer. These weren't novelty figurines or replacement Ikea pieces. The boxes were instead filled with a handful of homemade firearm lower receivers and more than 100 "switches," small […]
Read more >>
More posts
PO Box 1793 , Brenham, TX 77834
300 W Blue Bell
Rd. , Brenham, TX 77833
Home
Voice Solutions
On-Premise
Cloud Hosted
Paging
Services
Data Solutions
IT Support
Managed IT
CO-Managed IT
Cybersecurity
Compliance
Cloud Solutions
Project Management
Cloud
BCDR
M365
Cloud Security
Cloud Migration
Consulting
Azure
Industries
Manufacturing
Healthcare
Financial Services
Professional Services
Oil and Gas
Non-Profit
GovEd
Retail
Support
Service Request
Client Portal
Support Links
Quick Tabs
N2K
Contact Us
Shop
CONTACT US
Brenham, TX
979-830-1292
mail@gosscom.com
Share by: