🔴 Breaking
JADEPUFFER — first confirmed AI agent ransomware: 600 payloads, 1,342 records encrypted and deleted, recovery impossible, attacker cost near zero via LLMjacking  •  Bad Epoll CVE-2026-46242 — Linux kernel root exploit Mythos missed, 99% reliable, reaches Android  •  DuneSlide CVSS 9.8 — Cursor IDE zero-click sandbox escape, Fortune 500  •  6 Microsoft Defender zero-days — RoguePlanet now patched  •  Claude Code reverse shell — clean GitHub repo, DNS TXT, no scanner catches it   JADEPUFFER — first confirmed AI agent ransomware: 600 payloads, 1,342 records encrypted and deleted, recovery impossible, attacker cost near zero via LLMjacking  •  Bad Epoll CVE-2026-46242 — Linux kernel root exploit Mythos missed, 99% reliable, reaches Android  •  DuneSlide CVSS 9.8 — Cursor IDE zero-click sandbox escape, Fortune 500  •  6 Microsoft Defender zero-days — RoguePlanet now patched  •  Claude Code reverse shell — clean GitHub repo, DNS TXT, no scanner catches it   
Threat Briefs
40
Active Threats
13
CISA KEV Listed
11
No Patch Yet
3
Latest

Threats & Attacks

AI Security · Ransomware · First AI Agent Attack
JADEPUFFER: First Confirmed AI Agent Ransomware — 600 Payloads, 1,342 Records Gone, Recovery Impossible, Cost Near Zero

Autonomous LLM: initial access, credential harvest, lateral movement, persistence, encryption, ransom demand. No human at keyboard. Key displayed once, never stored. Ran on victim’s own stolen API keys. Old CVEs, unpatched servers.

July 9, 2026
Linux Kernel · Android · 99% Reliable
Bad Epoll (CVE-2026-46242): The Linux Root Exploit Mythos Missed — 99% Reliable, Reaches Android

Six-instruction race window. Four epoll objects. Root 99% of the time. Reaches Android from Chrome’s renderer sandbox. AI found the sibling bug and missed this one. Third LPE in two weeks.

July 5, 2026
AI Security · CVSS 9.8 · Fortune 500
DuneSlide: Zero-Click Prompt Injection Escapes Cursor IDE Sandbox on Fortune 500 Machines

Normal prompt. MCP response. Sandbox binary overwritten. No click. Full machine. 50%+ Fortune 500. Cato: similar flaws in all coding agents.

July 2, 2026
Endpoint Security · All Now Patched
Six Microsoft Defender Zero-Days in 90 Days — RoguePlanet Finally Patched July 9

BlueHammer CISA KEV. UnDefend silently degrades protection. RoguePlanet: SYSTEM on fully patched Win10/11 — now patched out-of-band. Apply immediately.

July 1, 2026
AI Security · Prompt Injection
Claude Code Reverse Shell — Mozilla 0DIN: Clean GitHub Repo, Zero Malicious Code, No Scanner Catches It

Payload in DNS TXT record. Static analysis, human review, AI agent: all blind. “Claude Code never decided to open a shell. It decided to fix an error.”

July 1, 2026
Identity Security · 37x Spike
Device Code Phishing: 37x Spike, 18 Kits, MFA Bypass That Survives Password Resets

Bypasses TOTP, push, SMS. Token survives password resets. Conditional Access doesn’t block by default. FBI advisory. Criminal commodity.

June 29, 2026
Analysis

Intelligence & Deep Dive

The DataWater Intelligence Brief

Weekly CISO-level threat analysis — breaking vulnerabilities, technical depth, zero noise.