Metasploit
-
Critical Grandstream GXP1600 flaw allows root takeover and silent eavesdropping
A critical stack overflow in Grandstream GXP1600 VoIP phones allows unauthenticated remote root access and silent eavesdropping. CVE-2026-2329 is rated 9.3. Firmware 1.0.7.81 fixes the vulnerability.
-
ShadowSilk Expands Target Reach to Central Asia and APAC Government Agencies, 36 Victims Identified, Group-IB Says
A new threat cluster named ShadowSilk has targeted government entities across Central Asia and the Asia-Pacific region, with Group-IB reporting 36 identified victims. The operation blends Russian- and Chinese-speaking actors, uses spear-phishing and Telegram-based C2, and leverages a broad toolkit to exfiltrate data from government networks.
