ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

This week starts small.A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are using the parts we already trust.That is what makes it worrying. The danger is in normal things now - updates, apps, cloud buttons, support chats, trusted accounts. AI does not make the attacks magic. It just helps people try more things, faster.Here's what showed up this week.

47 zero-days exposed

The Pwn2Own Berlin 2026 hacking contest has concluded, with security researchers collecting $1,298,250 in rewards after exploiting 47 zero-day flaws in various products from Windows, Linux, VMware, and NVIDIA. DEVCORE won the event with 50.5 Master of Pwn points and $505,000 in rewards throughout the three-day contest after hacking Microsoft SharePoint, Microsoft Exchange, Microsoft Edge, and Windows 11. STARLabs SG and Out Of Bounds followed with $242,500 (25 points) and $95,750 (12.75 points).

Agentic AI security warning

The U.K. National Cyber Security Centre (NCSC) has released new guidance for organizations to implement adequate security controls when rolling out agentic artificial intelligence (AI) tools in enterprise environments. "If an agent is over-privileged or poorly designed, a single failure can quickly become a serious incident," NCSC said. "It is crucial, therefore, to think before you deploy."