QEMU is a technology platform tracked across 21 threat clusters and 32 intelligence report mentions on ThreatCluster. First observed November 26, 2025; most recent activity July 8, 2026.
A critical vulnerability in Linux KVM, named Januscape (CVE-2026-53359), has been discovered after lying dormant for 16 years. This flaw allows attackers with root access in a guest virtual machine to escape to the host…
Multiple vulnerabilities in QEMU have been identified, impacting Ubuntu 25.10, 24.04 LTS, and 22.04 LTS. The issues include improper memory handling in the LSI53C895A SCSI Host Bus Adapter (CVE-2024-6519) and…
Three critical vulnerabilities (CVE-2026-34177, CVE-2026-34178, CVE-2026-34179) have been identified in Canonical LXD versions 4.12 through 6.7, allowing authenticated users to escalate privileges to cluster admin and…
SUSE Linux has released updates addressing multiple vulnerabilities in QEMU, affecting versions of SUSE Linux Micro 6.0 and 6.1. Key vulnerabilities include CVE-2025-14876, CVE-2026-0665, CVE-2026-2243, CVE-2026-3195,…
In May 2026, a malspam campaign utilizing the Google DoubleClick domain was identified, delivering the DesckVB remote access trojan (RAT). The attack begins with an HTML email attachment that redirects users through…
Hackers are utilizing QEMU, an open-source virtual machine emulator, to create hidden Linux environments within Windows systems, effectively evading endpoint security tools. This method allows for long-term access,…
On June 9, 2026, Ubuntu announced several vulnerabilities in QEMU affecting versions 14.04 LTS to 20.04 LTS. The vulnerabilities include denial of service risks and potential arbitrary code execution due to improper…
On April 20, 2026, a breach at Vercel was reported, revealing limited customer credentials tied to a Context AI hack. The attack exploited vulnerabilities in Vercel's infrastructure, although specific attack vectors…
EDK II in Ubuntu 22.04 LTS and 24.04 LTS has critical vulnerabilities, including a predictable TCP Initial Sequence Number that could allow unauthorized access. Additionally, improper handling of S3 sleep could lead to…
On February 18, 2026, Microsoft published information on several CVEs affecting SCSI and QEMU components. These vulnerabilities include potential memory corruption in qla2xxx (CVE-2024-42288), a kernel oops issue in…