Windows Subsystem for Linux is a technology platform tracked across 10 threat clusters and 8 intelligence report mentions on ThreatCluster. First observed November 4, 2025; most recent activity June 30, 2026.
Windows Subsystem for Linux (WSL) is a Windows feature that lets users run Linux user space and binaries on Windows. It relies on Hyper-V-based virtualization (especially in WSL2) to provide a Linux kernel and userspace, creating a bridge between Windows and Linux environments. In cybersecurity, WSL expands the attack surface by enabling Linux tooling on Windows, which can introduce new evasion, persistence, and monitoring challenges for defenders when Linux and Windows workloads interact.
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
On February 10, 2026, Microsoft released a security update addressing 59 vulnerabilities, including six zero-day flaws that were actively exploited prior to the patch. The vulnerabilities affect various Microsoft…
Parrot OS 7.0, codenamed Echo, has been officially released, featuring a complete system rewrite based on Debian 13. This version introduces KDE Plasma 6, Wayland by default, and an expanded suite of penetration testing…
The Russian hacker group Curly COMrades is exploiting Microsoft Hyper-V on compromised Windows machines to create hidden Alpine Linux-based virtual machines. These virtual environments allow the group to bypass endpoint…
Microsoft announced the launch of Microsoft Execution Containers (MXC) at its Build conference on June 2, 2026, aimed at providing a secure execution environment for AI agents. This new policy-driven execution layer…
On June 29, 2026, Offensive Security released Kali Linux 2026.2, introducing nine new tools and significant improvements to VM boot times. The update includes enhancements to the GNOME 50 and KDE Plasma 6.6 desktop…
Microsoft has released updates to address a critical zero-day vulnerability in Windows Shell, tracked as CVE-2026-21510, which is actively being exploited. This security flaw allows remote attackers to bypass essential…
In December 2025, Adobe released five bulletins addressing 139 unique vulnerabilities as part of its security updates. This follows the November updates, where Adobe addressed 29 unique CVEs across several products.…
CVE-2026 was assigned to address a vulnerability in Chromium, which is utilized by Microsoft Edge (Chromium-based). This vulnerability affects users of Microsoft Edge as it ingests the Chromium codebase. For further…
The Russian hacker group Curly COMrades is utilizing Microsoft Hyper-V to create hidden Alpine Linux-based virtual machines on compromised Windows systems, allowing them to bypass endpoint detection and maintain…