Ffmpeg is a tool tracked across 22 threat clusters and 39 intelligence report mentions on ThreatCluster. First observed November 16, 2025; most recent activity July 1, 2026.
Active exploitation of two critical vulnerabilities has been reported: CVE-2026-20230 in Cisco Unified CM and CVE-2026-20971 in Samsung KNOX. The Cisco flaw, a server-side request forgery (SSRF), poses an immediate…
In 2024, ESET identified a new China-aligned APT group named LongNosedGoblin, which targets governmental entities in Southeast Asia and Japan. The group employs a custom toolset, primarily using C#/.NET applications, to…
An anonymous researcher known as Bikini has released exploit code for over a dozen zero-day vulnerabilities affecting 15 popular open-source projects, including the Linux kernel and Libssh2. The exploits were disclosed…
A critical vulnerability in FFmpeg's MagicYUV decoder, tracked as CVE-2026-8461, allows attackers to exploit heap out-of-bounds writes to crash systems or execute remote code. Discovered by JFrog, the flaw affects a…
Two critical vulnerabilities were discovered in FFmpeg, affecting Ubuntu 24.04 LTS. The first vulnerability, CVE-2025-12343, allows denial of service due to improper memory handling in the TensorFlow DNN backend. The…
An AI agent from the startup Depthfirst identified 21 zero-day vulnerabilities in FFmpeg, a widely used media library, with some flaws dating back over 20 years. These vulnerabilities include critical heap and stack…
Anthropic has announced the launch of Project Glasswing, utilizing its unreleased AI model, Claude Mythos Preview, to identify and exploit thousands of critical software vulnerabilities across major operating systems…
In April 2026, Kaspersky discovered a new malware campaign named Argamal, targeting players of hentai games. This Remote Access Trojan (RAT) compromises systems by installing a malicious implant that later downloads a…
On May 12, 2026, AI cybersecurity firm Depthfirst announced the launch of the Open Defense Initiative, committing up to $5 million in credits to assist open source projects in identifying and fixing vulnerabilities. The…
SUSE released an important update for ffmpeg-4 on June 18, 2026, addressing several vulnerabilities. The update includes fixes for CVE-2023-6601, CVE-2024-35366, CVE-2025-1594, CVE-2025-9951, CVE-2025-10256, and…