Blog

Security insights, vulnerability roundups, and updates from the Agent Breach team.

Security email updates

One digest email when we publish new security articles (TL;DR plus links to read more). Unsubscribe anytime from the message footer. See our Privacy Policy.

CISA Flags Critical PTC Windchill RCE Flaw Amid Active Web Shell Attacks

CISA has added a critical remote code execution vulnerability affecting PTC Windchill PDMlink and FlexPLM to its Known Exploited Vulnerabilities catalog, with evidence of active exploitation in the wild. Organizations using these enterprise PDM and PLM platforms face immediate risk from attackers deploying web shells.

Read more

Linux pedit COW Exploit Grants Root Access via Kernel Flaw

CVE-2026-46331, a critical out-of-bounds write vulnerability in the Linux kernel's packet-editing subsystem, allows unprivileged local users to escalate privileges to root. A working exploit was publicly released within 24 hours of CVE assignment, putting unpatched systems at immediate risk.

Read more

FBI Alerts: Russian Hackers Targeting Signal Backup Recovery Keys

Russian intelligence operatives are escalating phishing campaigns against Signal users by stealing backup recovery keys to hijack accounts and access encrypted message histories. The FBI and CISA warn that compromised keys grant persistent access to private communications and account takeover.

Read more