New RoadK1ll WebSocket implant used to pivot on breached networks

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network.
The Hacker News

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.
SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...
InfoQ

Will WebSocket survive HTTP/2?

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Andrew Harmel-Law and a panel of expert ...
InfoWorld

Firefox adds a WebSocket inspector

Firefox 71 will include a built-in WebSocket Inspector, a tool to inspect WebSocket connections. The tool is already available in Firefox Developer Edition 70, an experimental version of the browser.