Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

Critical Zimbra Flaw Raises Concerns Over Email Security as Crafted Emails Run Malicious Code


A recent discovery has highlighted a critical flaw in Zimbra's Classic Web Client, which poses a significant threat to email security. Users are advised to apply updates immediately to protect against this vulnerability and prevent potential data breaches.

Published: Sat Jul 11 02:39:38 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

AI-Driven Security Vulnerabilities: A 15-Year-Old Linux Bug Exposes Critical Infrastructure

A 15-year-old Linux bug has been discovered by researchers, exposing millions of users to catastrophic cyber attacks. Learn more about this critical vulnerability and the ongoing struggle to keep pace with software and hardware weaknesses.

Published: Sat Jul 11 05:52:12 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

Npm Supply Chain Security Breach: Malicious jscrambler Infostealer Steals Dev Secrets

Thousands of developer machines have been exposed to potential data theft after a malicious infostealer was silently dropped during the installation of version 8.14.0 of the jscrambler package, which is now available on npm.

Published: Sat Jul 11 14:10:29 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hackers Exploit Vulnerabilities in Pakistani Law Enforcement Portal, Leaving Citizens and Police Personnel Exposed to Malware


Hackers Exploit Vulnerabilities in Pakistani Law Enforcement Portal, Leaving Citizens and Police Personnel Exposed to Malware

Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations undertaken by suspected China- and India-aligned threat actors between February 2024 and April 2026. The compromised assets included servers hosting web applications that manage police and citizen data, such as criminal and biometric records. The attack has drawn both a "partner and an adversary of Pakistan" to the same victim for intelligence gathering, likely fueled by geopolitical motives.

Published: Sat Jul 11 14:19:19 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

Critical U-Boot Vulnerabilities: A Threat to Embedded Systems Everywhere


Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices: A new vulnerability discovered in the open-source bootloader could have far-reaching consequences for devices worldwide. Learn more about the impact of this discovery and how organizations can protect themselves.

Published: Sat Jul 11 14:25:54 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

U.S. CISA Adds iCagenda and Balbooa Forms Vulnerabilities to Known Exploited Vulnerabilities Catalog


U.S. CISA has added two new vulnerabilities, iCagenda and Balbooa Forms, to its Known Exploited Vulnerabilities catalog due to their high-severity potential and lack of timely patching by the software developers. Users are advised to review the Vulnerability Catalog and address these vulnerabilities in their infrastructure as soon as possible.

Published: Sat Jul 11 15:32:06 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Security Landscape: Threats Emerge from Unpatched Devices, Exploited Flaws


A new wave of threats has emerged from the lack of patches on millions of devices and exploited flaws in widely used software. From U-Boot vulnerabilities to Adobe ColdFusion exploits, the threat landscape is becoming increasingly complex. Stay informed with the latest security news by subscribing to Security Affairs newsletter, or visit our website for more articles and updates.


Published: Sun Jul 12 00:58:03 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Exploitation Continues: A Comprehensive Analysis of the Latest Malware Threats and Vulnerabilities

The evolving landscape of malware threats requires constant attention and adaptation from cybersecurity experts. Stay informed with our comprehensive analysis and keep your devices secure by adhering to regular updates and best practices in cybersecurity.

Published: Sun Jul 12 09:17:50 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

Progress Urges ShareFile Customers to Shut Down Servers Amid Credible Security Threat Investigation

Progress Software has issued an urgent warning to its ShareFile customers, urging them to shut down their internet-facing servers due to a credible external security threat under investigation. The company's email instructs customers to manually shut down the physical Windows servers hosting their Storage Zone Controllers as part of an "abundance of caution" measure. While details about the threat remain scarce, this warning highlights the ongoing threat landscape for organizations that use advanced storage solutions.

Published: Sun Jul 12 10:24:04 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations


A U.S. alleged Ryuk ransomware member has pleaded guilty to helping deploy attacks on American companies and faces up to 15 years in prison. The guilty plea comes as part of ongoing efforts by U.S. authorities to combat cyber crime and data breaches.

Published: Sun Jul 12 16:44:08 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

Global Exploitation Campaign Targets Vulnerabilities in Joomla and WordPress Extensions

THN has obtained exclusive information on a global exploitation campaign targeting vulnerabilities in popular content management systems (CMS) and plugins, including Joomla and WordPress extensions. Two maximum-severity security flaws have been added to the KEV catalog by CISA following reports of zero-day exploitation in the wild.

Published: Mon Jul 13 02:04:52 2026 by llama3.2 3B Q4_K_M



Ethical Hacking News

Misconfigured Server Leaves Trail of Deception: A Study in Phishing Operations Targeting Microsoft 365

Three phishing operations targeting Microsoft 365 have been uncovered, using techniques such as device code flow bypass and proxying live login sessions to evade MFA protections. The attackers used publicly available frameworks and AI-assisted development tools to automate their attacks, making it easier for them to compromise accounts. Organizations must remain vigilant and implement robust security measures to protect their Microsoft 365 accounts from these types of threats.

Published: Mon Jul 13 04:13:55 2026 by llama3.2 3B Q4_K_M



SecurityWeek

Ghost Accounts Abuse GitHub API in Mass Recon Campaign

In Other News: DHS Database Hacked, Adobe Boosts Patch Cadence, Canada Disrupts Ransomware Ops

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang

China, India-Linked Hackers Both Targeted Same Pakistani Police Force

Okta Warns of Vishing Attacks Targeting Microsoft 365 Customers

GigaWiper Combines Multiple Malware for System-Level Sabotage

‘HalluSquatting’ Turns AI Hallucinations Into Botnet Delivery Mechanism

Network of 200 GitHub Repositories Used for Malware Infection

QIZ Security Raises $17 Million for Cryptographic Governance Platform

UK Government Rolls Out Agentic AI Defense Plan Alongside Industry Pledge

CISA News

CISA Announces New Advisory Council to Strengthen Partnerships and Secure Critical Infrastructure

New CISA Guide Assists Federal Agencies with Transitioning to Modernized Zero Trust Architectures

CISA Issues New Directive Improving How Federal Agencies Prioritize the Mitigation of Cyber Vulnerabilities

CISA Announces Winners of the 2026 President’s Cup Cybersecurity Competition

CISA Urges Stronger Security for Automatic Tank Gauge Systems

CISA Announces Revised Town Hall Schedule to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure

CISA Enhances Known Exploited Vulnerabilities Catalog to Include New Nomination Form

CISA Unveils New Initiative to Fortify America’s Critical Infrastructure

CISA, US and International Partners Release Guide to Secure Adoption of Agentic AI

CISA and U.S. Government Partners Unveil Guide to Accelerate Zero Trust Adoption in Operational Technology

CISA Blog

Lessons from CISA’s Cyber Incident

Five Eyes Cyber Security Agencies Statement

CISA Offers Vital Resources as Venues Prepare for Key 2026 Events

Patch Smarter, Not Harder

NCSWIC releases additional content in its NCSWIC Video Series

CISA Highlights Vital Resources to Help Event Attendees Stay Safe

Preparing for the World Stage

Securing the American Experience

The End is Just the Beginning of Better Security: Enhanced Vulnerability Management with OpenEoX

Super Bowl LX: Strengthening Preparation, Building Resilience, Fostering Partnerships

All CISA Advisories

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Schneider Electric PowerChute Serial Shutdown

OpenPLC v3

Schneider Electric Easergy MiCOM Px40 Series

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Hitachi Energy PROMOD V

Siemens SINEC OS

CISA Adds One Known Exploited Vulnerability to Catalog

Hydro-Qu bec Le Circuit Electrique charging station backend

Siemens Mendix Studio Pro

Labcenter Proteus 9

Hitachi Energy e-mesh EMS

Digi International PortServer TS, Digi One SP IA

CubeSpace CW0057 Reaction Wheel

ST Engineering iDirect iQ-Series Terminals

Gardyn IoT Hub

CISA Adds One Known Exploited Vulnerability to Catalog

Schneider Electric EasyLogic T150 and Saitel DP RTU

StoneFly Storage Concentrator

XZ Utils vulnerability impacting B&R Products

Delta Electronics DVP12SE PLC

Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M

OFFIS DCMTK Toolkit

Frangoteam FUXA SCADA/HMI

Schneider Electric EcoStruxure IT Data Center Expert

CISA Adds One Known Exploited Vulnerability to Catalog

Russian Intelligence Services Continue to Target Commercial Messaging Applications

OHIF Viewers DICOM

Schneider Electric PowerLogic P7

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Exploit-DB.com RSS Feed

[webapps] Krayin CRM v2.2.x - Authenticated Remote Code Execution

[webapps] Atarim WordPress Plugin 4.2.2 - Sensitive Information Exposure

[webapps] Langflow 1.9.0 - RCE

[webapps] Joomla Page Builder CK 3.5.10 - Arbitrary File Upload

[webapps] MCPJam Inspector - Remote Code Execution

[local] ProtonVPN v4.4.1 - Unquoted Service Path

[webapps] Flowise 3.1.3 - arbitrary code execution

[remote] Hydra - Stack Buffer Overflow

[webapps] Discuz! X5.0 - Authentication Bypass

[webapps] Tenable Nessus 10.12.1 - SQL Injection

[webapps] WordPress Bricks Builder Theme - RCE

[remote] iOS Bluetooth PAN Exploit - Ethernet Gateway without Adapter

[webapps] Joomla Extension 4.1.4 - PHP Object injection

[webapps] Pulpy 0.1.1-Beta - Filesystem Sandbox Bypass

[local] MEmu Android Emulator 9.2.7.0 - Local Privilege Escalation

[webapps] KeepInMind 0.8.4.2 - Stored XSS

[webapps] KNX visualisering - Broken Access Control

[local] Windows Defender (MsMpEng.exe) - Race Condition

[webapps] WordPress Plugin WPZOOM Portfolio 1.4.21 - Reflected Cross-Site Scripting (XSS)

[webapps] OpenEMR 7.0.2 - Arbitrary File Read

[webapps] WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection

[webapps] Drupal Core 10.5.5 - Error-Based SQL Injection

[webapps] WordPress OrderConvo 14 - Path Traversal

[remote] Notepad++ 8.9.6 - Arbitrary Code Execution

[webapps] YAMCS yamcs-core 5.12.7 - No Rate Limiting

[webapps] YAMCS yamcs-core 5.12.7 - User Enumeration

[webapps] YAMCS yamcs-core 5.12.7 - LDAP Injection

[remote] Microsoft - NTLMv2 Hash Capture

[webapps] MikroORM 7.0.13 - SQL Injection

[webapps] Prodigy Commerce 3.3.0 - Local File Inclusion

[webapps] Langflow 1.3.0 - Remote Code Execution

[webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution

[local] ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion

[local] ZTE Routers - Unauthenticated Denial of Service

[local] ZTE ZXHN H188A V6 - Authentication Bypass

[local] ZTE H298A / H108N - Unauthenticated Credential Exposure

[local] Linux Kernel - Local Privilege Escalation

[webapps] MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution

[remote] Wing FTP Server 8.1.3 - Authenticated Remote Code Execution

[webapps] CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)

[remote] strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow

[dos] strongSwan 5.9.13 - DoS

[local] Linux Kernel - Local Privilege Escalation

[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal

[webapps] EspoCRM 9.3.3 - SSRF

[webapps] scramble - Remote Code Execution

[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection

[local] Realtek rtl819x - Local Privilege

[webapps] OpenCATS 0.9.7.4 - SQL Injection

[webapps] Grav CMS 2.0.0-beta.2 - Remote Code Execution

Full Disclosure

[REVIVE-SA-2026-003] Revive Adserver Vulnerabilities

OPNsense XPATH Injection (CVE-2026-53582)

SCHUTZWERK-SA-2025-001: Authentication Bypass for SafeLine SL6 and SL6+

Whistleblowersoftware.com: confidentiality and anonymity leakage to third parties

OpenBlow Multiple Deanonymization Vulnerabilities

Whistlelink: Site-access password exposed in web server access logs via GET query string

APPLE-SA-06-29-2026-3 Safari 26.5.2

APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2

APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2

pwnlift: symlink following and TOCTOU in privileged upload handler allow arbitrary file write as root

[KIS-2026-12] Control Web Panel <= 0.9.8.1224 (userRes) SQL Injection Vulnerability

[fulldis] CVE-2026-58451 - Horde Groupware IMP path traversal vuln

Samsung Galaxy Buds Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption (Vendor Response: Working as Intended)

Asterisk Security Release 23.4.1

Asterisk Security Release 22.10.1

Open Source Security

CVE-2026-49876: Apache Gravitino: Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs

CVE-2026-41041: Apache Gravitino: URL path injection via unencoded user-supplied identifiers in MCP REST client f-string URL construction, enabling path traversal to unintended API endpoints.

Re: Skillable SCORM launch: userId parameter not validated against session token allows allocation bypass and cross-user DoS

Skillable SCORM launch: userId parameter not validated against session token allows allocation bypass and cross-user DoS

CVE-2026-49844: Apache Log4j API: Improper serialization of non-finite floating-point values in MapMessage.asJson()

CVE-2026-40454: Apache IoTDB C++ client: Out-of-bounds reads in C++ client TsBlock deserializer crash client process on malformed server data

CVE-2026-40452: Apache IoTDB: Authorization bypass in /rest/v2/fastLastQuery exposes last-value data to unauthorized authenticated users

CVE-2026-40009: Apache IoTDB: Authenticated users can escalate to full tree-path access by renaming themselves to __internal_auditor

CVE-2026-40008: Apache IoTDB: Arbitrary Class Instantiation via Pipe Transfer RPC

CVE-2026-40007: Apache IoTDB: Unauthenticated unbounded recursion in IoTDB AirGap receiver's E-language prefix parser causes per-connection StackOverflowError

CVE-2026-40006: Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver

CVE-2026-40005: Apache IoTDB: Path Traversal in Pipe File Transfer Receiver

CVE-2026-28564: Apache IoTDB: REST Basic Authentication Accepts Stale Cached Credentials

[oss-security][CVE-2026-15308] Incremental HTMLParser allows CPU-exhaustion DoS via repeated unterminated markup declarations

HTSlib <= 1.23.1 Multiple vulnerabilities in file reading code








© Ethical Hacking News . All rights reserved.

Privacy | Terms of Use | Contact Us