Threat Intelligence Researchers Have Discovered 36 Malicious Npm Packages that Utilize Redis and PostgreSQL to Distribute Persistent Malware Implants. A recent discovery by cybersecurity researchers has brought attention to the exploitation of malicious npm packages that leveraged Redis and PostgreSQL databases to deploy persistent malware implants, representing a significant threat to developers and end-users alike.
Published: Sun Apr 5 01:05:34 2026 by llama3.2 3B Q4_K_M
Fortinet has issued a critical security patch for its FortiClient EMS software after a vulnerability was discovered that allows threat actors to exploit the system without authentication. The patch addresses a CVSS score of 9.1 vulnerability, which has been actively exploited since March 31, 2026.
Published: Sun Apr 5 01:21:21 2026 by llama3.2 3B Q4_K_M
Syria's struggles with cybersecurity have come to light after a series of high-profile breaches, including the hijacking of several official government accounts on X. Experts say the breach was caused by poor digital security practices and highlights a broader gap in awareness about basic cybersecurity fundamentals among Syrian government organizations and the general public.
Published: Sun Apr 5 04:44:18 2026 by llama3.2 3B Q4_K_M
Malicious emails have long been a staple of cyber threats, but some stand out for their complexity and sophistication. In recent days, a highly encoded malware has been discovered in an email that was delivered to an unsuspecting recipient. The code is heavily encrypted, using techniques such as compression, encryption, and steganography to evade detection. However, analysis revealed a series of PowerShell commands that aim to achieve several goals, including escalating privileges, downloading payloads, and creating scheduled tasks for persistence.
Published: Sun Apr 5 04:56:32 2026 by llama3.2 3B Q4_K_M
A new round of high-profile attacks has emerged, exposing vulnerabilities in GCP Vertex AI, ChatGPT, and various software platforms. The cybersecurity landscape continues to evolve, with malware, hacking, and nation-state actors posing significant threats. Organizations must implement proactive security strategies to stay ahead of emerging threats.
Published: Sun Apr 5 05:15:29 2026 by llama3.2 3B Q4_K_M
Cybercrime Follies: The Rise of Roasting Cybercriminals
A new trend in cybersecurity is taking aim at cybercriminals, using humor and satire to undermine their credibility. In this article, we'll explore the rise of roasting cybercriminals and why experts are taking a different approach to combating these threats.
Published: Sun Apr 5 08:29:18 2026 by llama3.2 3B Q4_K_M
Hackers are currently exploiting the React2Shell vulnerability in Next.js applications to launch a large-scale credential theft campaign. The attack has already resulted in the compromise of at least 766 hosts across various cloud providers and geographies, with stolen credentials including environment variables, SSH keys, and cloud credentials. System administrators are advised to apply security updates, rotate credentials, and deploy WAF/RASP protections for Next.js to mitigate the impact of this attack.
Published: Sun Apr 5 09:39:56 2026 by llama3.2 3B Q4_K_M
Recent cybersecurity incidents have highlighted the growing threat posed by nation-state actors, supply chain attacks, and phishing attacks. The emergence of new malware variants, such as CrystalX RAT, has also underscored the need for enhanced security measures to prevent exploitation. As organizations navigate the complex cybersecurity landscape, it is essential that they prioritize robust security practices and remain proactive in identifying and mitigating vulnerabilities.
Published: Sun Apr 5 10:11:45 2026 by llama3.2 3B Q4_K_M
A new critical vulnerability has been discovered in FortiClient EMS, allowing unauthenticated attackers to execute code or commands via specially crafted requests. Organizations that rely on this software must act quickly to apply the emergency patch and mitigate the risk of compromise.
Published: Sun Apr 5 14:28:13 2026 by llama3.2 3B Q4_K_M
A $285 million heist has been uncovered, revealing a sophisticated six-month social engineering operation by North Korean state-sponsored hackers that compromised Drift's security. The attack demonstrates the evolving tactics, techniques, and procedures employed by North Korea's cyber apparatus and highlights the need for heightened vigilance among cryptocurrency exchanges and other organizations vulnerable to such attacks.
Published: Sun Apr 5 14:46:23 2026 by llama3.2 3B Q4_K_M
Traffic violation scams have taken a new turn with fake court notices sent via text messages containing QR codes. These phishing attacks aim to steal personal and financial information by demanding payment for allegedly unpaid tolls or parking tickets. Follow these tips to stay safe and avoid falling victim to these sophisticated scams.
Published: Sun Apr 5 15:54:33 2026 by llama3.2 3B Q4_K_M
Anthropic's accidental release of its Claude Code source has raised critical questions about the security and liability associated with large language models. As researchers, developers, and users, we must come together to establish clear guidelines and standards for responsible AI development.
Published: Sun Apr 5 20:09:51 2026 by llama3.2 3B Q4_K_M
German authorities have finally unmasked the elusive hacker known as "UNKN," who was behind two notorious ransomware groups: GandCrab and REvil. 31-year-old Daniil Maksimovich Shchukin, a Russian national from Krasnodar, is now believed to be at large, with German Federal Criminal Police stating that he may reside in Russia. His operation is thought to have caused over $35 million euros in economic damage and extorted nearly $2 million euros across 24 cyberattacks.
Published: Sun Apr 5 22:24:53 2026 by llama3.2 3B Q4_K_M
Fortinet's FortiClient EMS platform has been compromised by a critical vulnerability (CVE-2026-35616) that allows attackers to bypass authentication and gain unauthorized access. The company has issued emergency patches for affected versions, and users are urged to install these hotfixes immediately to mitigate the risk.
Published: Mon Apr 6 01:36:44 2026 by llama3.2 3B Q4_K_M
German authorities have identified REvil leader Daniil Maksimovich Shchukin, 31, as "UNKN", behind over 130 ransomware attacks in Germany and worldwide, resulting in €35 million in damages. The move marks a significant breakthrough in the global fight against cybercrime.
Published: Mon Apr 6 02:48:11 2026 by llama3.2 3B Q4_K_M
Qilin and Warlock ransomware groups have been found to be using vulnerable drivers to silence security tools on compromised hosts, a technique known as Bring Your Own Vulnerable Driver (BYOVD). This new tactic allows them to disable 300+ EDR tools, making it difficult for organizations to detect and respond to attacks. Cybersecurity experts are warning that this is a critical vulnerability that organizations need to be aware of in order to protect themselves against these types of attacks.
Published: Mon Apr 6 06:53:21 2026 by llama3.2 3B Q4_K_M
The recent incident involving TeamPCP compromising LiteLLM has highlighted the critical vulnerability of developer endpoint security. The attack demonstrates the devastating consequences of neglecting this aspect of cybersecurity and emphasizes the need for organizations to take proactive steps to protect their endpoints from exploitation by adversaries.
Published: Mon Apr 6 08:10:48 2026 by llama3.2 3B Q4_K_M
The threat landscape has evolved significantly over the past few years, with new and sophisticated attacks emerging to exploit vulnerabilities. According to recent data, stolen credentials are a top-tier security priority for organizations worldwide. However, many enterprises still rely on simple breach monitoring solutions to mitigate the risk of infostealers.
Published: Mon Apr 6 09:22:19 2026 by llama3.2 3B Q4_K_M
Over 14,000 F5 BIG-IP APM instances remain exposed online due to an actively exploited remote code execution flaw. Experts urge users to prioritize swift implementation of mitigations and updates to prevent potential exploitation of CVE-2025-53521.
Published: Mon Apr 6 09:33:59 2026 by llama3.2 3B Q4_K_M
Linux kernel developers have decided to phase out support for 80486-generation chips, marking the end of an era in terms of hardware compatibility within the Linux community. The decision comes as part of Linux kernel 7.1's development cycle and reflects a shift towards prioritizing newer architectures and focusing on forward-thinking efficiency.
Published: Mon Apr 6 10:46:00 2026 by llama3.2 3B Q4_K_M
The Multi-OS Attack Problem: How SOCs are Failing to Contain the Growing Threat of Cross-Platform Cyber Attacks
Recent data has highlighted the growing concern of multi-OS cyberattacks. These attacks, which target multiple operating systems simultaneously, can be particularly challenging to detect and contain. In this article, we explore the impact of these threats on businesses worldwide and discuss the key steps that SOCs must take to stay ahead of the threat landscape.
With the rise of cross-platform attacks, security teams are facing a growing challenge in detecting and containing threats across multiple operating systems. This article provides an in-depth look at the Multi-OS Attack Problem and discusses the critical steps that SOCs can take to improve their ability to detect and contain these threats. By adopting solutions like ANY.RUN Sandbox, security teams can enhance their cross-platform analysis capabilities and move more quickly and effectively in response to emerging threats.
Published: Mon Apr 6 11:03:43 2026 by llama3.2 3B Q4_K_M
Cybersecurity has evolved significantly in recent times, with new threats and vulnerabilities emerging regularly. The Dev Machine Guard and Pius tools offer valuable insights into modern cybersecurity threats, helping developers and security teams to identify potential vulnerabilities and strengthen their defenses.
Published: Mon Apr 6 11:12:02 2026 by llama3.2 3B Q4_K_M
The German Federal Criminal Police (BKA) has identified two key figures behind the REvil ransomware group: Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk. The BKA believes that these individuals were instrumental in promoting the REvil ransomware operation on cybercrime forums and carrying out numerous attacks in Germany, resulting in over 130 incidents.
Published: Mon Apr 6 11:32:49 2026 by llama3.2 3B Q4_K_M
Microsoft has linked a financially motivated cybercrime gang known as Storm-1175 to zero-day attacks, further highlighting the increasing sophistication of ransomware campaigns. The group has been exploiting n-day and zero-day vulnerabilities in high-velocity attacks, targeting healthcare organizations, education, professional services, and finance sectors across Australia, the United Kingdom, and the United States.
To stay ahead of these emerging threats, Microsoft emphasizes the importance of staying vigilant against cyber threats and keeping software up-to-date with the latest security patches. By taking proactive steps to protect their networks and systems, organizations can reduce their risk of falling victim to high-velocity ransomware attacks.
Published: Mon Apr 6 12:59:37 2026 by llama3.2 3B Q4_K_M
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a critically vulnerable FortiClient Enterprise Management Server (EMS) flaw by Friday, as threat actors continue to exploit it in zero-day attacks.
Published: Mon Apr 6 13:08:17 2026 by llama3.2 3B Q4_K_M
Threat actors associated with the Democratic People's Republic of Korea (DPRK) have been identified as utilizing GitHub as a command-and-control infrastructure in a series of sophisticated multi-stage attacks targeting organizations in South Korea. The attack chain, which involves obfuscated Windows shortcut files and PowerShell scripts, demonstrates the group's continued efforts to evolve their tactics and techniques in order to evade detection.
The use of native Windows tools for deployment, evasion, and persistence underscores the sophistication of these attacks, while the deployment of malware families via legitimate software channels raises concerns about the potential for widespread compromise. As Kimsuky continues to shift its TTPs, it is essential that organizations prioritize incident response capabilities and stay informed about emerging threats in order to effectively mitigate their impact.
Published: Mon Apr 6 13:22:15 2026 by llama3.2 3B Q4_K_M
A previously unpatched Windows zero-day exploit known as "BlueHammer" has been leaked, allowing attackers to gain SYSTEM or elevated administrator permissions on affected systems. Microsoft's handling of the disclosure process for this vulnerability raises questions about the company's commitment to responsible disclosure and patching.
Published: Mon Apr 6 14:30:32 2026 by llama3.2 3B Q4_K_M
A critical bug in the FortiClient Enterprise Management Server (EMS) product has been exploited in the wild since at least March 31, allowing unauthenticated attackers to execute unauthorized code or commands via crafted requests. Organizations that rely on this software must take immediate action to patch the vulnerability and protect themselves from potential security risks.
Published: Mon Apr 6 14:42:35 2026 by llama3.2 3B Q4_K_M
US Border Patrol agents are selling challenge coins that feature acronyms and phrases associated with far-right groups, raising concerns about corruption and deception within the Department of Homeland Security. The sale of these coins has sparked a broader controversy surrounding the use of government resources to promote certain ideologies, highlighting the need for greater transparency and accountability within government agencies.
Published: Mon Apr 6 14:51:31 2026 by llama3.2 3B Q4_K_M
Recent attacks from an Iran-nexus threat actor have targeted over 300 organizations in Israel and more than 25 in the UAE, highlighting the evolving nature of cyber threats. Organizations affected by these attacks are advised to take immediate action to protect themselves from further attacks.
Published: Mon Apr 6 15:06:00 2026 by llama3.2 3B Q4_K_M
North Korea-linked hackers have launched a new cyber attack on organizations in South Korea, utilizing phishing LNK files with embedded scripts and GitHub as Command and Control (C2) servers. The campaign, which targets companies in South Korea, highlights the attackers' focus on stealth, evasion, and strategic thinking. Experts warn that users should remain vigilant against untrusted documents and monitor for unusual PowerShell or VBScript activity to stay protected from this evolving threat landscape.
Published: Mon Apr 6 15:17:35 2026 by llama3.2 3B Q4_K_M
Marvel's Daredevil: Born Again season 2 is ramping up the stakes with a chaotic trailer that leaves fans eagerly anticipating what's next for Matt Murdock. With Jessica Jones on the way and the Punisher special set to arrive, this teaser sets the stage for an unforgettable conclusion.
Published: Mon Apr 6 16:36:02 2026 by llama3.2 3B Q4_K_M
A new type of attack dubbed GPUBreach enables a system takeover by exploiting vulnerabilities in Graphics Processing Units (GPUs). The attack utilizes Rowhammer-induced bit-flips in GDDR6 memories, corrupting GPU page tables and granting arbitrary GPU memory read/write access to an unprivileged CUDA kernel. This threat has significant implications for AI development and training workloads, as well as consumer GPUs without ECC.
Published: Mon Apr 6 17:51:16 2026 by llama3.2 3B Q4_K_M
German authorities have identified two Russian nationals as the leaders behind GandCrab and REvil, two notorious ransomware operations that had been evading capture for years. Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk were named as the heads of these operations, marking a significant milestone in the ongoing efforts to dismantle them. The involvement of these individuals highlights the complexities and nuances of ransomware attacks and serves as a reminder that those responsible will ultimately be held accountable. With renewed cooperation and vigilance, victims and authorities alike can work together towards creating a safer digital environment for all users worldwide.
Published: Mon Apr 6 19:05:40 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in CUPS (Common Unix Printing System), allowing attackers to execute arbitrary code and gain root access. This discovery highlights the importance of ongoing cybersecurity monitoring and patch management, particularly as AI-powered bug-finding tools become more sophisticated.
Published: Mon Apr 6 19:21:07 2026 by llama3.2 3B Q4_K_M
A critical-severity security flaw has been discovered in an open-source AI platform called Flowise. According to recent findings from VulnCheck, a CVSS 10.0 RCE vulnerability is allowing threat actors to execute arbitrary JavaScript code on the server, leading to full system compromise and sensitive data exfiltration. This highlights the importance of staying informed about newly discovered vulnerabilities and taking swift action to patch these issues before they can be exploited by malicious actors.
Published: Tue Apr 7 01:49:53 2026 by llama3.2 3B Q4_K_M
A China-based threat actor known as Storm-1175 has been linked to the deployment of Medusa ransomware, leveraging zero-days to orchestrate rapid attacks on healthcare organizations, education institutions, professional services firms, and finance sectors across multiple regions. With its sophisticated tactics and ability to rotate exploits quickly, Storm-1175 poses a significant threat to global cybersecurity. Stay informed about emerging threats like this one with the latest news, expert insights, exclusive resources, and strategies from industry leaders – all for free.
Published: Tue Apr 7 03:16:14 2026 by llama3.2 3B Q4_K_M
A recently leaked Windows zero-day exploit known as "BlueHammer" has left systems open to attack, highlighting the importance of staying up-to-date with security patches and maintaining robust security measures. The vulnerability allows attackers to gain SYSTEM rights, potentially fully compromising machines. In this article, we'll delve into the details of the BlueHammer exploit and its implications for organizations.
Published: Tue Apr 7 04:25:41 2026 by llama3.2 3B Q4_K_M
North Korea has been linked to a six-month hacking operation that stole $285 million from Drift, a cryptocurrency protocol. The attack highlights the sophistication of North Korea's state-affiliated actors and raises concerns about the vulnerability of crypto projects.
Published: Tue Apr 7 05:36:51 2026 by llama3.2 3B Q4_K_M
A new attack vector known as GPUBreach has been discovered, enabling full CPU privilege escalation via GDDR6 bit-flips. This vulnerability targets NVIDIA GPUs and could potentially be exploited by malicious actors to gain unauthorized access to sensitive data. Organizations must take immediate action to protect themselves from potential exploitation.
Published: Tue Apr 7 05:48:36 2026 by llama3.2 3B Q4_K_M
A high-severity vulnerability in Fortinet's FortiClient EMS has been formally recognized by U.S. CISA within its Known Exploited Vulnerabilities catalog. The identified flaw, denoted as CVE-2026-35616 and categorized under CVSS score 9.1, poses considerable risk to affected systems, underscoring the imperative for swift action against the vulnerability.
Published: Tue Apr 7 05:57:49 2026 by llama3.2 3B Q4_K_M
Recent research has uncovered an unprecedented method for a group of attackers to breach the security of modern systems by exploiting vulnerabilities in Graphics Processing Units (GPUs). The discovery of the GPUBreach exploit highlights a new frontier in cybersecurity threats and demonstrates the ongoing challenge of protecting against increasingly sophisticated attacks. As the threat continues to evolve, it is crucial that users and organizations remain vigilant and proactive in their efforts to safeguard against potential exploitation.
Published: Tue Apr 7 07:11:07 2026 by llama3.2 3B Q4_K_M
As AI continues to evolve at an unprecedented rate, organizations are facing a growing threat landscape of identity gaps that can be exploited by both human threat actors and autonomous AI agents. To address this vulnerability, The Hacker News is hosting an exclusive webinar featuring expert insights on how to close the gap in 2026.
Published: Tue Apr 7 08:19:57 2026 by llama3.2 3B Q4_K_M
Repeated credential incidents can have a significant cumulative impact on an organization's identity security posture. From account lockouts and compromised credentials to the time and resources spent resolving these incidents, it's essential for organizations to prioritize strong password controls and breach detection tools like Specops Password Policy.
Published: Tue Apr 7 08:28:02 2026 by llama3.2 3B Q4_K_M
A new botnet campaign has emerged, targeting internet-exposed ComfyUI instances to mine cryptocurrency and conduct remote code execution. The attackers have used a purpose-built Python scanner to exploit these platforms, adding them to a cryptocurrency mining and proxy botnet. With over 1,000 publicly-accessible ComfyUI instances targeted, this threat is significant for defenders. In this article, we will delve into the details of the ComfyUI botnet and explore its tactics, techniques, and procedures.
Published: Tue Apr 7 09:51:54 2026 by llama3.2 3B Q4_K_M
Major Outage Cripples Russian Banking Apps and Metro Payments Nationwide: A Global Cybersecurity Alert
Published: Tue Apr 7 09:59:03 2026 by llama3.2 3B Q4_K_M
A new phase of ransomware attacks has emerged with the rise of Storm-1175, a group known for its lightning-fast exploits and relentless pursuit of financial gain. By targeting exposed systems and moving quickly, they are able to deploy their ransomware payload and achieve their financial goals. In this article, we'll delve into the details of Storm-1175's operations and explore what makes them so effective.
Published: Tue Apr 7 10:26:27 2026 by llama3.2 3B Q4_K_M
Authorities have disrupted a global campaign of DNS hijacking used by APT28 to steal Microsoft 365 logins in an operation dubbed FrostArmada. Researchers from Black Lotus Labs report that the attackers compromised mainly small office/home office (SOHO) routers and altered their DNS settings to point to virtual private servers under control, allowing them to intercept authentication traffic and steal sensitive credentials.
Published: Tue Apr 7 12:08:07 2026 by llama3.2 3B Q4_K_M
Russia's APT28 behind latest wave of router and DNS attacks: a threat to global cybersecurity
The UK's National Cyber Security Centre (NCSC) has warned about the latest wave of router and DNS attacks attributed to Russia's Advanced Persistent Threat group, APT28. This latest wave of attacks highlights the sophistication and reach of these threat actors and underscores the need for organizations and individuals to remain vigilant in protecting themselves against such threats.
Published: Tue Apr 7 12:20:51 2026 by llama3.2 3B Q4_K_M
Docker CVE-2026-34040 is a high-severity security vulnerability that allows attackers to bypass authorization plugins and gain host access. This vulnerability has been patched in Docker Engine version 29.3.1, but users are advised to take temporary workarounds to minimize their exposure to potential attacks.
Published: Tue Apr 7 12:39:15 2026 by llama3.2 3B Q4_K_M
Severe StrongBox Vulnerability Patched in Android
GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data
Webinar Today: Why Automated Pentesting Alone Is Not Enough
GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack
Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems
German Police Unmask REvil Ransomware Leader
White House Seeks to Slash CISA Funding by $707 Million
Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack
Google DeepMind Researchers Map Web Attacks Against AI Agents
Guardarian Users Targeted With Malicious Strapi NPM Packages
CISA Issues Updated RESURGE Malware Analysis Highlighting a Stealthy but Active Threat
Immediate Action Required: CISA Issues Emergency Directive to Secure Cisco SD-WAN Systems
CISA Announces New Town Halls to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure
CISA’s 2025 Year in Review: Driving Security and Resilience Across Critical Infrastructure
CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats
CISA Urges Critical Infrastructure Organizations to Take Action Against Insider Threats
CISA Releases Product Categories List to Propel Post-Quantum Cryptography Adoption Pursuant to President Trump’s Executive Order 14306
CISA, UK NCSC, FBI Unveil Principles to Combat Cyber Risks in OT
CISA Retires Ten Emergency Directives, Marking an Era in Federal Cybersecurity
The End is Just the Beginning of Better Security: Enhanced Vulnerability Management with OpenEoX
Super Bowl LX: Strengthening Preparation, Building Resilience, Fostering Partnerships
NCSWIC releases the “‘What is a PACE Plan” video
CISA Urges Critical Infrastructure to Be Air Aware
Helping OT Organizations to Establish Defensible Architecture and More Resilient Operations
The Mandate, Mission, and Momentum to lead the CVE Program into the Future belongs to CISA
The Joint SAFECOM-NCSWIC Project 25 (P25) User Needs Working Group (UNWG) releases the UNWG Video Series
Tackling the National Gap in Software Understanding
Securing Core Cloud Identity Infrastructure: Addressing Advanced Threats through Public-Private Collaboration
SAFECOM Releases the Emergency Communications System Lifecycle Planning Guide Suite Refresh
CISA Adds One Known Exploited Vulnerability to Catalog
Siemens SICAM 8 Products
Yokogawa CENTUM VP
CISA Adds One Known Exploited Vulnerability to Catalog
Hitachi Energy Ellipse
CISA Adds One Known Exploited Vulnerability to Catalog
Anritsu Remote Spectrum Monitor
PX4 Autopilot
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
OpenCode Systems OC Messaging and USSD Gateway
WAGO GmbH & Co. KG Industrial Managed Switches
PTC Windchill Product Lifecycle Management
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
Grassroots DICOM (GDCM)
Pharos Controls Mosaic Show Controller
Schneider Electric EcoStruxure Foxboro DCS
Schneider Electric Plant iT/Brewmaxx
CISA Adds Five Known Exploited Vulnerabilities to Catalog
Russian Intelligence Services Target Commercial Messaging Application Accounts
Schneider Electric EcoStruxure Automation Expert
Mitsubishi Electric CNC Series
IGL-Technologies eParking.fi
CTEK Chargeportal
Schneider Electric Modicon M241, M251, and M262
Schneider Electric EcoStruxure PME and EPO
CISA Adds One Known Exploited Vulnerability to Catalog
Automated Logic WebCTRL Premium Server
Schneider Electric Modicon Controllers M241, M251, M258, and LMC058
[local] is-localhost-ip 2.0.0 - SSRF
[webapps] Fortinet FortiWeb v8.0.1 - Auth Bypass
[local] Windows Kernel - Elevation of Privilege
[local] Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation
[webapps] ASP.net 8.0.10 - Bypass
[webapps] Grafana 11.6.0 - SSRF
[webapps] Zhiyuan OA - arbitrary file upload leading
[webapps] WBCE CMS 1.6.4 - Remote Code Execution
[webapps] RiteCMS 3.1.0 - Authenticated Remote Code Execution
[webapps] WordPress Madara - Local File Inclusion
[webapps] WordPress Backup Migration 1.3.7 - Remote Command Execution
[webapps] mailcow 2025-01a - Host Header Password Reset Poisoning
[webapps] Easy File Sharing Web Server v7.2 - Buffer Overflow
[webapps] WeGIA 3.5.0 - SQL Injection
[webapps] Boss Mini v1.4.0 - Local File Inclusion (LFI)
[webapps] motionEye 0.43.1b4 - RCE
[remote] Windows 10.0.17763.7009 - spoofing vulnerability
[local] glibc 2.38 - Buffer Overflow
[remote] windows 10/11 - NTLM Hash Disclosure Spoofing
[remote] Redis 8.0.2 - RCE
[webapps] OctoPrint 1.11.2 - File Upload
[remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
[webapps] aiohttp 3.9.1 - directory traversal PoC
[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
[local] Docker Desktop 4.44.3 - Unauthenticated API Exposure
[webapps] Piranha CMS 12.0 - Stored XSS in Text Block
[webapps] RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)
[hardware] D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)
[webapps] RPi-Jukebox-RFID 2.8.0 - Remote Command Execution
[webapps] Siklu EtherHaul Series EH-8010 - Arbitrary File Upload
[webapps] Siklu EtherHaul Series EH-8010 - Remote Command Execution
[webapps] WordPress Quiz Maker 6.7.0.56 - SQL Injection
[webapps] Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
[webapps] FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
[webapps] Summar Employee Portal 3.98.0 - Authenticated SQL Injection
[webapps] esm-dev 136 - Path Traversal
[webapps] Pluck 4.7.7-dev2 - PHP Code Execution
[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)
[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)
[webapps] MaNGOSWebV4 4.0.6 - Reflected XSS
[webapps] Django 5.1.13 - SQL Injection
[webapps] phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)
[webapps] MobileDetect 2.8.31 - Cross-Site Scripting (XSS)
[webapps] phpIPAM 1.4 - SQL-Injection
[webapps] OpenRepeater 2.1 - OS Command Injection
[webapps] phpMyAdmin 5.0.0 - SQL Injection
[webapps] RosarioSIS 6.7.2 - Cross Site Scripting (XSS)
[webapps] RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)
[webapps] PluckCMS 4.7.10 - Unrestricted File Upload
[webapps] openSIS Community Edition 8.0 - SQL Injection
SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI
SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library
Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility
[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability
APPLE-SA-03-24-2026-10 Xcode 26.4
APPLE-SA-03-24-2026-9 Safari 26.4
APPLE-SA-03-24-2026-8 visionOS 26.4
APPLE-SA-03-24-2026-7 watchOS 26.4
APPLE-SA-03-24-2026-6 tvOS 26.4
APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5
APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5
APPLE-SA-03-24-2026-3 macOS Tahoe 26.4
APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7
APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4
Re: Heads-up: Upcoming Samba security releases (2026-04-09)
libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue
Re: Announce: OpenSSH 10.3 released
Re: Announce: OpenSSH 10.3 released
Re: Announce: OpenSSH 10.3 released
CVE-2026-33227: Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ Web: Improper Limitation of a Pathname to a Restricted Directory
CVE-2026-34197: Apache ActiveMQ Broker, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans
Re: Announce: OpenSSH 10.3 released
Heads-up: Upcoming Samba security releases (2026-04-09)
Re: Announce: OpenSSH 10.3 released
Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272
Re: Re: Multiple vulnerabilities in AppArmor
Re: Announce: OpenSSH 10.3 released
Re: Announce: OpenSSH 10.3 released
Re: [libc musl] - Algorithmic complexity DoS in iconv GB18030 decoder