Tag: access
-
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks.Codenamed Fragnesia, the security vulnerability is tracked as CVE-2026-46300 (CVSS score: 7.8)…
-
Gentlemen RaaS Exploits Fortinet and Cisco Edge Devices for Initial Access
The Gentlemen ransomware-as-a-service (RaaS) operation is turning exposed Fortinet and Cisco edge devices into a fast lane into enterprise networks and doing it at scale. What began as a rising RaaS brand in mid”‘2025 has, by early 2026, evolved into one of the most active programs on the underground, with hundreds of victims and a…
-
Hackers accessed BWH Hotels reservation system for months
BWH Hotels says hackers accessed guest reservation data, including names and contacts, for over six months across multiple hotel brands. BWH Hotels disclosed a data breach, with threat actors having had access to guest reservation data for more than six months. The incident exposed names and contact details of an undisclosed number of guests. BWH…
-
OpenAI Unlocks Cybersecurity Model for Europe
German Financial Regulator Warns Sector to Step Up Defenses. OpenAI is stepping up to do what arch-rival Anthropic still won’t. The AI firm will give European authorities and companies access to its new vulnerability-finding AI model, so they can beef up their cybersecurity. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/openai-unlocks-cybersecurity-model-for-europe-a-31664
-
OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos
Tags: access, ai, cisco, crowdstrike, cyber, cybersecurity, defense, detection, fortinet, framework, government, malware, network, openai, oracle, penetration-testing, RedTeam, risk, software, strategy, technology, update, vulnerabilityOpenAI’s cybersecurity model stack: OpenAI is pursuing a scalable cyber defense platform strategy with Daybreak and is rolling out the initiative through three different model tiers: GPT-5.5 (default), GPT-5.5 with Trusted Access for Cyber, and GPT-5.5-Cyber.The standard GPT-5.5 model is positioned for general-purpose enterprise use cases, including developer assistance and knowledge work. GPT-5.5 with Trusted…
-
Huntress and Acrisure Team Up to Offer Zero-Deductible Cyber Insurance for SMBs
Cybersecurity firm Huntress has joined forces with global fintech and insurance giant Acrisure to launch a new cyber insurance programme targeting small and mid-sized businesses, with no deductible for eligible applicants. The programme, announced today, gives qualifying Huntress customers and partners access to either Cyber or Tech Errors and Omissions (Tech E&O) insurance policies placed…
-
Huntress and Acrisure Team Up to Offer Zero-Deductible Cyber Insurance for SMBs
Cybersecurity firm Huntress has joined forces with global fintech and insurance giant Acrisure to launch a new cyber insurance programme targeting small and mid-sized businesses, with no deductible for eligible applicants. The programme, announced today, gives qualifying Huntress customers and partners access to either Cyber or Tech Errors and Omissions (Tech E&O) insurance policies placed…
-
Zoom Rooms and Workplace Flaws Expose Users to Elevated Access Attacks
A newly disclosed batch of vulnerabilities in Zoom’s software suite could give attackers the leverage they need to hijack systems. Zoom has released critical security updates to patch three distinct flaws affecting its Windows and iOS applications. The most dangerous of these vulnerabilities allows authenticated attackers to elevate their system privileges, effectively turning a standard…
-
Warum eingebaute KI-Leitplanken für Agentic-AI nicht ausreichen
KI-Agenten entwickeln sich rasant zu zentralen Werkzeugen der Automatisierung. Um ihre Aufgaben erfüllen zu können, benötigen sie umfangreiche Zugriffsrechte auf Tools, Datenbanken, SaaS-Anwendungen und das Internet. Ein aktueller Bericht unserer Okta Threat Intelligence warnt nun davor, diesen Systemen unreguliert die Schlüssel zum Stadttor wie Anmeldedaten, API-Schlüssel, persönliche Access-Tokens und OAuth-Tokens zu überreichen. Jüngste […] First…
-
Versa erneut Leader im Bereich SSE im GigaOm-Radar
Der Spezialist für Secure-Access-Service-Edge (SASE), Versa, wurde zum dritten Mal in Folge im <> als Leader ausgezeichnet. In dem Bericht werden die SSE-Lösungen von 22 globalen Sicherheitsanbietern analysiert. Auf der Grundlage dieser Bewertungen in den Bereichen Schlüsselfunktionen, Innovationskraft und Geschäftsmodelle werden sie entsprechend als Leader, Challenger und New […] First seen on netzpalaver.de Jump to…
-
Developer workstations are the new beachhead
Tags: access, application-security, attack, authentication, cloud, container, control, credentials, edr, endpoint, exploit, github, group, Hardware, identity, incident response, infrastructure, malware, mfa, monitoring, network, software, supply-chain, threat, updateThe economics that drive the convergence: A typical developer workstation holds SSH keys, cloud provider credentials, container registry tokens, Git authentication tokens and CI/CD pipeline secrets. Many developers have administrative access to internal package registries and deployment infrastructure. Their machines often sit outside the hardened perimeter that security teams build around production systems.From an attacker’s…
-
Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched
Tags: access, attack, business, control, cve, cybersecurity, exploit, flaw, group, incident response, infosec, linux, LLM, mitigation, risk, service, strategy, switch, technology, tool, update, vulnerability, zero-day), a logic bug which lets users easily obtain root access, and Dirty Frag, which abuses weaknesses in how the Linux kernel handles fragmented memory pages. The Dirty Frag attack combines two separate vulnerabilities affecting the Linux IPsec Encapsulating Security Payload (ESP) subsystem (CVE-2026-43284) and the RxRPC networking protocol (CVE-2026-43500). The proposal has set off a furious…
-
New GhostLock tool abuses Windows API to block file access
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-ghostlock-tool-abuses-windows-api-to-block-file-access/
-
Identity security firm SailPoint discloses GitHub repository breach
SailPoint disclosed a GitHub repository breach on April 20. The company contained the incident and said no customer data was affected. SailPoint is a cybersecurity company that provides identity security and identity governance solutions for enterprises. Its products help organizations manage and control user access to systems, applications, and sensitive data. SailPoint revealed a cybersecurity…
-
Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits
Tags: access, ai, attack, cloud, cyber, cyberattack, defense, exploit, google, hacker, intelligence, supply-chain, threat, vulnerability, zero-dayGoogle says hackers now use AI to create exploits, automate attacks, evade defenses, and target AI supply chains at scale. Artificial intelligence is rapidly changing the cyber threat landscape, and a new report from the Google Cloud Threat Intelligence team highlights how attackers already use AI to improve vulnerability exploitation and gain initial access to…
-
AI security is repeating endpoint security’s biggest mistake
Tags: access, ai, api, automation, business, control, data, detection, edr, endpoint, governance, incident response, injection, LLM, monitoring, open-source, radius, risk, saas, sbom, soc, strategy, technology, threat, tool, updateMost AI security is still at the posture phase: Look at where most organizations are with AI security today. Model cards, AI-specific SBOMs, input and output filters, prompt injection guardrails and access controls around model APIs. These are valuable controls, but they reflect a posture-based approach. To truly enhance security, organizations must recognize the importance…
-
The missing cybersecurity leader in small business
As AI and quantum threats target the backbone of the American economy, Washington must provide the guidance and incentives necessary for SMBs to access executive-level cyber expertise. First seen on cyberscoop.com Jump to article: cyberscoop.com/the-missing-cyber-leader-virtual-fractional-ciso-smb-op-ed/
-
LinkedIn verwehrt Recht auf Selbstauskunft, noyb legt Beschwerde ein
Das Business-Netzwerk LinkedIn beschränkt den Zugriff auf die Daten des eigenen Profils auf zahlende Kunden, was offenbar nicht legal ist. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/linkedin-verwehrt-recht-auf-selbstauskunft-noyb-legt-beschwerde-ein-329056.html
-
9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems
The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks. First seen on hackread.com Jump to article: hackread.com/9-year-old-dirty-frag-vulnerability-root-access-linux/
-
Instagram removed endend encryption for DMs. What should users do?
Instagram removes direct messages (DM) end-to-end encryption May 8, 2026, letting Meta access chats. Users should download backups amid privacy concerns and U.S. law pressure. Starting May 8, 2026, Instagram users who previously enabled end-to-end encryption in direct messages will lose that protection, marking a significant shift in how private conversations are handled on the…
-
New cPanel vulnerabilities could allow file access and remote code execution
cPanel fixed three flaws that could allow file reads, code execution, and privilege escalation. No active exploitation has been reported yet. cPanel has released security updates to fix three vulnerabilities affecting cPanel & WHM that could allow attackers to read files, execute code, or escalate privileges on vulnerable systems. Below are the descriptions for these…
-
fsnotify Maintainer Access Change Sparks Supply Chain Security Concerns
A dispute over maintainer access in the widely used Go library fsnotify has triggered temporary supply chain concerns after contributors were removed from the project’s GitHub organization and recent releases came under scrutiny. While no evidence suggests that any version of fsnotify has been compromised, the incident highlights how governance ambiguity in critical open source projects can…
-
Python Infostealer Hides in GitHub Releases to Bypass Detection
A stealthy Python-based infostealer campaign that abuses GitHub Releases to host payloads and maintain long-term, low”‘visibility access to victim systems. The operation, dubbed “Operation HumanitarianBait” in some reporting, appears designed for cyberespionage against Russian”‘speaking targets using humanitarian”‘themed lures and a PE”‘less Python architecture. The campaign starts with phishing emails that deliver a RAR archive containing…
-
Microsoft 365 Copilot Flaws Could Let Attackers Access Sensitive Data
Microsoft has disclosed a trio of critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. Released on May 7, 2026, these security flaws pose a substantial risk to enterprise data privacy and corporate confidentiality. If successfully exploited, malicious actors could bypass established security boundaries to access sensitive information processed, summarized,…
-
PoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell Access
Tags: access, android, cve, cyber, exploit, flaw, github, google, remote-code-execution, vulnerabilityPublic references indicate that a GitHub proof-of-concept is now circulating for CVE-2026-0073, the critical Android flaw documented in Google’s May 2026 security bulletin, raising the urgency for defenders with wireless ADB enabled on test or production devices. Google and multiple security reports describe the issue as a no-interaction remote code execution vulnerability in Android’s adbd…
-
âš¡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Rough Monday.Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago, the same old holes, same lazy access paths, same “how the hell is this still open” feeling. One report this week basically reads like…
-
Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads
Part of a broader AI supply chain targeting: HiddenLayer, in its advisory, said that it identified six additional Hugging Face repositories uploaded under a separate account that used nearly identical loader logic and shared infrastructure with the campaign.The researchers also linked elements of the operation to earlier software supply-chain attacks involving npm typosquatting campaigns and…
-
New ‘Dirty Frag’ exploit targets Linux kernel for root access
Tags: access, attack, control, cve, exploit, linux, malicious, microsoft, mitigation, monitoring, switch, tool, vulnerabilityAttackers are already exploiting Dirty Frag: Microsoft warned that Dirty Frag is already being actively exploited in the wild, primarily as a post-compromise privilege escalation tool. The company said attackers are using the vulnerability after obtaining an initial foothold on vulnerable Linux systems, allowing them to elevate privileges from a low-level user account to full…