Tag: exploit
-
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
Tags: access, advisory, api, attack, cloud, container, credentials, data, exploit, extortion, github, group, infrastructure, malicious, malware, open-source, pypi, supply-chain, tactics, tool, vulnerabilityAn expanding supply-chain campaign: The LiteLLM incident has been confirmed to be a part of the rapidly unfolding TeamPCP supply chain campaign that first compromised Trivy.Trivy, developed by Aqua Security, is a widely used open-source vulnerability scanner designed to identify security issues in container images, file systems, and infrastructure-as-code (IaC) configurations. The ongoing attack, attributed…
-
KI-Agenten zur sicheren Validierung von Sicherheitslücken und autonomer Behebung
Qualys hat ‘Agent Val” als Teil von ‘Enterprise TruRisk Management” (ETM) eingeführt. Agent-Val ermöglicht dem Risk-Operations-Center (ROC) eine sichere, agentengesteuerte Exploit-Validierung und autonome Risikobehebung. Agent-Val steht für einen grundlegenden Wandel im Schwachstellen- und Risikomanagement: weg von einer auf Annahmen basierenden Priorisierung, hin zu einer evidenzbasierten Umsetzung. Dies beschleunigt die Reaktion, reduziert unnötigen Aufwand und führt…
-
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled 80-90% of tactical operations on its own, performing reconnaissance, writing exploit code, and attempting lateral movement at machine speed.This incident is worrying, but there’s a scenario…
-
Hackers Exploiting Magento Flaw to Execute Remote Code and Seize Full Account Access
A critical vulnerability dubbed >>PolyShell<< is actively being exploited across Magento and Adobe Commerce platforms. Discovered by the Sansec Forensics Team and published on March 17, 2026, this flaw allows unauthenticated attackers to upload executable files via the platform's REST API. Because no official patch currently exists for production versions, thousands of online stores are…
-
DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses
Cybersecurity researchers say the GitHub leak threatens to “democratize” iPhone exploits that were once reserved for nation-states, potentially putting hundreds of millions of iOS 18 devices at risk. First seen on cyberscoop.com Jump to article: cyberscoop.com/darksword-iphone-spyware-leak-ios-18-exploit-threat/
-
BSidesSLC 2025 Restless Guests Azure Exploit Exposed
Author, Creator & Presenter: Simon Maxwell-Stewart – Security Researcher And Data Scientist At BeyondTrust Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidesslc-2025-restless-guests-azure-exploit-exposed/
-
New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack
A newer DarkSword exploit leak makes hacking outdated iPhones easier, exposing hundreds of millions of devices to risk. The post New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-darksword-leak-iphone-exploit-risk-after-initial-attack/
-
BSidesSLC 2025 Buffer Overflows Demystified — Chaitanya Rahalkar On Exploits Patching
Author, Creator & Presenter: Chaitanva Rahalkar, Software Security Engineer at Block Inc. Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidesslc-2025-buffer-overflows-demystified-chaitanya-rahalkar-on-exploits-patching/
-
Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)
Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/netscaler-adc-gateway-cve-2026-3055/
-
DarkSword Exploit Chain Leaked Online, Posing Risk to Millions of iPhones
Security researchers have confirmed that the sophisticated iOS exploit chain known as DarkSword is now accessible outside of its original threat actor groups. Recently, security researcher @matteyeux successfully achieved kernel read/write access on an iPad mini 6th generation running iOS 18.6.2 using the in-the-wild DarkSword exploit. This development demonstrates that the exploit kit is highly…
-
Auf der DMEA zeigt Claroty wie sich Cyberbedrohungen durch Priorisierung effektiv bekämpfen lassen
Der Spezialist für die Sicherheit von cyberphysischen Systemen (CPS), Claroty, präsentiert auch in diesem Jahr auf der DMEA seine Lösung zum Schutz medizinischer Geräte und Netzwerke vor Cyberbedrohungen. Aktuelle Untersuchungen zeigen, dass 89 Prozent der Einrichtungen über Systeme mit öffentlich zugänglichen Exploits verfügen (Known-Exploited-Vulnerabilities/KEV), welche aktiv von Ransomware-Banden genutzt werden, sowie unsicher mit dem Internet…
-
DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk
DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through… First seen on hackread.com Jump to article: hackread.com/darksword-iphone-exploit-leaked-online/
-
32% of top-exploited vulnerabilities are over a decade old
Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/enterprise-vulnerability-exploitation-cybersecurity-threats/
-
Dell Wyse Management Flaws Could Lead to Full System Compromise
Security researcher Aleksandr Zhurnakov from PT Security has discovered a critical exploit chain in Dell Wyse Management Suite. By combining seemingly minor logic flaws, an attacker can achieve unauthenticated remote code execution. This attack targets the On-Premises version of the software, impacting both Standard and Pro editions. Vulnerability Details The exploit relies on two newly…
-
CVE-2026-20963: SharePoint Deserialization Remote Code Execution Vulnerability
Microsoft SharePoint, a core platform for enterprise collaboration, is facing active exploitation through a newly confirmed vulnerability, tracked as CVE-2026-20963. Rooted in unsafe deserialization of user-controlled data, this vulnerability allows remote. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/cve-2026-20963-sharepoint-deserialization-remote-code-execution-vulnerability/
-
CVE-2026-20963: SharePoint Deserialization Remote Code Execution Vulnerability
Microsoft SharePoint, a core platform for enterprise collaboration, is facing active exploitation through a newly confirmed vulnerability, tracked as CVE-2026-20963. Rooted in unsafe deserialization of user-controlled data, this vulnerability allows remote. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/cve-2026-20963-sharepoint-deserialization-remote-code-execution-vulnerability/
-
Multiple Vulnerabilities in TP-Link Devices Enable Arbitrary Command Execution
TP-Link recently published a critical security advisory addressing four high-severity vulnerabilities in its Archer series routers. The flaws impact the Archer NX200, NX210, NX500, and NX600 models. If successfully exploited, these vulnerabilities enable threat actors to bypass authentication, execute unauthorised operating system commands, and manipulate sensitive device configuration files. Vulnerability Details The advisory highlights a…
-
Multiple Vulnerabilities in TP-Link Devices Enable Arbitrary Command Execution
TP-Link recently published a critical security advisory addressing four high-severity vulnerabilities in its Archer series routers. The flaws impact the Archer NX200, NX210, NX500, and NX600 models. If successfully exploited, these vulnerabilities enable threat actors to bypass authentication, execute unauthorised operating system commands, and manipulate sensitive device configuration files. Vulnerability Details The advisory highlights a…
-
Multiple Vulnerabilities in TP-Link Devices Enable Arbitrary Command Execution
TP-Link recently published a critical security advisory addressing four high-severity vulnerabilities in its Archer series routers. The flaws impact the Archer NX200, NX210, NX500, and NX600 models. If successfully exploited, these vulnerabilities enable threat actors to bypass authentication, execute unauthorised operating system commands, and manipulate sensitive device configuration files. Vulnerability Details The advisory highlights a…
-
Exploit-Kit veröffentlicht: Leak auf Github gefährdet Millionen von iPhones
Eine neue Version des Exploit-Kits Darksword ist auf Github aufgetaucht. Zahlreiche iPhones lassen sich dadurch mit nur einem Klick infiltrieren. First seen on golem.de Jump to article: www.golem.de/news/exploit-kit-veroeffentlicht-leak-auf-github-gefaehrdet-millionen-von-iphones-2603-206852.html
-
Why CISOs should embrace AI honeypots
Tags: access, ai, api, attack, breach, business, ciso, credentials, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, hacker, LLM, mitigation, open-source, RedTeam, risk, service, threat, tool, vulnerabilityWhy CISOs should consider honeypots: Another player in the AI honeypot space is Deutsche Telekom (DT). The firm is both a user and purveyor of AI-powered honeypots through its free, open-source platform ‘T-Pot.’ The most obvious advantage to their use, explains Marco Ochse, DT’s lead for threat analytics and mitigation, lies in how little these…
-
Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application.The vulnerabilities are listed below -CVE-2026-3055 (CVSS score: 9.3) – Insufficient input validation leading to memory overreadCVE-2026-4368 (CVSS score: 7.7) – Race condition leading to user…
-
Attackers are handing off access in 22 seconds, Mandiant finds
Exploits remain the leading entry point for attackers for the sixth consecutive year, according to Mandiant’s M-Trends 2026 report, which draws on more than 500,000 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/mandiant-m-trends-2026-report/
-
Hacker walks away with $24.5 million after breaching Resolv DeFi platform
In a message to the attacker on the blockchain, Resolv offered the person 10% of the $24.5 million in ETH if they returned the rest and ceased all further activity with the exploited funds. First seen on therecord.media Jump to article: therecord.media/hacker-breaches-resolv-defi-25-million
-
Ransomware’s New Era: Moving at AI Speed
Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/ransomware-new-era-moving-ai-speed
-
Someone has publicly leaked an exploit kit that can hack millions of iPhones
Leaked “DarkSword” exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones/
-
Lightning-fast exploits make it essential to patch fast, ask questions later
Here’s where you ought to spend your security billable hours budget this year First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/cisco_talos_cybersecurity_report_patch_fast/
-
Live from RSAC 2026: ColorTokens on Breach Readiness, Measurable Risk Reduction, and What’s Ahead
RSAC 2026 is here, and for ColorTokens, this year’s focus is “breach readiness for measurable risk reduction.” From March 23 to 26, at Booth #1933 in the South Expo Hall, Moscone Center, we are meeting with security leaders facing a hard reality. Attacks are moving faster. AI is reducing the effort needed to exploit modern……
-
Live from RSAC 2026: ColorTokens on Breach Readiness, Measurable Risk Reduction, and What’s Ahead
RSAC 2026 is here, and for ColorTokens, this year’s focus is “breach readiness for measurable risk reduction.” From March 23 to 26, at Booth #1933 in the South Expo Hall, Moscone Center, we are meeting with security leaders facing a hard reality. Attacks are moving faster. AI is reducing the effort needed to exploit modern……