Tag: exploit
-
LATAM Infrastructure Hit by Fortinet and Ivanti Exploits
CloudSEK maps Operation Escaneo, a campaign hitting Latin American infrastructure via perimeter bugs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/operation-escaneo-cloudsek-latam/
-
Jetzt patchen: Nginx-Webserver durch kritische Lücken angreifbar
Tags: exploitAngreifer können aufgrund von Sicherheitslücken in drei Nginx-Modulen Webserver lahmlegen oder Schadcode einschleusen. Patches verhindern das. First seen on golem.de Jump to article: www.golem.de/news/jetzt-patchen-nginx-webserver-durch-kritische-luecken-angreifbar-2606-209926.html
-
Hostile states launched 200 attacks on UK infrastructure in five months, says NCSC chief
Hackers will use AI-enabled cyber capabilities to exploit known vulnerabilities in legacy technology at scale by 2028, says National Cyber Security Centre CEO Richard Horne First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644872/Hostile-states-launched-200-attacks-on-UK-infrastructure-in-five-months-says-NCSC-chief
-
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April
Multiple firms have observed active exploitation of the FortiSandbox defects, and warn that the attacks originate from multiple sources, not a single campaign. First seen on cyberscoop.com Jump to article: cyberscoop.com/fortinet-fortisandbox-vulnerabilities-exploits/
-
U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Widget Factory Joomla Content Editor (JCE) flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Widget Factory Joomla Content Editor (JCE) flaw, tracked as CVE-2026-48907 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. >>A vulnerability in the JCE…
-
Critical vulnerabilities in Fortinet FortiSandbox are under exploitation
An OS command-injection flaw was disclosed earlier this month, according to researchers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-vulnerabilities-fortinet-fortisandbox-exploitation/823027/
-
Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)
Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the >>RoguePlanet<>working … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/rogueplanet-zero-day-cve-2026-50656/
-
Attackers Exploit Cloud Logging Platforms to Hide Malicious Activity
Attackers are increasingly targeting cloud logging platforms to evade detection and maintain persistent visibility into compromised environments. The report highlights how critical services such as AWS CloudTrail and Google Cloud Logging, designed to provide comprehensive audit trails, are being actively abused by threat actors to manipulate, disable, or redirect logs, effectively “blinding” security teams while…
-
Attackers Exploit Cloud Logging Platforms to Hide Malicious Activity
Attackers are increasingly targeting cloud logging platforms to evade detection and maintain persistent visibility into compromised environments. The report highlights how critical services such as AWS CloudTrail and Google Cloud Logging, designed to provide comprehensive audit trails, are being actively abused by threat actors to manipulate, disable, or redirect logs, effectively “blinding” security teams while…
-
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop, like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication, anything internet-facing is immediately at risk.With time-to-exploit now down to…
-
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop, like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication, anything internet-facing is immediately at risk.With time-to-exploit now down to…
-
CISA orders feds to patch max severity Joomla plugin flaw by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity flaw in the Widget Factory Joomla Content Editor (JCE) plugin that is being actively exploited in the wild. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-max-severity-joomla-plugin-flaw-by-friday/
-
GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say
GitHub rejected two formal vulnerability reports identifying design flaws that researchers say are enabling variants of the Shai-Hulud supply-chain worm to infect and compromise hundreds of software packages and developer accounts worldwide. First seen on therecord.media Jump to article: therecord.media/github-dismissed-reports-shai-hulud-deep-specter
-
Steam Workshop Malware Campaign Uses Wallpaper Engine to Steal Accounts and Infect Gamers
A sophisticated malware campaign has been abusing Steam Workshop’s sharing model to distribute backdoors, infostealers and crypto miners hidden inside Wallpaper Engine packages, primarily targeting gamers in China and Russia. The campaign exploits Wallpaper Engine’s “application” wallpaper type essentially standalone executables that run as animated desktop backgrounds to execute arbitrary code the moment a user…
-
CISA Issues Alert on Oracle PeopleSoft Vulnerability Exploited by Ransomware Groups
Tags: authentication, cisa, control, cve, cyber, cybersecurity, exploit, flaw, group, infrastructure, oracle, ransomware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical vulnerability in Oracle PeopleSoft Enterprise PeopleTools, identified as CVE-2026-35273. This vulnerability, categorized as CWE-306 (Missing Authentication for Critical Function), allows unauthenticated attackers to gain full control of vulnerable PeopleSoft environments. According to CISA, this flaw…
-
CISA Issues Alert on Oracle PeopleSoft Vulnerability Exploited by Ransomware Groups
Tags: authentication, cisa, control, cve, cyber, cybersecurity, exploit, flaw, group, infrastructure, oracle, ransomware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical vulnerability in Oracle PeopleSoft Enterprise PeopleTools, identified as CVE-2026-35273. This vulnerability, categorized as CWE-306 (Missing Authentication for Critical Function), allows unauthenticated attackers to gain full control of vulnerable PeopleSoft environments. According to CISA, this flaw…
-
Hackers Inject Malicious JavaScript Into WordPress Sites to Deploy ErrTraffic ClickFix Lures
Hackers are injecting malicious JavaScript into compromised WordPress sites to deploy ErrTraffic-powered ClickFix lures, a campaign that achieved nearly 60% victim conversion rates an unprecedented figure in malware ecosystems. Threat actors exploit WordPress vulnerabilities to inject a single line of JavaScript that visually glitches websites, then trick users into executing malicious PowerShell commands under the…
-
Hackers Inject Malicious JavaScript Into WordPress Sites to Deploy ErrTraffic ClickFix Lures
Hackers are injecting malicious JavaScript into compromised WordPress sites to deploy ErrTraffic-powered ClickFix lures, a campaign that achieved nearly 60% victim conversion rates an unprecedented figure in malware ecosystems. Threat actors exploit WordPress vulnerabilities to inject a single line of JavaScript that visually glitches websites, then trick users into executing malicious PowerShell commands under the…
-
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary First seen on…
-
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary First seen on…
-
NVIDIA NeMo Security Flaw Exposes Systems to Command Injection Attacks
NVIDIA has disclosed multiple high-severity vulnerabilities in its NeMo Framework, including a critical command injection flaw that could allow attackers to execute arbitrary code on affected systems. These issues, outlined in the June 2026 security bulletin, impact NeMo versions up to 2.7.2 across all platforms. Exploitation could lead to privilege escalation, data tampering, and the…
-
NVIDIA NeMo Security Flaw Exposes Systems to Command Injection Attacks
NVIDIA has disclosed multiple high-severity vulnerabilities in its NeMo Framework, including a critical command injection flaw that could allow attackers to execute arbitrary code on affected systems. These issues, outlined in the June 2026 security bulletin, impact NeMo versions up to 2.7.2 across all platforms. Exploitation could lead to privilege escalation, data tampering, and the…
-
Three critical FortiSandbox bugs rated 9.8 actively exploited
Tags: exploitFirst seen on scworld.com Jump to article: www.scworld.com/news/three-critical-fortisandbox-bugs-rated-98-actively-exploited
-
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith, not power massive amplification attacks. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/http-2-bomb-attacks-telcos-healthcare
-
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim’s project hijack the victim’s machine learning model upload and run code inside Google’s serving infrastructure.Palo Alto Networks Unit 42, which found and reported the bug through Google’s bug bounty program, calls the technique “Pickle in…
-
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
SearchLeak exploit shows why the industry’s approach to LLM security fails over and over. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/critical-copilot-vulnerability-allowed-hackers-to-seal-2fa-code-from-users/
-
India temporarily blocks Telegram over medical exam cheating fears
Authorities said scammers previously exploited the feature by posting fake exam questions before the test and later replacing them with the real questions, making it look like they had leaked the exam in advance. First seen on therecord.media Jump to article: therecord.media/india-blocks-telegram-over-cheating-fears
-
Attackers are exploiting FortiSandbox vulnerabilities
Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/fortisandbox-vulnerabilities-cve-2026-39813-cve-2026-39808-cve-2026-25089/
-
Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack
Three FortiSandbox flaws, including one patched last week, are being actively exploited, highlighting the shrinking window for defenders. Cybersecurity firm Defused Cyber confirmed it’s seen active exploitation of three vulnerabilities in Fortinet FortiSandbox within a 24-hour window. Two of them had patches sitting available since April. The third got fixed last week, which, apparently, wasn’t…
-
SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)
A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/simplehelp-rmm-cve-2026-48558/