Tag: infrastructure
-
LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers
Tags: ai, authentication, control, cve, cyber, data-breach, infrastructure, remote-code-execution, risk, vulnerabilityA critical vulnerability chain affecting LiteLLM has been identified, enabling unauthenticated remote code execution (RCE) on exposed servers. Tracked as CVE-2026-42271 and chained to CVE-2026-48710, the issue allows attackers to bypass authentication controls and execute arbitrary system commands, posing a severe risk to AI infrastructure that relies on LiteLLM deployments. LiteLLM Vulnerability CVE-2026-42271 is a…
-
U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: The CVE-2026-42271…
-
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
Tags: cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2026-42271 (CVSS score: 8.7), is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the First seen…
-
Reducing security operations complexity with Wazuh Cloud
Security teams are increasingly overwhelmed by alert fatigue, infrastructure maintenance, and complex hybrid environments. This article explores how Wazuh Cloud helps simplify SIEM/XDR operations through managed infrastructure, automated scaling, and AI-driven security analysis. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/reducing-security-operations-complexity-with-wazuh-cloud/
-
U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Serv-U flaw, tracked as CVE-2026-28318 (CVSS ver 3.1 score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. SolarWinds Serv-U is a managed file transfer (MFT) and secure file…
-
Cisco Warns Agentic AI Will Put New Pressure on Enterprise Networks
Cisco executives said agentic AI could triple network traffic, creating new infrastructure and security demands for enterprises. The post Cisco Warns Agentic AI Will Put New Pressure on Enterprise Networks appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-ai-networking-bottleneck/
-
CISA Alerts on Actively Exploited SolarWinds Serv-U Denial-of-Service Flaw
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, risk, service, threat, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability in SolarWinds Serv-U to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-28318, this flaw allows unauthenticated threat actors to remotely crash the file transfer service. With active exploitation observed in the wild, this development signals a severe risk to enterprise…
-
Malspam Campaign Abuses DoubleClick to Deploy Stealthy .NET Loader
A sophisticated new malspam campaign is actively exploiting Google’s DoubleClick ad-tracking infrastructure to bypass enterprise email security gateways. Discovered by researchers at Huntress, the attack utilizes highly personalized dynamic lures to initiate a complex, five-stage infection chain that actively dismantles local defenses before deploying process-hollowed payloads. The attack chain begins with a malicious HTML attachment,…
-
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
Tags: cisa, cve, cybersecurity, dos, exploit, flaw, infrastructure, kev, service, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2026-28318 (CVSS score: 7.5), is a denial-of-service (DoS) bug that causes the service to crash First seen on thehackernews.com…
-
NetApp and Cisco expand FlexPod for enterprise AI infrastructure
First seen on scworld.com Jump to article: www.scworld.com/brief/netapp-and-cisco-expand-flexpod-for-enterprise-ai-infrastructure
-
What Trump’s AI Executive Order Means for Healthcare Sector
Experts: If Implemented Effectively, Directive Could Help Health Organizations. Although President Donald Trump’s executive order this week on artificial intelligence barely mentions healthcare, some experts said the directive could potentially have a positive impact on the critical infrastructure sector – if implemented effectively. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/what-trumps-ai-executive-order-means-for-healthcare-sector-a-31901
-
What Trump’s AI Executive Order Means for Healthcare Sector
Experts: If Implemented Effectively, Directive Could Help Health Organizations. Although President Donald Trump’s executive order this week on artificial intelligence barely mentions healthcare, some experts said the directive could potentially have a positive impact on the critical infrastructure sector – if implemented effectively. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/what-trumps-ai-executive-order-means-for-healthcare-sector-a-31901
-
Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure
Tags: attack, cybersecurity, data-breach, dns, group, infrastructure, intelligence, law, malicious, network, ransomResearchers exposed the Silent Ransom Group ‘s Fast Flux infrastructure as the FBI warns of ongoing attacks targeting U.S. law firms and businesses. Resecurity uncovered the Silent Ransom Group (SRG)’s Fast Flux network infrastructure and shares available intelligence with the cybersecurity community to disrupt their malicious activities and enable ISP/DNS providers to counter this threat.…
-
Silent Ransom Group (SRG): Uncovering DNS Fast Flux Infrastructure
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/silent-ransom-group-srg-uncovering-dns-fast-flux-infrastructure
-
Over 900 US gas station tank gauge systems exposed to attacks
Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online and are vulnerable to ongoing attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-900-us-gas-station-tank-gauge-systems-exposed-to-attacks/
-
ISMG Editors: Wrapping Up Infosecurity Europe 2026
Conference Highlights AI Maturity, Agentic Risks and Human Factors in Cybersecurity. ISMG editors reflect on key themes from Infosecurity Europe 2026, including AI’s role from buzzword to business strategy, the risks of agentic systems in critical infrastructure and why human-to-human trust is emerging as a defining factor in cybersecurity. First seen on govinfosecurity.com Jump to…
-
UAE launches national cryptography discovery platform to accelerate post-quantum security transition
Partnership between the UAE Cyber Security Council and QuantumGate aims to provide nationwide visibility of cryptographic assets, helping critical infrastructure operators to prepare for the emerging risks posed by quantum computing First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643900/UAE-launches-national-cryptography-discovery-platform-to-accelerate-post-quantum-security-transition
-
CISA Issues Alert on Actively Exploited Linux Kernel Security Flaw
Tags: authentication, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, linux, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a fresh alert warning organizations about the active exploitation of a Linux kernel vulnerability tracked as CVE-2022-0492. The flaw, categorized as an improper authentication issue, affects Linux systems using the cgroups v1 release_agent feature and can allow attackers to escalate privileges within compromised environments. Linux…
-
Azul gewinnt vier Stevie Awards 2026 für Enterprise-Java, Cloud-Optimierung, DevOps und KI-Infrastruktur
Azul, Anbieter von Enterprise-Java-Lösungen für KI- und Cloud-First-Umgebungen, ist bei den 24th Annual American Business Awards mit vier Stevie Awards ausgezeichnet worden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/azul-gewinnt-vier-stevie-awards-2026-fuer-enterprise-java-cloud-optimierung-devops-und-ki-infrastruktur/a45385/
-
Dashlane Reveals How Hackers Downloaded Encrypted Password Vaults
Dashlane has disclosed the findings of a recent security investigation, confirming that a limited number of users were impacted by a targeted brute-force attack against its device registration system. The company emphasized that its internal infrastructure was not breached and that no evidence suggests a broader compromise beyond a small subset of accounts. Device Registration…
-
Credit card theft campaign abuses Stripe to host stolen payment info
A new Magecart campaign is using Stripe’s API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/credit-card-theft-campaign-abuses-stripe-to-host-stolen-payment-info/
-
Trump considers Palantir exec to lead CISA
Shyam Sankar, the chief technology officer at Palantir Technologies, has emerged as a lead contender for the long vacant Cybersecurity and Infrastructure Security Agency (CISA) director role, according to the sources, who requested anonymity to discuss the administration’s search. First seen on therecord.media Jump to article: therecord.media/trump-considers-palantir-exec-to-lead-cisa
-
Russia seeks to label two anti-Kremlin hacker groups as ‘extremist’
The groups have previously claimed responsibility for cyberattacks targeting critical infrastructure and government institutions in Russia and Belarus. First seen on therecord.media Jump to article: therecord.media/russia-seeks-extremist-label-for-hacker-groups
-
U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Mirasvit Full Page Cache Warmer flaw, tracked as CVE-2026-45247 (CVSS ver 4.0 score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2026-45247 flaw is a…
-
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild.The vulnerability, tracked as CVE-2026-45247 (CVSS score: 9.8), is a case of deserialization of untrusted First seen…
-
Kali365 PhaaS Expands to Okta, MAX Messenger Attacks
Tags: attack, cyber, infrastructure, intelligence, microsoft, monitoring, okta, phishing, russia, service, theft, threatThe Kali365 phishing-as-a-service (PhaaS) platform has significantly expanded its operational scope, moving beyond Microsoft 365 token theft to target Okta single sign-on (SSO) environments and Russia’s rapidly growing MAX Messenger platform. New threat intelligence reveals a more mature, multi-brand phishing ecosystem with centralized infrastructure, real-time token monitoring, and geographically targeted campaigns. Previously documented for abusing…
-
Pakistan Spies on Afghan Finance Ministry With Xeno RAT
Despite broadly connected digital infrastructure, standard fare TTPs are enough to cause trouble for Afghanistan’s porous cybersecurity. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/pakistan-spies-afghan-finance-ministry-xeno-rat
-
CISA warns of cyberattacks targeting fuel tank monitoring systems
CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across various critical infrastructure sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-cyberattacks-targeting-fuel-tank-monitoring-systems/
-
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
Cybersecurity researchers have flagged a new malspam campaign that makes use of Google’s DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named DesckVB RAT.”Before the victim ever reaches attacker-controlled infrastructure, the lure routes through DoubleClick, a legitimate Google-owned domain that many security tools are less likely to…