Tag: service
-
AI agent finds 18-year-old remote code execution flaw in Nginx
Tags: ai, api, application-security, cve, cvss, data, dos, endpoint, exploit, flaw, github, leak, mitigation, network, open-source, remote-code-execution, risk, service, technology, update, vulnerability, wafngx_http_rewrite_module, a component that handles URL rewrites, and impacts Nginx versions from 0.6.27 to 1.30.0. The issue has been given a 9.2 CVSS severity score and was patched in versions 1.31.0 and 1.30.1.The commercial product, Nginx Plus, owned and developed by network and application security firm F5, is also vulnerable, and received patches in versions…
-
What’s Next for the Proposed HIPAA Security Rule Overhaul?
Will Regulators Make the May Deadline, and What Changes Will Make the Cut?. Federal regulators are scheduled to issue a rule this month finalizing a proposed massive overhaul of the 23-year-old HIPAA Security Rule. Will the Department of Health and Human Services make the deadline, and what should HIPAA regulated organization expect? First seen on…
-
Meet Fragnesia, the third Linux kernel vulnerability in a month
Tags: access, control, exploit, framework, least-privilege, linux, mfa, mitigation, monitoring, password, service, switch, update, vulnerabilityCSO. “It is bypassing traditional filesystem permissions that are present and enforced (for example, ‘file is owned by root’, or ‘file is read-only’) to allow manipulation without touching the disk.”Similar to Dirty Frag, Fragnesia (CVE-2026-46300) is a local privilege escalation hole that exploits a vulnerability in the XFRM ESP-in-TCP subsystem to achieve a memory write…
-
Cryptohack Roundup: Banking Trojan Targets Crypto Firms
Also: Indictments in Theft Case, KelpDAO Restarts Operations. This week, banking Trojan TCLBanker targeted crypto platforms, three people indicted in a violent digital assets-related robbery, Kelp DAO restarted services after the $292 million hack and the U.S. Department of the Treasury tightened oversight of Binance. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-banking-trojan-targets-crypto-firms-a-31683
-
King’s Speech paves the way for digital ID
The speech outlined plans for a Digital Access to Services Bill, establishing a legal framework for the use of digital identity, which has received mixed responses First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643097/Kings-Speech-paves-the-way-for-digital-ID
-
18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/18-year-old-nginx-vulnerability-allows-dos-potential-rce/
-
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses
Tags: attack, authentication, business, cloud, communications, control, credentials, defense, detection, email, framework, government, infrastructure, login, malicious, malware, mfa, microsoft, phishing, service, theftThe campaign dynamically adapts to victims: After deobfuscation, the phishing payload loads infrastructure designed to impersonate Microsoft 365 and other login portals while dynamically adapting to targeted users.According to the report, the malware can determine which authentication provider should be impersonated, preload victim email addresses into phishing pages, and customize branding elements such as company…
-
Gentlemen RaaS Exploits Fortinet and Cisco Edge Devices for Initial Access
The Gentlemen ransomware-as-a-service (RaaS) operation is turning exposed Fortinet and Cisco edge devices into a fast lane into enterprise networks and doing it at scale. What began as a rising RaaS brand in mid”‘2025 has, by early 2026, evolved into one of the most active programs on the underground, with hundreds of victims and a…
-
West Pharmaceutical warns of ransomware attack impacting business operations
West Pharmaceutical Services filed a report with the Securities and Exchange Commission (SEC) on Monday evening warning customers that a hacker breached the company network on May 4, stole data and encrypted systems. First seen on therecord.media Jump to article: therecord.media/west-pharmaceutical-warns-of-ransomware-attack-impacting-operations
-
Mistral AI SDK, TanStack Router hit in npm software supply chain attack
Tags: ai, api, attack, breach, cloud, credentials, data, data-breach, exploit, github, kubernetes, malicious, malware, network, open-source, password, router, service, software, supply-chain, switch, vulnerabilitypull_request_target. This allows third-party workflows to run automatically, a way of avoiding maintainer approval fatigue, but means that the maintainer’s short-lived OIDC tokens become vulnerable to scraping.Armed with these tokens, the attacker were able to compromise the packages by injecting the malicious Mini Shai-Hulud malware, which propagated to other projects.The purpose is to steal developer…
-
Amazon Quick authorization bypass let users reach blocked AI chat agents
Enterprises running Amazon Quick, the AWS business intelligence and agentic AI service, rely on a feature called custom permissions to restrict who inside an account can use … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/fog-security-amazon-quick-authorization-bypass/
-
Versa erneut Leader im Bereich SSE im GigaOm-Radar
Der Spezialist für Secure-Access-Service-Edge (SASE), Versa, wurde zum dritten Mal in Folge im <> als Leader ausgezeichnet. In dem Bericht werden die SSE-Lösungen von 22 globalen Sicherheitsanbietern analysiert. Auf der Grundlage dieser Bewertungen in den Bereichen Schlüsselfunktionen, Innovationskraft und Geschäftsmodelle werden sie entsprechend als Leader, Challenger und New […] First seen on netzpalaver.de Jump to…
-
WorkNest Launches WorkNest Secure to Expand Cybersecurity and Compliance Services
WorkNest Secure has launched a new cybersecurity and compliance division aimed at helping organizations strengthen security, manage risk, and meet growing regulatory demands. The new division, called WorkNest Secure, brings together the cyber, information security, and data protection capabilities of Pentest People and Bulletproof under one brand. Both companies became part of WorkNestGroup following a…
-
How Organizations Are Strengthening Defenses Against Scattered Spider
An On Demand video from ID Dataweb. Scattered Spider continues to evolve, and organizations across financial services, healthcare, insurance, telecommunications, and other sectors are strengthening defenses against increasingly sophisticated identity-driven threats. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/how-organizations-are-strengthening-defenses-against-scattered-spider-a-31660
-
Why patching SLAs should be the floor, not the strategy
SLAs measure discipline, not risk: Here’s the mental model I’ve been pushing with my peers. Think of patching SLAs the way you think of fire drills. Fire drills are necessary. They prove that, on a predictable cadence, your organization can execute a known procedure. No one in charge of a building full of people would…
-
Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks
A critical security vulnerability in the Cline AI coding assistant’s kanban package exposes developers to remote code execution, data theft, and denial-of-service attacks by simply visiting a malicious website. Security researcher Sagilayani disclosed CVE-2026-44211 on GitHub four days ago, revealing that the kanban npm package bundled with the Cline CLI starts a WebSocket server on 127.0.0.1:3484 with zero Origin…
-
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecommerce websites stealthily. Because GTM is widely used and loaded from the trusted domain googletagmanager.com, malicious scripts can blend in with legitimate site functionality, making detection significantly harder. Once embedded into a compromised…
-
iOS 26.5 Brings Default EndEnd Encrypted RCS Messaging Between iPhone and Android
Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a “cross-industry effort” to replace traditional SMS with a more secure alternative.To that end, E2EE RCS messaging is rolling out to iPhone users running iOS 26.5 with supported carriers and Android users…
-
The hidden smart fridge risks that emerge years after purchase
Household refrigerators are built to last more than a decade. The software, cloud services, and mobile apps that control them are not. A new analysis from Erik Buchmann at … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/iot-smart-fridge-risks/
-
Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched
Tags: access, attack, business, control, cve, cybersecurity, exploit, flaw, group, incident response, infosec, linux, LLM, mitigation, risk, service, strategy, switch, technology, tool, update, vulnerability, zero-day), a logic bug which lets users easily obtain root access, and Dirty Frag, which abuses weaknesses in how the Linux kernel handles fragmented memory pages. The Dirty Frag attack combines two separate vulnerabilities affecting the Linux IPsec Encapsulating Security Payload (ESP) subsystem (CVE-2026-43284) and the RxRPC networking protocol (CVE-2026-43500). The proposal has set off a furious…
-
Core42 partners with Solutions+ on Mubadala sovereign AI
Agreement announced at Make it in the Emirates will see Core42 provide sovereign cloud and AI infrastructure while Solutions+ delivers implementation services and enterprise AI applications across Mubadala portfolio companies and government entities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642883/Core42-partners-with-Solutions-on-Mubadala-sovereign-AI
-
iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users
Apple is bringing long-awaited end-to-end encryption to Rich Communication Services (RCS) messaging between iPhone and Android users in iOS 26.5. The feature is launching in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/11/apple-ios-26-5-rcs-end-to-end-encryption-iphone-android/
-
Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads
Part of a broader AI supply chain targeting: HiddenLayer, in its advisory, said that it identified six additional Hugging Face repositories uploaded under a separate account that used nearly identical loader logic and shared infrastructure with the campaign.The researchers also linked elements of the operation to earlier software supply-chain attacks involving npm typosquatting campaigns and…
-
1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution
Tags: ai, attack, authentication, breach, cloud, control, credentials, data, data-breach, defense, exploit, framework, governance, identity, infrastructure, Internet, LLM, malicious, monitoring, network, risk, service, supply-chain, threat, tool, vulnerability, zero-trustThe epistemological chasm: What renders MCP vulnerabilities particularly vexatious is the fundamental asymmetry they exploit between machine cognition and human oversight.Tool poisoning attacks insert malevolent instructions into tool metadata that LLMs process with complete fidelity but that remain utterly invisible to human operators. The machine perceives everything; its ostensible supervisors perceive nothing. We have unwittingly…
-
Product showcase: NetGuard open-source firewall for Android
NetGuard is a free, open-source firewall for Android phones and tablets that provides users with a simple way to block internet access. Android does not allow VPN services to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/08/product-showcase-netguard-open-source-firewall-android/
-
Multiple Critical Flaws Fixed in Next.js and React Server Components
Vercel has rolled out vital security updates for Next.js to address a wave of high-severity vulnerabilities affecting versions across the 13.x to 16.x branches. Published via GitHub advisories by Tim Neutkens, these flaws expose web applications to severe risks, including unauthenticated Denial of Service (DoS), Server-Side Request Forgery (SSRF), and multiple middleware authentication bypasses. The…
-
CrowdStrike Partners: AI Vulnerability Surge Means It’s Time To ‘Pick A Platform’ In Security
The combination of a fast-moving platform vendor like CrowdStrike and advanced security services will be critical for being able to protect customers in the coming era of AI-accelerated exploitation of vulnerabilities, according to executives from top CrowdStrike partners. First seen on crn.com Jump to article: www.crn.com/news/security/2026/crowdstrike-partners-ai-vulnerability-surge-means-it-s-time-to-pick-a-platform-in-security
-
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
Tags: cloud, container, credentials, cve, cybersecurity, data, data-breach, exploit, finance, framework, infrastructure, service, theft, wormCybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments.”The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting First seen on thehackernews.com Jump to article:…