Tag: vulnerability
-
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
Tags: authentication, cve, cvss, exploit, flaw, identity, oracle, rce, remote-code-execution, service, update, vulnerabilityOracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be exploited to achieve remote code execution.The vulnerability, tracked as CVE-2026-21992, carries a CVSS score of 9.8 out of a maximum of 10.0.”This vulnerability is remotely exploitable without authentication,” Oracle said in an advisory. “If…
-
Oracle Fixes High-Severity RCE Vulnerability Affecting Identity and Web Services Platforms
Oracle recently issued an urgent security alert regarding a critical Remote Code Execution (RCE) flaw that impacts both Oracle Identity Manager and Oracle Web Services Manager. Tracked as CVE-2026-21992, this vulnerability allows attackers to compromise systems remotely without requiring any user authentication. Organizations utilizing these affected Fusion Middleware components must act immediately to prevent potential…
-
Trivy Vulnerability Scanner Compromised to Inject Malicious Scripts That Steal Credentials
Tags: attack, breach, credentials, cyber, github, malicious, security-incident, supply-chain, vulnerabilityA highly sophisticated supply chain attack has successfully compromised the official Trivy GitHub Actions repository, severely impacting continuous integration environments. Discovered on March 19, 2026, this breach represents the second major security incident to strike the Trivy ecosystem this month following a prior credential theft. Attackers effectively hijacked 75 out of 76 version tags, transforming…
-
Trivy Vulnerability Scanner Compromised to Inject Malicious Scripts That Steal Credentials
Tags: attack, breach, credentials, cyber, github, malicious, security-incident, supply-chain, vulnerabilityA highly sophisticated supply chain attack has successfully compromised the official Trivy GitHub Actions repository, severely impacting continuous integration environments. Discovered on March 19, 2026, this breach represents the second major security incident to strike the Trivy ecosystem this month following a prior credential theft. Attackers effectively hijacked 75 out of 76 version tags, transforming…
-
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch them by April 3, 2026.The vulnerabilities that have come under exploitation are listed below -CVE-2025-31277 (CVSS score: 8.8) – A vulnerability in…
-
Trivy vulnerability scanner backdoored with credential stealer in supply chain attack
Tags: access, attack, breach, cloud, control, credentials, crypto, data, detection, docker, email, exploit, github, kubernetes, malicious, malware, network, risk, supply-chain, vulnerabilityAttackers look for development secrets: On GitHub Actions runners, the credential stealer reads the process memory to extract secrets and searches the filesystem for SSH keys, cloud provider credentials, Kubernetes tokens, Docker registry configurations, and cryptocurrency wallets.The stolen data is encrypted and sent to a typosquatted domain that mimics Aqua Security’s legitimate site. If this…
-
Trivy vulnerability scanner backdoored with credential stealer in supply chain attack
Tags: access, attack, breach, cloud, control, credentials, crypto, data, detection, docker, email, exploit, github, kubernetes, malicious, malware, network, risk, supply-chain, vulnerabilityAttackers look for development secrets: On GitHub Actions runners, the credential stealer reads the process memory to extract secrets and searches the filesystem for SSH keys, cloud provider credentials, Kubernetes tokens, Docker registry configurations, and cryptocurrency wallets.The stolen data is encrypted and sent to a typosquatted domain that mimics Aqua Security’s legitimate site. If this…
-
TDL 018 – How To Think, Not What To Think – Mitch Prior
Tags: access, ai, apple, attack, backup, blockchain, business, cctv, china, ciso, cloud, computer, conference, control, credentials, cvss, cyber, cybersecurity, data, defense, detection, exploit, finance, firmware, google, infrastructure, intelligence, Internet, iot, jobs, law, mail, malware, military, network, phone, privacy, resilience, risk, router, software, strategy, switch, technology, threat, tool, vulnerability, wifi, zero-trustThe Human Algorithm in a Zero-Trust World In the latest episode of The Defender’s Log, host David Redekop sits down with cybersecurity expert Mitch Prior to discuss the intersection of high-tech security and human intuition. From their first meeting in 2018″, the early days of Zero Trust”, the duo explores why the “why” behind technical…
-
Cryptographers engage in war of words over RustSec bug reports and subsequent ban
Rust security maintainers contend Nadim Kobeissi’s vulnerability claims are too much First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/cryptographer_nadim_kobeissi_rustsec_ban/
-
Oracle pushes emergency fix for critical Identity Manager RCE flaw
Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-pushes-emergency-fix-for-critical-identity-manager-rce-flaw/
-
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware that stole sensitive CI/CD secrets.The latest incident impacted GitHub Actions “aquasecurity/trivy-action” and “aquasecurity/setup-trivy,” which are used to scan Docker container images for vulnerabilities and set up GitHub Actions workflow First seen…
-
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware that stole sensitive CI/CD secrets.The latest incident impacted GitHub Actions “aquasecurity/trivy-action” and “aquasecurity/setup-trivy,” which are used to scan Docker container images for vulnerabilities and set up GitHub Actions workflow First seen…
-
Ubiquiti defect poses account takeover risk for UniFi Networking Application users
The maximum-severity vulnerability, which hasn’t been exploited in the wild yet, affects software customers use to manage networking devices. First seen on cyberscoop.com Jump to article: cyberscoop.com/ubiquiti-unifi-networking-application-vulnerability/
-
CISA orders feds to patch max-severity Cisco flaw by Sunday
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday/
-
Interlock Ransomware Targets Cisco Enterprise Firewalls
The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before it was publicly disclosed. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/interlock-ransomware-targets-cisco-enterprise-firewalls
-
Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)
A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has been exploited as a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/20/cisco-fmc-interlock-ransomware-cve-2026-20131/
-
Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution
Google has released a critical security update for its Chrome desktop web browser, addressing 26 distinct vulnerabilities that could enable attackers to execute malicious code remotely. The Stable channel update introduces versions 146.0.7680.153 and 146.0.7680.154 for Windows and macOS systems, while Linux environments will receive version 146.0.7680.153. This substantial patch cycle is actively rolling out…
-
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Sansec is warning of a critical security flaw in Magento’s REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover.The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the attack hinges on disguising malicious code as an image. There is no evidence that…
-
Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge
Apple warns that outdated iPhones are vulnerable to Coruna and DarkSword exploit kits and urges users to update iOS. Apple has warned that iPhones running outdated iOS versions are at risk from exploit kits like Coruna and DarkSword. These attacks use malicious web content to trigger infection chains that can steal sensitive data. Users are…
-
Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls
A severe security vulnerability has been uncovered in UNISOC modem firmware, allowing attackers to execute arbitrary code remotely over cellular networks. UNISOC is a major semiconductor manufacturer providing chipsets for prominent mobile brands such as Motorola, Samsung, Vivo, and Realme. This unpatched flaw leaves millions of devices potentially vulnerable to remote compromise. Vulnerability Overview The…
-
Unpatched ScreenConnect servers open to attack (CVE-2026-3564)
ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/20/connectwise-screenconnect-cve-2026-3564/
-
Unpatched ScreenConnect servers open to attack (CVE-2026-3564)
ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/20/connectwise-screenconnect-cve-2026-3564/
-
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
Tags: attack, cisa, cisco, cloud, control, cve, cyber, cybercrime, cybersecurity, exploit, firewall, flaw, infrastructure, ransomware, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency has issued an urgent warning regarding a critical zero-day vulnerability affecting heavily relied-upon Cisco security products. Tracked officially as CVE-2026-20131, this severe flaw is actively being exploited by cybercriminals in targeted ransomware campaigns. Organizations relying on Cisco Secure Firewall Management Center and Cisco Security Cloud Control must take immediate…
-
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
Tags: attack, cisa, cisco, cloud, control, cve, cyber, cybercrime, cybersecurity, exploit, firewall, flaw, infrastructure, ransomware, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency has issued an urgent warning regarding a critical zero-day vulnerability affecting heavily relied-upon Cisco security products. Tracked officially as CVE-2026-20131, this severe flaw is actively being exploited by cybercriminals in targeted ransomware campaigns. Organizations relying on Cisco Secure Firewall Management Center and Cisco Security Cloud Control must take immediate…
-
Bamboo Data Center and Server Vulnerability Enables Remote Code Execution
Atlassian has officially resolved a high-severity Remote Code Execution (RCE) vulnerability within its Bamboo Data Centre application. Officially tracked as CVE-2026-21570, this critical security flaw introduces severe risks to enterprise continuous integration and continuous deployment environments. Because Bamboo serves as a central hub for automated software builds, testing, and release management, a compromise here could…
-
Bamboo Data Center and Server Vulnerability Enables Remote Code Execution
Atlassian has officially resolved a high-severity Remote Code Execution (RCE) vulnerability within its Bamboo Data Centre application. Officially tracked as CVE-2026-21570, this critical security flaw introduces severe risks to enterprise continuous integration and continuous deployment environments. Because Bamboo serves as a central hub for automated software builds, testing, and release management, a compromise here could…
-
New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
Tags: advisory, automation, credentials, cyber, exploit, flaw, network, rce, remote-code-execution, risk, vulnerabilityThe Jenkins project released a critical security advisory addressing multiple vulnerabilities in its core automation server and the LoadNinja plugin. These flaws expose continuous integration and continuous deployment (CI/CD) environments to severe risks, including arbitrary file creation, credential exposure, and remote code execution (RCE). Because Jenkins controllers often hold elevated privileges across enterprise networks, administrators…
-
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword.These attacks employ malicious web content to target out-of-date versions of iOS, triggering an infection chain that leads to the theft of sensitive data.”For…
-
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword.These attacks employ malicious web content to target out-of-date versions of iOS, triggering an infection chain that leads to the theft of sensitive data.”For…
-
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a total of 35 vulnerable drivers.EDR killer programs have been a common presence in ransomware intrusions as they offer a way for affiliates to neutralize security…