Tag: vulnerability
-
May 2026 Patch Tuesday forecast: AI starts driving security industry changes
Project Glasswing. This is one of three major security industry changes I’ll cover today. The Anthropic Mythos vulnerability discovery model has already proven to be game … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/08/may-2026-patch-tuesday-forecast/
-
PoC Exploit Released for Dirty Frag Linux Kernel Vulnerability
A proof-of-concept exploit for a new Linux kernel vulnerability class dubbed >>Dirty Frag<<. This universal local privilege escalation vulnerability allows attackers to obtain root access across most major Linux distributions reliably. Because a third party unexpectedly broke the responsible disclosure embargo, the exploit is now public without official patches or an assigned Common Vulnerabilities and…
-
Multiple Critical Flaws Fixed in Next.js and React Server Components
Vercel has rolled out vital security updates for Next.js to address a wave of high-severity vulnerabilities affecting versions across the 13.x to 16.x branches. Published via GitHub advisories by Tim Neutkens, these flaws expose web applications to severe risks, including unauthenticated Denial of Service (DoS), Server-Side Request Forgery (SSRF), and multiple middleware authentication bypasses. The…
-
EUVD-2026-18480 / CVE-2026-35414 – OpenSSH-Schwachstelle ermöglicht Root-Zugriff
First seen on security-insider.de Jump to article: www.security-insider.de/openssh-schwachstelle-root-login-update-10-3-a-5bee2a7f668462c6530ec7dd4ba0ffa5/
-
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
VM.run() can obtain host process object and runs host commands with zero co-operation from the host.However, researchers at Socket told us in an email that the advisory about this escape says it has been confirmed only on Node.js 25.6.1, and requires a Node.js version with WebAssembly exception handling and JSTag support.The highest-risk scenario, they said, would be an…
-
Canvas login portals hacked in mass ShinyHunters extortion campaign
The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting another vulnerability to deface Canvas login portals for hundreds of colleges and universities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/canvas-login-portals-hacked-in-mass-shinyhunters-extortion-campaign/
-
Ollama vulnerability highlights danger of AI frameworks with unrestricted access
Tags: access, ai, api, authentication, credentials, framework, Internet, mitigation, network, tool, update, vulnerabilityMitigation: Users should update to Ollama version 0.17.1, which includes a patch for this vulnerability. More generally, they should deploy an authentication proxy or API gateway in front of all Ollama instances and never expose them to the internet without IP access filters and firewalls.”If your Ollama server was internet-accessible, assume environment variables and secrets…
-
Mozilla says 271 vulnerabilities found by Mythos have almost no false positives
The developer of Firefox says it has “completely bought in” on AI-assisted bug discovery. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2026/05/mozilla-says-271-vulnerabilities-found-by-mythos-have-almost-no-false-positives/
-
CrowdStrike Partners: AI Vulnerability Surge Means It’s Time To ‘Pick A Platform’ In Security
The combination of a fast-moving platform vendor like CrowdStrike and advanced security services will be critical for being able to protect customers in the coming era of AI-accelerated exploitation of vulnerabilities, according to executives from top CrowdStrike partners. First seen on crn.com Jump to article: www.crn.com/news/security/2026/crowdstrike-partners-ai-vulnerability-surge-means-it-s-time-to-pick-a-platform-in-security
-
U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, mobile, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-6973 (CVSS score of 7.1), to its Known Exploited Vulnerabilities (KEV) catalog. Ivanti warns customers…
-
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1.It allows “a remotely authenticated user with administrative access to achieve remote code…
-
Cisco patches high-severity flaws enabling SSRF, code execution attacks
Cisco fixed several high”‘severity flaws in its enterprise products, including SSRF bugs in Unity Connection that could enable code execution or service disruption. Cisco released patches for multiple high”‘severity vulnerabilities affecting its enterprise products. Successful exploitation could allow code execution, server”‘side request forgery (SSRF), or denial”‘of”‘service attacks. Two notable flaws, CVE”‘2026″‘20034 and CVE”‘2026″‘20035, impact Cisco…
-
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Tags: attack, endpoint, exploit, flaw, ivanti, mobile, remote-code-execution, update, vulnerability, zero-dayIvanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/
-
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Tags: access, authentication, cve, espionage, exploit, flaw, network, rce, remote-code-execution, service, software, threat, vulnerabilityPalo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026.The vulnerability in question is CVE-2026-0300 (CVSS score: 9.3/8.7), a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software that could allow an unauthenticated…
-
State-sponsored hackers likely behind zero-day attacks on Palo Alto firewalls
Palo Alto Networks believes the in-the-wild exploitation of a zero-day vulnerability (CVE-2026-0300) in its firewalls is likely the work of state-sponsored threat actors. A … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/07/state-sponsored-hackers-zero-day-attacks-palo-alto-firewalls/
-
Palo Alto Networks firewall zero-day exploited for nearly a month
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pan-os-firewall-rce-zero-day-exploited-in-attacks-since-april-9/
-
Spring Vulnerabilities Open Door to Arbitrary File Access and GCP Secret Leaks
Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclosed flaws could allow attackers to access arbitrary files, leak Google Cloud Platform (GCP) secrets, and manipulate system directories. Administrators, please patch your systems immediately to prevent active exploitation. Spring Vulnerabilities Critical Directory Traversal…
-
Security Lost The Speed War: Context Is How We Win
AI-Driven Attacks Compress Breakout Times, Forcing Defenders to Rely on Context Now AI has lowered the cost and speed of cyberattacks, enabling adversaries to exploit vulnerabilities within minutes. As breakout times collapse, security teams must respond faster by using context-driven intelligence and automation to detect, prioritize and stop threats in real time. First seen on…
-
Google Chrome 148 Released With Fixes for 127 Security Flaws
Google has officially rolled out Chrome version 148 to the stable channel, delivering a massive security overhaul that addresses 127 vulnerabilities across Windows, Mac, and Linux. The update, now available as version 148.0.7778.96 for Linux and 148.0.7778.96 or 148.0.7778.97 for Windows and Mac, patches several critical memory management flaws that could allow attackers to execute…
-
Salesforce Marketing Cloud Vulnerabilities Expose Cross-Tenant Subscriber Data Risks
A recently disclosed set of vulnerabilities in Salesforce Marketing Cloud, widely known as SFMC, has drawn attention to the security risks tied to centralized marketing infrastructure. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/salesforce-sfmc-ampscript-vulnerability/
-
U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Palo Alto Networks PAN-OS, tracked as CVE-2026-0300 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is a buffer…
-
Redis Security Flaws Expose Servers to Remote Code Execution Risks
Redis has disclosed and patched five security vulnerabilities, including four rated High severity, that could allow authenticated attackers to achieve remote code execution (RCE) on affected Redis servers. The advisory, published May 5, 2026, by Redis Chief Information Security Officer Riaz Lakhani, covers CVE-2026-23479, CVE-2026-25243, CVE-2026-25588, CVE-2026-25589, and CVE-2026-23631. Redis Security Flaws Expose Servers CVE-2026-23479…
-
Cisco Network Flaw Exposes Devices to Remote DenialService Exploits
Cisco has issued a high-severity security advisory detailing a critical connection exhaustion vulnerability affecting its network management software. Tracked as CVE-2026-20188, this flaw carries a CVSS base score of 7.5. It directly impacts both the Cisco Crosswork Network Controller (CNC) and the Cisco Network Services Orchestrator (NSO), potentially allowing threat actors to disrupt core network…
-
Critical vm2 Node.js Library Flaws Enable Arbitrary Code Execution Attacks
Multiple critical sandbox-escape vulnerabilities have been disclosed in vm2, one of the most widely used Node.js sandboxing libraries, allowing attackers to escape the isolated execution environment and run arbitrary commands directly on the host system. Eleven advisories were published by maintainer patriksimek within days, covering affected versions up to 3.11.1, with patches available in VM2…
-
WatchGuard Agent Flaws Allow Attackers to Gain Full SYSTEM Privileges on Windows
Multiple high-severity vulnerabilities in the WatchGuard Agent for Windows could allow malicious actors to elevate their privileges to the highest system level or disrupt critical security services. With CVSS scores up to 8.5, these vulnerabilities pose a significant risk to organizations that rely on WatchGuard for endpoint security and threat protection. WatchGuard Agent Flaws Chained…
-
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent…
-
US government agency to safety test frontier AI models before release
Executive order ‘taking shape’: Following the announcement from CAISI, a published report on Wednesday indicated that the White House is on the verge of preparing an executive order that would see the creation of a vetting system for all new artificial intelligence models, key among them Anthropic’s Mythos.Bloomberg reported, “the directive is taking shape weeks…
-
Anthropic Sounds Cyber Alarm Amid Financial AI Push
Mythos Found ‘Tens of Thousands’ of Unpatched Flaws With Months to Fix Them. Anthropic CEO Dario Amodei warned that Claude Mythos has found tens of thousands of unpatched software vulnerabilities, with a six-to-12 month window before Chinese AI models catch up. The disclosure came alongside a major financial services push including an investor-backed firm and…
-
Anthropic Mythos Proves It’s Time to Fight Agentic Discovery With Agentic Validation
Mythos Moves the Needle on AI Innovation, Defense Anthropic’s “Mythos moment” is accelerating vulnerability discovery, but speed without validation is a growing risk. As exploit windows shrink and remediation lags, more findings only mean more noise. The real advantage lies in validating what actually matters”, and fixing it first. First seen on govinfosecurity.com Jump to…