Collecting Cyber-News from over 60 sources

Tag: vulnerability

Critical Ghost CMS Vulnerability Exploited to Hack 700+ Websites

May 26, 2026 1:00 PM

Tags: cyber, exploit, malicious, vulnerability

A critical Ghost CMS vulnerability identified as CVE-2026-26980 has been exploited in a widespread cyber campaign that compromised more than 700 websites, including platforms associated with major institutions such as Harvard University, University of Oxford, and DuckDuckGo. Security researchers say the attacks leveraged weaknesses in the Ghost content management system to inject malicious JavaScript code aimed at facilitating ClickFix malware attacks. First seen on thecyberexpress.com…
CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

May 26, 2026 1:00 PM

Tags: ai, attack, computer, data-breach, flaw, india, intelligence, Internet, threat, tool, update, vulnerability

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where “feasible” to safeguard against potential threats stemming from threat actors’ abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability First seen on…
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
Ghost CMS Vulnerability Exploited to Infect 700 Sites With ClickFix Malware

May 26, 2026 12:00 PM

Tags: api, authentication, control, cyber, exploit, hacker, injection, malware, sql, vulnerability

Hackers are actively exploiting a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) to compromise websites and distribute ClickFix malware through large-scale page-poisoning attacks. The vulnerability allows attackers to extract sensitive database contents without authentication, including the Ghost Admin API Key. Unlike the read-only Content API Key, this administrative key grants full control over posts…
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
Apache CXF Flaw Exposes Systems to LDAP Injection Attacks

May 26, 2026 11:00 AM

Tags: access, apache, attack, cve, cyber, flaw, injection, risk, service, unauthorized, vulnerability

Apache CXF users are facing a significant security risk following the disclosure of a new vulnerability that exposes systems to LDAP injection attacks, potentially allowing unauthorized access to sensitive certificate data. The issue, tracked as CVE-2026-44930, has been classified as “important” and affects the LDAP certificate repository within the XKMS (XML Key Management Specification) service…
ConnectWise Automate Flaw Allows Hackers to Evade Security Controls

May 26, 2026 11:00 AM

Tags: control, cve, cvss, cyber, flaw, hacker, monitoring, service, tool, unauthorized, update, vulnerability

ConnectWise has released a security update to address a high-severity vulnerability in its ConnectWise Automate remote monitoring and management (RMM) platform, a widely used tool for managed service providers (MSPs). The flaw, tracked as CVE-2026-9089, carries a CVSS score of 8.8 and could allow attackers to bypass integrity verification mechanisms, potentially enabling unauthorized code execution…
PuTTY 0.84 Update Patches SSH Key Exchange Crash Issues and Telnet Prompt Spoofing Flaw

May 26, 2026 10:00 AM

Tags: cyber, flaw, update, vulnerability

PuTTY 0.84 has been released with three minor security fixes that address issues that could allow remote attackers to crash the client or trick users during insecure sessions. Although the vulnerabilities are classified as low severity, they affect core components such as SSH key exchange and Telnet session handling, making the update important for users…
Multiple 7-Zip Vulnerabilities Enable Arbitrary Code Execution

May 26, 2026 10:00 AM

Tags: access, cyber, data, github, leak, vulnerability

Multiple memory safety bugs in 7″‘Zip 26.00 allow remote attackers to leak sensitive data and, in at least one case, execute arbitrary code when a victim opens a crafted archive file. GitHub Security Lab has disclosed a critical heap buffer overflow in 7″‘Zip’s NTFS handler (GHSL”‘2026″‘140, CVE”‘2026″‘48095), alongside a cluster of additional memory access violations…
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

May 26, 2026 9:00 AM

Tags: cve, exploit, flaw, vulnerability, zero-day

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon.The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to…
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

May 26, 2026 9:00 AM

Tags: cve, exploit, flaw, vulnerability, zero-day

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon.The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to…
Hackers Abuse KnowledgeDeliver LMS Flaw to Install BLUEBEAM Web Shell

May 26, 2026 8:00 AM

Tags: cve, cyber, exploit, flaw, google, hacker, intelligence, mandiant, remote-code-execution, threat, vulnerability

Hackers are actively exploiting a critical vulnerability in the KnowledgeDeliver Learning Management System (LMS) to deploy the BLUEBEAM web shell, according to findings from Mandiant’s Google Threat Intelligence Group. The flaw, tracked as CVE-2026-5426, enables unauthenticated remote code execution through ASP.NET ViewState deserialization and has been observed in real-world attacks. KnowledgeDeliver LMS Flaw The vulnerability…
Insgesamt 8 Schwachstellen – Authentifizierungsumgehung in Nvidias Triton Inference Server

May 26, 2026 8:00 AM

Tags: nvidia, vulnerability

First seen on security-insider.de Jump to article: www.security-insider.de/nvidia-triton-inference-server-kritische-sicherheitsluecke-update-r26-03-a-52a093ac34ffb0de811c1c67034cc3fe/
Cisco refines its risk-based vulnerability disclosure for the AI era

May 25, 2026 6:00 PM

Tags: ai, cisco, risk, update, vulnerability

Security teams already struggle with long lists of vulnerabilities and limited time to patch them. Cisco believes AI could increase that pressure by accelerating vulnerability … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/25/cisco-risk-based-vulnerability-disclosure-ai/
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

May 25, 2026 3:00 PM

Tags: api, attack, cve, data, exploit, flaw, injection, malicious, sql, threat, vulnerability

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost’s Content API that could allow an unauthenticated attacker to read arbitrary…
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

May 25, 2026 3:00 PM

Tags: api, attack, cve, data, exploit, flaw, injection, malicious, sql, threat, vulnerability

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost’s Content API that could allow an unauthenticated attacker to read arbitrary…
The AI Era Is Creating a Bug Hunting Arms Race

May 25, 2026 1:02 PM

Tags: ai, exploit, software, vulnerability

As attackers ramp up their AI exploit development, the search for software vulnerabilities is changing rapidly. First seen on wired.com Jump to article: www.wired.com/story/the-ai-era-is-creating-a-bug-hunting-arms-race/
Messenger-App: Schwachstelle in Signal kann Datenlöschung verhindern

May 25, 2026 1:02 PM

Tags: vulnerability

Wegen einer Schwachstelle beim Logging von Löschanfragen könnten Signal-Nachrichten auch nach Jahren wiederherstellbar sein. First seen on golem.de Jump to article: www.golem.de/news/messenger-app-schwachstelle-in-signal-kann-datenloeschung-verhindern-2605-209008.html
CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks

May 25, 2026 12:00 PM

Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, risk, sql, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in the wild. The flaw has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling a high risk to organizations using affected Drupal deployments.…
(g+) ActiveMQ Jolokia Code-Injection: Schwachstelle Message Broker

May 25, 2026 11:00 AM

Tags: apache, api, cve, injection, vulnerability

CVE-2026-34197 in Apache ActiveMQ wird aktiv ausgenutzt. Die Schwachstelle liegt in der Jolokia-API, in einigen Versionen ist keine Authentisierung nötig. Was zu tun ist. First seen on golem.de Jump to article: www.golem.de/news/activemq-jolokia-code-injection-schwachstelle-message-broker-2605-208974.html
Wireshark 4.6.6 Resolves ROHC Parser and Buffer Overflow Vulnerabilities

May 25, 2026 10:00 AM

Tags: flaw, monitoring, update, vulnerability

The Wireshark Foundation has released Wireshark 4.6.6, delivering an important round of security and stability updates that address a serious Dissector Crash vulnerability tied to the ROHC protocol parser, along with a separate global-buffer-overflow flaw affecting MACsec traffic analysis. The release focuses heavily on improving reliability for users handling untrusted packet captures and production monitoring…
IT-Sicherheit: Wenn der Roboterschwarm das Haus durchsucht

May 25, 2026 10:00 AM

Tags: ceo, cyberattack, open-source, vulnerability

Der Druck auf Unternehmen und Behörden wächst: mehr Angriffe, mehr Schwachstellen, mehr regulatorische Vorgaben. Gleichzeitig wird die IT-Landschaft immer unübersichtlicher durch Schatten-IT, veraltete Systeme oder fehlende Prozesse. Im Gespräch erklären KIX-CEO Rico Barth und Greenbone-CEO Elmar Geese, warum die Zahl der Sicherheitslücken explodiert, weshalb Open Source bei IT-Security ein Vertrauensfaktor ist und wieso… First seen…
OpenHack: Open-source AI-powered vulnerability research

May 25, 2026 8:01 AM

Tags: ai, open-source, vulnerability

Source-guided vulnerability research increasingly leans on coding harnesses such as Claude Code, Codex, and Cursor to drive agent-based reviews of application code. A new … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/25/openhack-open-source-ai-powered-vulnerability-research/
Nginx-poolslip Flaw Exposes Servers to DoS and Code Execution Attacks

May 25, 2026 8:01 AM

Tags: attack, cve, cyber, dos, flaw, service, vulnerability

NGINX users are facing a critical security issue after F5 disclosed a new vulnerability, tracked as CVE-2026-9256, affecting the widely used ngx_http_rewrite_module. The flaw, dubbed “Nginx-poolslip,” can allow attackers to trigger denial-of-service (DoS) conditions and, under certain conditions, achieve remote code execution. Nginx-poolslip Flaw The issue originates from improper handling of overlapping PCRE (Perl-Compatible Regular…
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

May 24, 2026 5:00 PM

Tags: attack, exploit, flaw, injection, malicious, sql, vulnerability

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/
Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious

May 24, 2026 12:00 PM

Tags: ai, cybersecurity, update, vulnerability

Anthropic said its AI Project Glasswing found over 10,000 serious vulnerabilities in one month, exposing a growing patching gap. Anthropic announced on Friday that Project Glasswing, its defensive cybersecurity initiative built around Claude Mythos Preview, has uncovered more than 10,000 high- or critical-severity vulnerabilities in the month since the program went live. The number is…
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog

May 24, 2026 11:00 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, update, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May…
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog

May 24, 2026 11:00 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, update, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May…
CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack

May 23, 2026 8:00 PM

Tags: attack, cve, exploit, flaw, injection, sql, update, vulnerability

Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The project maintainers warned ahead of the release that exploits could surface within hours or…