Tag: vulnerability
-
OpenClaw Vulnerabilities Could Enable Full AI Agent Takeover
Cyera disclosed four OpenClaw flaws that could enable AI agent compromise and privilege escalation. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/openclaw-vulnerabilities-could-enable-full-ai-agent-takeover/
-
OpenClaw Vulnerabilities Could Enable Full AI Agent Takeover
Cyera disclosed four OpenClaw flaws that could enable AI agent compromise and privilege escalation. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/openclaw-vulnerabilities-could-enable-full-ai-agent-takeover/
-
AI is drowning software maintainers in junk security reports
AI-assisted vulnerability research has exploded, unleashing a firehose of low-quality reports on overworked software maintainers who are wasting hours sifting through noise … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/problems-with-ai-assisted-vulnerability-research/
-
Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on Saturday. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/ngnix-vulnerability-exploited-cve-2026-42945/
-
‘Patched’ Windows bug resurfaces 6 years later as working SYSTEM-level exploit
Nightmare-Eclipse’s Windows disclosure spree keeps growing: MiniPlasma is only the latest entry in what has become one of 2026’s most chaotic Windows disclosure runs.The spree began with BlueHammer, a Windows Defender privilege escalation flaw later assigned CVE-2026-33825. That was followed by RedSun and UnDefend, two additional Windows privilege escalation and denial-of-service disclosures. Huntress later reported…
-
Gamaredon Deploys GammaDrop, GammaLoad in Phishing Campaigns
Gamaredon Uses GammaDrop and GammaLoad Downloaders in Multi-Stage Phishing Attacks. A sustained cyber-espionage campaign linked to the Gamaredon threat group is actively targeting Ukrainian government entities using multi-stage phishing attacks and evolving malware loaders. Gamaredon, also known as UAC-0010 or Shuckworm, continues to exploit CVE-2025-8088, a directory traversal vulnerability in WinRAR that allows attackers to…
-
Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks
Tags: attack, cve, cyber, cybersecurity, exploit, flaw, hacker, open-source, remote-code-execution, vulnerabilityA newly disclosed vulnerability in NGINX is already being actively exploited, raising serious concerns across the global cybersecurity community. Tracked as CVE-2026-42945, the flaw affects both NGINX Open Source and NGINX Plus, potentially allowing attackers to crash servers or execute remote code under specific conditions. Security researcher Patrick Garrity of VulnCheck revealed that exploitation attempts…
-
Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks
Tags: attack, cve, cyber, cybersecurity, exploit, flaw, hacker, open-source, remote-code-execution, vulnerabilityA newly disclosed vulnerability in NGINX is already being actively exploited, raising serious concerns across the global cybersecurity community. Tracked as CVE-2026-42945, the flaw affects both NGINX Open Source and NGINX Plus, potentially allowing attackers to crash servers or execute remote code under specific conditions. Security researcher Patrick Garrity of VulnCheck revealed that exploitation attempts…
-
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Tags: authentication, control, cvss, exploit, flaw, fortinet, injection, ivanti, rce, remote-code-execution, sap, sql, update, vmware, vulnerabilityIvanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.”External control of a file…
-
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Tags: authentication, control, cvss, exploit, flaw, fortinet, injection, ivanti, rce, remote-code-execution, sap, sql, update, vmware, vulnerabilityIvanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.”External control of a file…
-
Security Researchers Find 47 Zero-Days at Pwn2Own Berlin
The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/security-researchers-47-zerodays/
-
Critical Marimo RCE Flaw Could Let Attackers Execute Malicious Code Remotely
A newly disclosed critical vulnerability in the Marimo Python notebook framework is raising serious alarms across the cybersecurity community, as it allows attackers to execute arbitrary commands remotely, without authentication. Tracked as CVE-2026-39987, the flaw exposes a WebSocket endpoint that can be abused to spawn a system-level shell, potentially leading to full infrastructure compromise. Marimo RCE…
-
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched Windows systems.Codenamed MiniPlasma, the vulnerability impacts “cldflt.sys,” which refers to the Windows Cloud Files Mini Filter Driver, First seen on thehackernews.com…
-
n8n Security Flaws Could Let Attackers Achieve Remote Code Execution
A set of critical vulnerabilities in the popular workflow automation platform n8n has raised serious security concerns, with researchers warning that attackers could chain multiple flaws to achieve full remote code execution (RCE) on affected systems. The issues, disclosed in multiple GitHub Security Advisories, impact n8n versions before 1.123.43, 2.20.7, and 2.22.1. All vulnerabilities require…
-
Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945
A critical NGINX flaw (CVE-2026-42945) is actively exploited, allowing crashes or possible code execution via malicious HTTP requests. A critical vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945 (CVSS v4 score of 9.2), is already being actively exploited shortly after disclosure. >>We’re seeing active exploitation of CVE-2026-42945 in F5 NGINX, a heap buffer…
-
Exploit available for new DirtyDecrypt Linux root escalation flaw
A recently patched local privilege escalation vulnerability in the Linux kernel’s rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploit-available-for-new-dirtydecrypt-linux-root-escalation-flaw/
-
Exploit available for new DirtyDecrypt Linux root escalation flaw
A recently patched local privilege escalation vulnerability in the Linux kernel’s rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploit-available-for-new-dirtydecrypt-linux-root-escalation-flaw/
-
1 Million WordPress Websites Exposed by Avada Builder Security Vulnerabilities
A widely used WordPress plugin powering over one million websites has been found vulnerable to two serious security flaws that could expose sensitive data and server files. Security researchers warn that the issues in the Avada Builder plugin could allow both authenticated and unauthenticated attackers to compromise affected sites. The vulnerabilities, discovered by researcher Rafie…
-
1 Million WordPress Websites Exposed by Avada Builder Security Vulnerabilities
A widely used WordPress plugin powering over one million websites has been found vulnerable to two serious security flaws that could expose sensitive data and server files. Security researchers warn that the issues in the Avada Builder plugin could allow both authenticated and unauthenticated attackers to compromise affected sites. The vulnerabilities, discovered by researcher Rafie…
-
Critical FunnelKit Vulnerability Puts 40,000+ WooCommerce Sites at Risk
A critical security vulnerability in the Funnel Builder plugin by FunnelKit is actively being exploited, putting more than 40,000 WooCommerce websites at risk of payment data theft. The vulnerability affects all Funnel Builder versions prior to 3.15.0.3 and allows unauthenticated attackers to inject arbitrary JavaScript into WooCommerce checkout pages. Funnel Builder is widely used to…
-
Findet Microsoft endlich die eigenen Schwachstellen?
Bei KI-Cybersecurity-Systemen ist die Auswahl der zugrunde liegenden KI-Modelle eine wichtige strategische Entscheidung. Microsofts neues MDASH-Cybersecurity-KI-System verschiebt derzeit die Grenzen, denn als agentisches Multi-Model-System werden verschiedene KI-Modelle und Agenten gleichzeitig ins Rennen geschickt. Im KI”‘Sicherheitsbenchmark von CyberGym, unterstützt vom Center for Responsible, Decentralized Intelligence der UC Berkeley, hat Microsofts MDASH die Spitzenposition übernommen und Mythos……
-
AI shrinks vulnerability exploitation window to hours
Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Synack’s 2026 State … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/synack-2025-ai-driven-vulnerability-trends-report/
-
Claude Code Vulnerability Allows Attackers to Run Commands Through Crafted Deeplinks
A recently disclosed flaw in Claude Code allowed attackers to execute arbitrary system commands using a single crafted deeplink URL, turning a convenience feature into a remote code execution (RCE) vector. The issue, documented by security researcher Joernchen, has been fixed in Claude Code version 2.1.118, but demonstrates how subtle CLI parsing mistakes can have…
-
EUVD-2026-28396 / CVE-2026-6973 – Ivanti EPMM-Schwachstelle in Zero-Day-Angriffen ausgenutzt
First seen on security-insider.de Jump to article: www.security-insider.de/ivanti-epmm-zero-day-cve-2026-6973-aktiv-ausgenutzt-a-97f2a7459c9c680d8e986bdb1dd2d342/
-
When ransomware hits, confidence doesn’t restore endpoints
Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/absolute-security-cisos-ransomware-pressure-report/
-
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck.The vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buffer overflow in ngx_http_rewrite_module affecting NGINX versions 0.6.27 through 1.30.0. According to AI-native security company depthfirst, the First…
-
Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores
Attackers are exploiting a critical flaw in the WordPress Funnel Builder plugin to inject skimming code into WooCommerce checkout pages. A critical vulnerability in the WordPress Funnel Builder plugin is being actively exploited to inject malicious JavaScript into WooCommerce checkout pages, according to Sansec researchers. Funnel Builder by FunnelKit is a checkout and upsell plugin…
-
Microsoft rejects critical Azure vulnerability report, no CVE issued
A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that “no product changes were made,” despite the researcher documenting a silent fix. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-rejects-critical-azure-vulnerability-report-no-cve-issued/
-
U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, threat, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-42897 (CVSS score of 8.1), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft warned that threat actors are…
-
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages with the goal of stealing payment data. Details of the activity were published by Sansec this week. The vulnerability currently does not have an official CVE identifier.…