Tag: vulnerability
-
PHP SOAP Extension Flaw Could Let Attackers Execute Code Remotely
Recently disclosed vulnerabilities in PHP, particularly within its widely used SOAP extension, have raised significant alarms across the cybersecurity community. Among the newly identified flaws is a high-severity vulnerability that could permit attackers to achieve Remote Code Execution (RCE) on affected servers. Several other moderate-severity flaws, including Use-After-Free (UAF) bugs, NULL pointer dereferences, and out-of-bounds…
-
Microsoft 365 Copilot Flaws Could Let Attackers Access Sensitive Data
Microsoft has disclosed a trio of critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. Released on May 7, 2026, these security flaws pose a substantial risk to enterprise data privacy and corporate confidentiality. If successfully exploited, malicious actors could bypass established security boundaries to access sensitive information processed, summarized,…
-
Sandboxie Escape Flaw Could Let Attackers Gain SYSTEM-Level Privileges
Security researchers have exposed critical sandbox escape vulnerabilities in Sandboxie and Sandboxie-Plus that allow attackers to gain full SYSTEM-level privileges. We strongly urge users to update to version 1.17.5, which was recently patched, to mitigate these severe execution threats. A series of catastrophic security vulnerabilities has been exposed in Sandboxie and Sandboxie-Plus, allowing threat actors…
-
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program
Tags: ai, attack, ceo, cyber, cybersecurity, exploit, framework, github, Hardware, identity, infrastructure, Internet, penetration-testing, RedTeam, risk, threat, tool, vulnerability, zero-dayIdentity, who the AI agent is.Scope, what it is authorized to do.Attestation, whether it or its instructions have been tampered with.Delegation, who delegated authority.Revocation, whether that authority has been revoked.”Every AI agent on the internet today is a stranger. You don’t know who it is, what it’s authorized to do, or whether it’s been tampered…
-
PoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell Access
Tags: access, android, cve, cyber, exploit, flaw, github, google, remote-code-execution, vulnerabilityPublic references indicate that a GitHub proof-of-concept is now circulating for CVE-2026-0073, the critical Android flaw documented in Google’s May 2026 security bulletin, raising the urgency for defenders with wireless ADB enabled on test or production devices. Google and multiple security reports describe the issue as a no-interaction remote code execution vulnerability in Android’s adbd…
-
Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads
Part of a broader AI supply chain targeting: HiddenLayer, in its advisory, said that it identified six additional Hugging Face repositories uploaded under a separate account that used nearly identical loader logic and shared infrastructure with the campaign.The researchers also linked elements of the operation to earlier software supply-chain attacks involving npm typosquatting campaigns and…
-
Ollama OutBounds Read Vulnerability Allows Remote Process Memory Leak
Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a remote, unauthenticated attacker to leak its entire process memory.The out-of-bounds read flaw, which likely impacts over 300,000 servers globally, is tracked as CVE-2026-7482 (CVSS score: 9.1). It has been codenamed Bleeding Llama by Cyera.Ollama is a First seen…
-
New ‘Dirty Frag’ exploit targets Linux kernel for root access
Tags: access, attack, control, cve, exploit, linux, malicious, microsoft, mitigation, monitoring, switch, tool, vulnerabilityAttackers are already exploiting Dirty Frag: Microsoft warned that Dirty Frag is already being actively exploited in the wild, primarily as a post-compromise privilege escalation tool. The company said attackers are using the vulnerability after obtaining an initial foothold on vulnerable Linux systems, allowing them to elevate privileges from a low-level user account to full…
-
Rushed Patches Follow Broken Embargo on New Linux Kernel Vulnerabilities
Two new high-severity vulnerabilities, dubbed ‘Dirty Frag’ when chained, have been found in the Linux kernel, affecting most Linux distributions First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dirty-frag-linux-kernel/
-
8 guiding principles for reskilling the SOC for agentic AI
Tags: ai, automation, business, ciso, cyber, cybersecurity, data, governance, incident response, jobs, penetration-testing, sans, skills, soc, technology, tool, training, update, vulnerability, vulnerability-managementSet the tone from the top: The second principle for reskilling security teams for agentic AI is all about leadership.As Baker says, CISOs must set the tone. That means building a culture of rapid experimentation, iteration, and innovation. “Fail fast and move forward,” he says.A key aspect of CISO leadership is understanding the needs of…
-
AI-powered hacking has exploded into industrial-scale threat, Google says
Criminal groups and state-linked actors appear to be using commercial models to refine and scale up attacks<ul><li><a href=”https://viewer.gutools.co.uk/business/live/2026/may/11/uk-economy-job-losses-iran-war-oil-pound-bonds-politics-starmer-live-updates”>Business live latest updates</li></ul>In just three months, AI-powered hacking has gone from a nascent problem to an industrial-scale threat, according to a report from Google.The findings from Google’s threat intelligence group add to an intensifying, global discussion about…
-
1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution
Tags: ai, attack, authentication, breach, cloud, control, credentials, data, data-breach, defense, exploit, framework, governance, identity, infrastructure, Internet, LLM, malicious, monitoring, network, risk, service, supply-chain, threat, tool, vulnerability, zero-trustThe epistemological chasm: What renders MCP vulnerabilities particularly vexatious is the fundamental asymmetry they exploit between machine cognition and human oversight.Tool poisoning attacks insert malevolent instructions into tool metadata that LLMs process with complete fidelity but that remain utterly invisible to human operators. The machine perceives everything; its ostensible supervisors perceive nothing. We have unwittingly…
-
CatoFrameworks – Schwachstellen in Nvidia NeMo und Meta PyTorch
First seen on security-insider.de Jump to article: www.security-insider.de/schwachstellen-ki-frameworks-nvidia-nemo-meta-pytorch-a-b22f685a0139a7d6c6463175b8ca4d7b/
-
<> von Google zeigt, wie Angreifer KI missbrauchen
Die Google Threat Intelligence Group (GTIG) hat ihren neuen Bericht ‘AI Threat Tracker” veröffentlicht. Dieser beschreibt detailliert die aktuellen Methoden von Angreifern und zeigt, dass diese nicht mehr nur mit künstlicher Intelligenz (KI) experimentieren, sondern die Technologie im großen Maßstab einsetzen. Die erste von einer KI entwickelte Zero-Day-Schwachstelle Google hat einen Zero-Day-Exploit (eine Umgehung […]…
-
Angreifer nutzen bekannte Schwachstellen schneller und systematischer aus, als viele Organisationen reagieren können
‘Die aktuellen Angriffe auf tausende cPanel-/WHM-Instanzen in Deutschland zeigen erneut, wie schnell sich das Risiko aus einer einzelnen kritischen Schwachstelle in eine breit angelegte Angriffskampagne verwandeln kann”, so Jörg Vollmer, General Manager Field Operations DACH und CEE bei Qualys. Aus Sicht von Qualys ist dabei weniger die Schwachstelle selbst überraschend, sondern die Dynamik, mit der Angreifer…
-
9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems
The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks. First seen on hackread.com Jump to article: hackread.com/9-year-old-dirty-frag-vulnerability-root-access-linux/
-
U.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in BerriAI LiteLLM, tracked as CVE-2026-42208 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. At the end of April, attackers rapidly exploited the critical…
-
New cPanel vulnerabilities could allow file access and remote code execution
cPanel fixed three flaws that could allow file reads, code execution, and privilege escalation. No active exploitation has been reported yet. cPanel has released security updates to fix three vulnerabilities affecting cPanel & WHM that could allow attackers to read files, execute code, or escalate privileges on vulnerable systems. Below are the descriptions for these…
-
May 2026 Patch Tuesday forecast: AI starts driving security industry changes
Project Glasswing. This is one of three major security industry changes I’ll cover today. The Anthropic Mythos vulnerability discovery model has already proven to be game … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/08/may-2026-patch-tuesday-forecast/
-
PoC Exploit Released for Dirty Frag Linux Kernel Vulnerability
A proof-of-concept exploit for a new Linux kernel vulnerability class dubbed >>Dirty Frag<<. This universal local privilege escalation vulnerability allows attackers to obtain root access across most major Linux distributions reliably. Because a third party unexpectedly broke the responsible disclosure embargo, the exploit is now public without official patches or an assigned Common Vulnerabilities and…
-
Multiple Critical Flaws Fixed in Next.js and React Server Components
Vercel has rolled out vital security updates for Next.js to address a wave of high-severity vulnerabilities affecting versions across the 13.x to 16.x branches. Published via GitHub advisories by Tim Neutkens, these flaws expose web applications to severe risks, including unauthenticated Denial of Service (DoS), Server-Side Request Forgery (SSRF), and multiple middleware authentication bypasses. The…
-
EUVD-2026-18480 / CVE-2026-35414 – OpenSSH-Schwachstelle ermöglicht Root-Zugriff
First seen on security-insider.de Jump to article: www.security-insider.de/openssh-schwachstelle-root-login-update-10-3-a-5bee2a7f668462c6530ec7dd4ba0ffa5/
-
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
VM.run() can obtain host process object and runs host commands with zero co-operation from the host.However, researchers at Socket told us in an email that the advisory about this escape says it has been confirmed only on Node.js 25.6.1, and requires a Node.js version with WebAssembly exception handling and JSTag support.The highest-risk scenario, they said, would be an…
-
Canvas login portals hacked in mass ShinyHunters extortion campaign
The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting another vulnerability to deface Canvas login portals for hundreds of colleges and universities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/canvas-login-portals-hacked-in-mass-shinyhunters-extortion-campaign/
-
Ollama vulnerability highlights danger of AI frameworks with unrestricted access
Tags: access, ai, api, authentication, credentials, framework, Internet, mitigation, network, tool, update, vulnerabilityMitigation: Users should update to Ollama version 0.17.1, which includes a patch for this vulnerability. More generally, they should deploy an authentication proxy or API gateway in front of all Ollama instances and never expose them to the internet without IP access filters and firewalls.”If your Ollama server was internet-accessible, assume environment variables and secrets…
-
Mozilla says 271 vulnerabilities found by Mythos have almost no false positives
The developer of Firefox says it has “completely bought in” on AI-assisted bug discovery. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2026/05/mozilla-says-271-vulnerabilities-found-by-mythos-have-almost-no-false-positives/
-
CrowdStrike Partners: AI Vulnerability Surge Means It’s Time To ‘Pick A Platform’ In Security
The combination of a fast-moving platform vendor like CrowdStrike and advanced security services will be critical for being able to protect customers in the coming era of AI-accelerated exploitation of vulnerabilities, according to executives from top CrowdStrike partners. First seen on crn.com Jump to article: www.crn.com/news/security/2026/crowdstrike-partners-ai-vulnerability-surge-means-it-s-time-to-pick-a-platform-in-security
-
U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, mobile, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-6973 (CVSS score of 7.1), to its Known Exploited Vulnerabilities (KEV) catalog. Ivanti warns customers…
-
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1.It allows “a remotely authenticated user with administrative access to achieve remote code…
-
Cisco patches high-severity flaws enabling SSRF, code execution attacks
Cisco fixed several high”‘severity flaws in its enterprise products, including SSRF bugs in Unity Connection that could enable code execution or service disruption. Cisco released patches for multiple high”‘severity vulnerabilities affecting its enterprise products. Successful exploitation could allow code execution, server”‘side request forgery (SSRF), or denial”‘of”‘service attacks. Two notable flaws, CVE”‘2026″‘20034 and CVE”‘2026″‘20035, impact Cisco…