Tag: vulnerability
-
AryStinger Botnet Uses Intranet Scanning and Traffic Tunneling to Hide Attacker Activity
A newly analyzed botnet family, AryStinger, weaponizes long”‘neglected routers and NAS appliances to build a stealthy reconnaissance and relay infrastructure that helps attackers obscure origin and extend lateral reach. AryStinger leverages decade”‘old vulnerabilities in RTL819X”‘based routers and a more feature”‘rich Go”‘implemented “Standard” branch on NAS devices to perform distributed scanning, intranet discovery, and traffic tunneling…
-
4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware
AryStinger hijacks outdated routers via old flaws, turning 4,300+ devices into a stealth network for reconnaissance and intrusion support. On March 12, 2026, QiAnXin’s XLab threat detection system flagged a single IP address, 107.150.106.14, spreading a Linux binary through two vulnerabilities that were disclosed in 2013 and 2016 respectively. The binary had zero detections on…
-
Beats Studio Buds Vulnerability Lets Attackers Within Bluetooth Range Access Microphone
Apple has revealed a significant security vulnerability affecting Beats Studio Buds, which could allow attackers within Bluetooth range to access a device’s microphone without user consent. This issue, identified as CVE-2025-20701, was addressed in Beats Firmware Update 1B211, released on June 16, 2026. According to Apple’s advisory, the flaw impacts devices that are not yet…
-
GitHub Actions Checkout Adds Protection Against Malicious pull_request_target Workflows
GitHub has implemented a major security enhancement in its Actions ecosystem with the release of actions/checkout v7, which aims to address a long-standing class of vulnerabilities known as “pwn requests.” This update was announced on June 18, 2026, and introduces safer defaults for workflows triggered by the pull_request_target event. This event is one of the…
-
pgAdmin 4 Released with Patches for Seven Vulnerabilities and Feature Enhancements
pgAdmin 4 version 9.16 has been released by the pgAdmin Development Team, introducing significant security improvements along with feature enhancements and bug fixes. This update addresses seven vulnerabilities, tracked as CVE-2026-12044 through CVE-2026-12050, and includes 64 bug fixes and various usability upgrades. As one of the most widely used open-source management tools for PostgreSQL environments,…
-
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that’s installed on about 100,000 sites.The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens First seen…
-
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-info-disclosure-bug-in-gravity-smtp-wordpress-plugin/
-
AWS Unveils ‘Continuum,’ an AI-Powered Vulnerability Management Platform
Working with frontier AI models, this new platform aims to help discovering, prioritizing, validating and remediating code vulnerabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/aws-continuum-ai-vulnerability/
-
CVE-2026-48907 and LiteSpeed cPanel Plugin Flaws Come Under Active Attack
Security researchers and software vendors warn that attackers are actively exploiting vulnerabilities in both Joomla and the LiteSpeed cPanel plugin, posing significant risks to website administrators and shared hosting environments. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-48907-joomla-jce-litespeed-cpanel/
-
U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday
Tags: authentication, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, service, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Splunk Enterprise flaw, tracked as CVE-2026-20253 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The flaw CVE-2026-20253 is an improper authentication vulnerability in the PostgreSQL sidecar service of…
-
Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)
CISA has added CVE-2026-20253, a critical, remotely exploitable vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog, and ordered US federal … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/19/splunk-vulnerability-cve-2026-20253-exploited/
-
Splunk Enterprise flaw actively exploited, patch by Sunday
CISA has urged U.S. federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-splunk-enterprise-flaw-actively-exploited-patch-by-sunday/
-
Critical Chrome Extension Vulnerabilities Let Attackers Easily Compromise Browsers
A critical security flaws in widely used Chrome extensions, exposing millions of users to the risk of full browser compromise. The vulnerabilities, named >>MaXSS<>Spyder,<< affect popular AI-powered extensions SiderAI and MaxAI, which together have more than 10 million installations across Chrome and other Chromium-based browsers. These issues transform these convenience-oriented AI helpers into […] The…
-
Critical WordPress Plugin Bug Could Allow File Deletion Attacks on 1 Million Sites
A serious security vulnerability has been uncovered in the widely used Avada (Fusion) Builder WordPress plugin. This flaw could enable unauthenticated attackers to delete arbitrary files and potentially compromise entire websites across more than one million installations. Identified as CVE-2026-8713 and assigned a CVSS score of 9.1, the vulnerability affects all plugin versions up to…
-
UEFI DBX Update Guidance Targets Vulnerable Vendor-Signed Boot Applications
A recently disclosed vulnerability inc, which affects UEFI applications signed by multiple vendors, has prompted urgent recommendations to update the UEFI Forbidden Signature Database (DBX). This issue, tracked as VU#457458 and published by CERT/CC on June 18, 2026, reveals a significant weakness in trusted firmware components. It could potentially allow attackers to execute arbitrary code…
-
Node.js Releases Security Updates for 12 Vulnerabilities, Two Rated High Severity
Node.js has announced critical security updates that address 12 vulnerabilities across its supported release lines. Among these, two high-severity flaws could lead to denial-of-service (DoS) conditions and authentication bypass. These updates, released on June 18, 2026, affect Node.js versions 22.x, 24.x, and 26.x. The patched versions are now available as v22.23.0, v24.17.0, and v26.3.1. Node.js…
-
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users.The vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization impacting the Airoha Bluetooth audio SDK that makes it possible to pair a Bluetooth audio device…
-
Apple releases security update for Beats Studio Buds vulnerability
First seen on scworld.com Jump to article: www.scworld.com/brief/apple-releases-security-update-for-beats-studio-buds-vulnerability
-
Apple releases security update for Beats Studio Buds vulnerability
First seen on scworld.com Jump to article: www.scworld.com/brief/apple-releases-security-update-for-beats-studio-buds-vulnerability
-
New research reveals physical system vulnerabilities in data centers
First seen on scworld.com Jump to article: www.scworld.com/brief/new-research-reveals-physical-system-vulnerabilities-in-data-centers
-
New research reveals physical system vulnerabilities in data centers
First seen on scworld.com Jump to article: www.scworld.com/brief/new-research-reveals-physical-system-vulnerabilities-in-data-centers
-
New research reveals physical system vulnerabilities in data centers
First seen on scworld.com Jump to article: www.scworld.com/brief/new-research-reveals-physical-system-vulnerabilities-in-data-centers
-
New research reveals physical system vulnerabilities in data centers
First seen on scworld.com Jump to article: www.scworld.com/brief/new-research-reveals-physical-system-vulnerabilities-in-data-centers
-
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
The vulnerability, disclosed 12 months ago, affects multiple manufacturers. First seen on arstechnica.com Jump to article: arstechnica.com/apple/2026/06/apple-patches-high-severity-eavesdropping-vulnerability-in-beats-studio-buds/
-
F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution
F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems.The vulnerabilities are listed below – CVE-2026-42530 (CVSS v4 score: 9.2) – A use-after-free vulnerability in the ngx_http_v3_module that could be triggered by a remote unauthenticated attacker when NGINX Open…
-
Hostile states launched nearly 200 attacks on UK infrastructure in 12 months, says NCSC chief
Hackers will use AI-enabled cyber capabilities to exploit known vulnerabilities in legacy technology at scale by 2028, says National Cyber Security Centre CEO Richard Horne First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644872/Hostile-states-launched-200-attacks-on-UK-infrastructure-in-five-months-says-NCSC-chief
-
Kritische Sicherheitslücke in Joomla JCE aktiv ausgenutzt
Die US-Behörde CISA warnt vor einer kritischen Schwachstelle im Joomla Content Editor. Angreifer können unauthentifiziert Schadcode ausführen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/joomla-jce-sicherheitsluecke
-
Cisco fixed a critical ISE vulnerability that lets attackers to gain root access
Cisco addressed CVE-2026-20181, a critical ISE vulnerability that lets authenticated admins execute commands and gain root access. Cisco addressed a critical command execution vulnerability, tracked as CVE-2026-20181 (CVSS score of 9.1), affecting Identity Services Engine (ISE) and ISE-PIC. The flaw stems from improper validation of user-supplied input, allowing an authenticated attacker with administrative credentials to…
-
F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution
F5 released emergency updates for critical NGINX flaws (CVE-2026-42530, CVE-2026-42055) that could enable unauthenticated code execution. F5 has issued out-of-band patches for multiple NGINX vulnerabilities, including two critical flaws, respectively tracked as CVE-2026-42530 and CVE-2026-42055 (CVSS 9.2). The bugs affect HTTP modules and can be exploited remotely without authentication to trigger memory corruption, potentially causing…