Tag: vulnerability
-
F5 Patches NGINX Vulnerability Enabling Code Execution and DoS Attacks
F5 has released an out-of-band security notification addressing multiple high”‘severity vulnerabilities in NGINX components that can enable remote code execution (RCE) and denial”‘of”‘service (DoS) attacks in certain configurations, urging customers to patch or upgrade affected deployments immediately. On June 17, 2026, F5 issued an out-of-band security notification (K000161614) summarizing several high- and medium-severity flaws across…
-
Get Out of Security Debt by Tackling the Exposure Problem
Teams digging out of security debt need to answer only two simple questions: Which vulnerabilities in our systems are exposed, and how long should they stay that way? First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/security-debt-tackle-exposure-problem
-
Hackers Exploit WordPress SMTP Plugin With 100,000+ Installs to Steal Sensitive Data
Threat actors are actively exploiting a critical security flaw in the widely used Gravity SMTP WordPress plugin to extract sensitive configuration data, including API keys and authentication tokens. The vulnerability, tracked as CVE-2026-4020 with a CVSS score of 5.3, affects all versions up to and including 2.1.4 and exposes more than 100,000 websites to potential…
-
Splunk AI Toolkit Vulnerability Allows Arbitrary OS Command Execution
Splunk has disclosed a critical security vulnerability in its AI Toolkit that could allow authenticated administrators to execute arbitrary operating system commands on affected systems, raising significant concerns for enterprises that rely on Splunk for security analytics and automation. The flaw, tracked as CVE-2026-20266, affects Splunk AI Toolkit versions before 5.7.4 and has been assigned…
-
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on June 16, 2026, and is already drawing attention due to its reliability and ability to…
-
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on June 16, 2026, and is already drawing attention due to its reliability and ability to…
-
Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads
A novel evolution of LLMjacking: a threat actor leveraging a publicly exposed Ollama model server as the reasoning engine for an automated, multi-stage offensive framework. Rather than using the model for chat or resale, the attacker integrated unauthenticated model inference into a VAPT-style pipeline that scans targets, maps vulnerabilities, synthesizes proof-of-concept exploits, and attempts command…
-
Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads
A novel evolution of LLMjacking: a threat actor leveraging a publicly exposed Ollama model server as the reasoning engine for an automated, multi-stage offensive framework. Rather than using the model for chat or resale, the attacker integrated unauthenticated model inference into a VAPT-style pipeline that scans targets, maps vulnerabilities, synthesizes proof-of-concept exploits, and attempts command…
-
Microsoft Teams als Tarnung: Ransomware-Bande versteckt Datenverkehr
Die DragonForce-Ransomware nutzt eine Schwachstelle in Microsoft Teams, um den Datenverkehr zu ihren Steuerungsservern unbemerkt zu tarnen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/teams-ransomware
-
Windows Defender Vulnerability Exposed as RoguePlanet PoC Spreads Online
A newly disclosed Windows Defender vulnerability, tracked as CVE-2026-50656 and dubbed RoguePlanet, has raised concerns across the cybersecurity community after a working proof-of-concept (PoC) exploit was released before a security patch became available. The exploit was published on GitHub by security researcher Nightmare Eclipse on June 10, 2026, only hours after Microsoft issued its June Patch Tuesday updates. First seen…
-
Miggo adds SSVC scoring as CISA moves beyond CVSS-based vulnerability prioritization
First seen on scworld.com Jump to article: www.scworld.com/brief/miggo-adds-ssvc-scoring-as-cisa-moves-beyond-cvss-based-vulnerability-prioritization
-
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the Microsoft Malware Protection Engine. The company stated it is aware of the issue and is…
-
The Gentlemen Ransomware Gang Standardizes EDR Killing
Eset Links Group’s Growth to Integrated Endpoint-Killing Tools. Eset researchers say the rapidly growing Gentlemen ransomware operation differentiates itself by supplying affiliates with a standardized EDR-killer suite that disables security tools, quickly incorporates newly disclosed vulnerable drivers and helps scale attacks across multiple regions worldwide. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/gentlemen-ransomware-gang-standardizes-edr-killing-a-32007
-
Hostile states launched nearly 200 attacks on UK infrastructure in five months, says NCSC chief
Hackers will use AI-enabled cyber capabilities to exploit known vulnerabilities in legacy technology at scale by 2028, says National Cyber Security Centre CEO Richard Horne First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644872/Hostile-states-launched-200-attacks-on-UK-infrastructure-in-five-months-says-NCSC-chief
-
Hostile states launched nearly 200 attacks on UK infrastructure in five months, says NCSC chief
Hackers will use AI-enabled cyber capabilities to exploit known vulnerabilities in legacy technology at scale by 2028, says National Cyber Security Centre CEO Richard Horne First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644872/Hostile-states-launched-200-attacks-on-UK-infrastructure-in-five-months-says-NCSC-chief
-
AWS Continuum brings AI models to code vulnerability management
AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/18/aws-continuum-for-code-vulnerabilities/
-
F5 issues outband patches for critical NGINX vulnerabilities
Cybersecurity company F5 has released out-of-band security updates to address multiple NGINX web server vulnerabilities, including two critical-severity flaws that could allow attackers to execute code on vulnerable systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/f5-issues-out-of-band-patches-for-critical-nginx-vulnerabilities/
-
AWS Launches Continuum to Detect and Fix Code Vulnerabilities at Machine Speed
AWS has introduced “Continuum,” a new security capability designed to detect, validate, and remediate code vulnerabilities at machine speed, signaling a shift away from traditional telemetry-heavy security models toward automated, context-driven remediation. Announced on June 17, 2026, in a gated preview, AWS Continuum leverages advanced AI models to address the growing volume of vulnerabilities generated…
-
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Microsoft has formally disclosed that it’s working to release a patch to address a Defender zero-day codenamed RoguePlanet.The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw.”Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in…
-
Hostile states launched 200 attacks on UK infrastructure in five months, says NCSC chief
Hackers will use AI-enabled cyber capabilities to exploit known vulnerabilities in legacy technology at scale by 2028, says National Cyber Security Centre CEO Richard Horne First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644872/Hostile-states-launched-200-attacks-on-UK-infrastructure-in-five-months-says-NCSC-chief
-
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April
Multiple firms have observed active exploitation of the FortiSandbox defects, and warn that the attacks originate from multiple sources, not a single campaign. First seen on cyberscoop.com Jump to article: cyberscoop.com/fortinet-fortisandbox-vulnerabilities-exploits/
-
Critical vulnerabilities in Fortinet FortiSandbox are under exploitation
An OS command-injection flaw was disclosed earlier this month, according to researchers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-vulnerabilities-fortinet-fortisandbox-exploitation/823027/
-
U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Widget Factory Joomla Content Editor (JCE) flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Widget Factory Joomla Content Editor (JCE) flaw, tracked as CVE-2026-48907 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. >>A vulnerability in the JCE…
-
AWS Unveils Continuum to Fight Vulnerability Backlog
Autonomous Remediation Tools Advance. Cloud computing mainstay Amazon Web Services has taken a look at the vulnerability apocalypse and pronounced it fit for a business opportunity. Today the Seattle company entered a new battleground of platforms with the launch of its new family of security agents that it calls Continuum. First seen on govinfosecurity.com Jump…
-
Google Cloud Vertex AI Vulnerability Lets Attackers Take Over and Poison AI Models
A critical vulnerability in Google Cloud’s Vertex AI has been discovered, allowing attackers to hijack machine learning model uploads, poison artifacts, and achieve cross-tenant remote code execution (RCE) without any prior access to the victim’s environment. Dubbed “Pickle in the Middle” by researchers from Palo Alto Networks’ Unit 42, this flaw affects the Python SDK…
-
Google Cloud Vertex AI Vulnerability Lets Attackers Take Over and Poison AI Models
A critical vulnerability in Google Cloud’s Vertex AI has been discovered, allowing attackers to hijack machine learning model uploads, poison artifacts, and achieve cross-tenant remote code execution (RCE) without any prior access to the victim’s environment. Dubbed “Pickle in the Middle” by researchers from Palo Alto Networks’ Unit 42, this flaw affects the Python SDK…
-
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop, like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication, anything internet-facing is immediately at risk.With time-to-exploit now down to…
-
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop, like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication, anything internet-facing is immediately at risk.With time-to-exploit now down to…
-
2026 World Cup billed as ‘largest entertainment attack surface in history’
With the tournament underway across North America, Palo Alto Networks warns that temporary supplier ecosystems, vulnerable municipal infrastructure and geopolitical tensions are creating risks for enterprises and fans First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644594/2026-World-Cup-billed-as-largest-entertainment-attack-surface-in-history
-
The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects
Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/chainguard-athena-coalition-fix-open-source-vulnerabilities/