Tag: vulnerability
-
TBK DVR Vulnerability CVE-2024-3721 Exploited to Spread Nexcorium DDoS Malware
Hackers are actively exploiting a critical vulnerability in TBK digital video recorder (DVR) devices to deploy a new Mirai-based botnet called Nexcorium. The campaign leverages CVE-2024-3721, an OS command injection vulnerability, highlighting how poorly secured IoT devices continue to fuel large-scale distributed denial-of-service (DDoS) attacks. Threat actors exploit CVE-2024-3721 by manipulating the “mdb” and “mdc”…
-
Meta and PortSwigger drive offensive security further to find what others miss
Meta Bug Bounty and PortSwigger have formed a partnership to help security researchers sharpen their skills, collaborate more closely, and improve vulnerability discovery. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/20/meta-bug-bounty-portswigger-partnership/
-
Public Notion Pages Expose Editors’ Profile Photos and Email Addresses
A significant data exposure issue has been brought to light regarding Notion, a highly popular productivity and note-taking application. This exposure happens without requiring any authentication, cookies, or access tokens, leaving thousands of indexable company wikis and personal pages vulnerable to data scraping. For organizations that rely on Notion for public-facing documentation, this poses a…
-
Critical Gardyn Flaws Open Smart Garden Devices to Remote Hijacking
A recently updated advisory from the Cybersecurity and Infrastructure Security Agency (CISA) has revealed severe vulnerabilities in Gardyn Home Kit systems. These critical flaws carry a maximum CVSS score of 9.3 and could allow malicious actors to hijack smart gardening devices remotely. According to the April 2026 alert, successful exploitation enables unauthenticated attackers to completely…
-
SQL Kritische FortiClient-Schwachstelle wird in Angriffen genutzt
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-forticclient-ems-sql-injection-cve-2026-21643-a-c93fd036b46b533d25fcc769d285ab24/
-
Project Glasswing: When AI Becomes the Ultimate Hacker”, and Defender
Anthropic has introduced Project Glasswing, a cybersecurity initiative powered by an unreleased AI model called Claude Mythos. This system can identify zero-day vulnerabilities, generate exploits, and even help fix them”, often without human input. But there’s a catch: it’s considered too powerful for public release. In this episode, we discuss what Project Glasswing is, why…
-
NIST Adopts Risk-Based NVD Model as CVE Submissions Jump 263% Since 2020
According to a recent announcement from the National Institute of Standards and Technology (NIST), the agency is fundamentally restructuring how it manages the National Vulnerability Database (NVD). Driven by a massive 263% increase in Common Vulnerabilities and Exposures (CVE) submissions between 2020 and 2025, NIST is shifting from a comprehensive analysis approach to a targeted,…
-
SQL Kritische FortiClient-Schwachstelle wird in Angriffen genutzt
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-forticclient-ems-sql-injection-cve-2026-21643-a-c93fd036b46b533d25fcc769d285ab24/
-
SQL Kritische FortiClient-Schwachstelle wird in Angriffen genutzt
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-forticclient-ems-sql-injection-cve-2026-21643-a-c93fd036b46b533d25fcc769d285ab24/
-
NIST to stop rating non-priority flaws due to volume increase
The National Institute of Standards and Technology will stop assigning severity scores to lower-priority vulnerabilities due to the growing workload from rising submission volumes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nist-to-stop-rating-non-priority-flaws-due-to-volume-increase/
-
ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers
Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide. First seen on hackread.com Jump to article: hackread.com/showdoc-vulnerability-patch-2020-server-takeover/
-
ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers
Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide. First seen on hackread.com Jump to article: hackread.com/showdoc-vulnerability-patch-2020-server-takeover/
-
Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks
A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are exploiting vulnerabilities in TBK DVRs and end-of-life TP-Link routers to spread a Mirai variant called Nexcorium. >>IoT devices are increasingly prime targets for…
-
Nexcorium Mirai Variant Weaponises TBK DVR Vulnerability in Fresh IoT Botnet Push
A newly discovered Mirai malware variant named Nexcorium is actively targeting unpatched Internet of Things (IoT) devices. According to recent threat research from FortiGuard Labs, attackers are exploiting a severe vulnerability in TBK DVR systems to build a massive botnet capable of launching destructive distributed denial-of-service (DDoS) attacks. The campaign primarily focuses on CVE-2024-3721, a…
-
Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access
Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend, were revealed by a researcher known as Chaotic Eclipse after criticizing Microsoft’s handling of the…
-
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end”‘of”‘life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42.The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting…
-
Finance Chiefs Warn New AI Models May Rattle Global Banking
Officials Warned New Models Could Accelerate Cyber Risks Faster Than Rules. Global finance officials meeting in Washington warned that advanced artificial intelligence models could expose structural weaknesses across banking and payment systems, speeding vulnerability discovery and cyber exploitation faster than regulators can build guardrails. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/finance-chiefs-warn-new-ai-models-may-rattle-global-banking-a-31457
-
We Need a Shared Responsibility Model for AI
Over the past 6-8 months, researchers at my company discovered vulnerabilities across multiple AI tools that allowed external bad actors to steal data, exploit AI browsers, or poison the core memories of AI systems. As we responsibly disclosed these flaws, we found that AI vendors almost universally told us, “It’s not our problem.” In their..…
-
We Need a Shared Responsibility Model for AI
Over the past 6-8 months, researchers at my company discovered vulnerabilities across multiple AI tools that allowed external bad actors to steal data, exploit AI browsers, or poison the core memories of AI systems. As we responsibly disclosed these flaws, we found that AI vendors almost universally told us, “It’s not our problem.” In their..…
-
National Vulnerability Database (NVD) Shifts to Selective Enrichment as CVE Volume Surges
Under a new model announced by the National Institute of Standards and Technology, NVD will no longer enrich every CVE. Instead, enrichment efforts will focus on a defined subset, including vulnerabilities in the CISA KEV catalog, software used by the federal government, and software designated as critical. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/national-vulnerability-database-nvd-shifts-to-selective-enrichment-as-cve-volume-surges/
-
NIST, Overrun by Massive Numbers of Submitted CVEs, Limits Analysis Work
NIST said it overwhelmed by the surge in the number of CVEs submissions in recent years, so it is paring back the analysis work it does on the dangerous security flaws. Security experts say the number of new vulnerabilities detected will only grow during the AI era and that the private sector will need to…
-
Hackers are abusing unpatched Windows security flaws to hack into organizations
A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit them. Now, hackers are taking advantage of the vulnerabilities in real-life attacks, according to a cybersecurity firm. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/17/hackers-are-abusing-unpatched-windows-security-flaws-to-hack-into-organizations/
-
Maximizing Mythos Returns Requires AI Cybersecurity Pipeline
Optimizing Value and Utility Hinges on AI Scaffolding, Says Aisle’s Ondrej Vlcek. While the world is in awe of how Mythos can find vulnerabilities and chain together exploits, the next step is to identify how to build the best cybersecurity pipelines and scaffolding to get maximum value from all AI models used inside an organization,…
-
TP-Link routers face exploitation attempt linked to high-severity flaw
Researchers warn a potential botnet is targeting a vulnerability in end-of-life devices.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/tp-link-routers-exploitation-high-severity-flaw/817831/
-
Anthropic-OpenAI Race Obscures The Real Cybersecurity Breakdown: Analysis
As Anthropic and OpenAI pursue competing initiatives over vulnerability discovery, the question of who will win is the least of security teams’ concerns. First seen on crn.com Jump to article: www.crn.com/news/security/2026/anthropic-openai-race-obscures-the-real-cybersecurity-breakdown-analysis
-
Every Old Vulnerability Is Now an AI Vulnerability
AI’s danger isn’t that it’s creating new bugs, it’s that it’s amplifying old ones. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/every-old-vulnerability-ai-vulnerability
-
Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies
The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox. First seen on therecord.media Jump to article: therecord.media/ukraine-confirms-suspected-apt28-campaign-targeting-prosecutors
-
TP-Link Routers Hit by Mirai in CVE-2023-33538 Attacks
Hackers are actively scanning for vulnerable TP-Link home routers to push Mirai-style malware, abusing CVE-2023-33538 in a new wave of automated attacks. While the current exploit attempts are technically flawed, researchers warn that the underlying bug is real and dangerous when combined with default credentials and end”‘of”‘life firmware. It affects TL”‘WR940N v2/v4, TL”‘WR740N v1/v2 and…
-
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems.The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (…