Tag: vulnerability
-
CISA Adds Critical Aquasecurity Trivy Scanner Vulnerability to KEV Catalog
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, malicious, open-source, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has urgently added a critical flaw affecting Aquasecurity’s Trivy scanner to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-33634, this security weakness involves embedded malicious code that targets continuous integration and continuous deployment (CI/CD) environments. Because Trivy is a widely adopted open-source vulnerability scanner used natively within…
-
Windows Error Reporting Vulnerability Exposes Systems to Privilege Escalation, Allowing SYSTEM Access
Microsoft recently patched a severe Elevation of Privilege (EoP) vulnerability in the Windows Error Reporting (WER) service, officially tracked as CVE-2026-20817. This flaw allows a local attacker with standard user rights to escalate to SYSTEM privileges by exploiting improper permission handling. The vulnerability was so significant that Microsoft chose to remove the affected feature entirely…
-
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history.Both LangChain and LangGraph are open-source frameworks that are used to build applications powered by Large Language Models (LLMs). LangGraph is built on the foundations of First seen on thehackernews.com Jump to…
-
U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Langflow to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Langflow flaw, tracked as CVE-2026-33017 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. Langflow is a popular tool used for building agentic AI workflows. CVE-2026-33017 is a…
-
Are you proactive in managing AI risks?
Are Your Non-Human Identities Adequately Secured? How secure is your organization’s management of non-human identities? Non-human identities (NHIs) are integral components of cybersecurity frameworks. They are not mere accessories but foundational elements that require diligent oversight and sophisticated security solutions. To ensure robust security measures, professionals across industries must address the vulnerabilities presented by NHIs….…
-
Ajax football club hack exposed fan data, enabled ticket hijack
Dutch professional football club Ajax Amsterdam (AFC Ajax) disclosed that a hacker exploited vulnerabilities in its IT systems and accessed data belonging to a few hundred people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ajax-football-club-hack-exposed-fan-data-enabled-ticket-hijack/
-
Chain Reaction: How One Stolen Token Tore Through Five Ecosystems
Why Your Static Credentials Are a Ticking Time Bomb The TeamPCP campaign, one of the largest credential theft campaigns of 2026, began with a compromise in Trivy. A security tool trusted to scan for vulnerabilities and leaked secrets was weaponized against the very environments it was meant to protect. Instead of catching exposed credentials, it……
-
TP-Link, Canva, HikVision vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a vulnerability in HikVision, as well as 10 in TP-Link, and 19 in Canva.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.For First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/tp-link-canva-hikvision-vulnerabilities/
-
New Langflow flaw actively exploited to hijack AI workflows
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows/
-
Critical Flaw in Langflow AI Platform Under Attack
Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to address critical bugs. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/critical-flaw-langflow-ai-platform-under-attack
-
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks
The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Triangulation campaign back in 2023, according to new findings from Kaspersky.”When Coruna was first reported, the public evidence wasn’t sufficient to link…
-
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/
-
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/
-
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic’s Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page.The flaw “allowed any website to silently inject prompts into that assistant as if the user wrote them,” Koi Security researcher Oren Yomtov said in a report shared with…
-
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic’s Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page.The flaw “allowed any website to silently inject prompts into that assistant as if the user wrote them,” Koi Security researcher Oren Yomtov said in a report shared with…
-
Critical Ivanti EPMM Vulnerabilities Expose Systems to Arbitrary Code Execution Attacks
Tags: attack, cyber, data, endpoint, exploit, group, incident response, ivanti, mobile, remote-code-execution, threat, vulnerability, zero-dayIn February 2026, threat actors actively exploited two critical remote code execution (RCE) vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). A recent incident response investigation by WithSecure’s STINGR Group revealed that attackers used highly automated methods to exfiltrate sensitive data from compromised servers within seconds. These zero-day vulnerabilities allow unauthenticated attackers to execute arbitrary code…
-
Critical NVIDIA Vulnerabilities Risk Remote Code Execution and DenialService Attacks
Tags: attack, cyber, Hardware, nvidia, remote-code-execution, risk, service, software, technology, threat, vulnerabilityNVIDIA has recently published its March 2026 security bulletins, addressing a wave of newly discovered vulnerabilities across its hardware and software ecosystems. The technology giant has urged organizations to immediately evaluate their environments and apply the necessary corrective actions to prevent potential exploitation. These vulnerabilities pose significant risks, notably enabling threat actors to potentially execute…
-
Silver Fox Tax Audit Phishing Campaign Shifts from RATs to Python Stealers
Tags: apt, backdoor, china, cyber, cybercrime, exploit, group, intelligence, monitoring, phishing, rat, threat, vulnerabilityThreat intelligence teams have tracked Silver Fox (also known as Void Arachne), a China-based intrusion set that sits at the intersection of financially motivated cybercrime and APT-style espionage. Originally associated with large-scale, profit-driven campaigns, the group has steadily adopted more advanced tradecraft, including modular backdoors, rootkits, and the exploitation of vulnerable drivers. TDR’s monitoring between…
-
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Triangulation campaign back in 2023, according to new findings from Kaspersky.”When Coruna was first reported, the public evidence wasn’t sufficient to link…
-
OpenAI Expands Bug Bounty to Cover AI Abuse and ‘Safety’ Concerns
OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/openai-bug-bounty-ai-abuse-safety/
-
CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, network, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical code-injection vulnerability in Langflow. Tracked as CVE-2026-33017, this severe security flaw has been officially added to CISA’s Known Exploited Vulnerabilities (KEV) catalog following verified evidence of active exploitation in the wild. Network defenders and organisations utilising Langflow in their development…
-
Node.js Fixes Critical Flaws, Patches DoS Risk in Latest Security Update
The Node.js project has issued a series of security updates addressing multiple vulnerabilities across its active release lines. The update covers versions in the 20.x, 22.x, 24.x, and 25.x branches, and includes fixes for several high, medium, and low severity issues. Among the most notable concerns is CVE-2026-21637, which appears prominently in the release due…
-
Armis-Studie zeigt Risiken hinter KI-generiertem Code
Der Trusted Vibing Benchmark Report, regelmäßig von Armis Labs aktualisiert, bewertet, wie KI-Modelle sicheren Code generieren und kritische Schwachstellen vermeiden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/armis-studie-zeigt-risiken-hinter-ki-generiertem-code/a44337/
-
Synology DiskStation Manager Vulnerability Puts Users at Risk of Remote Command Execution Attacks
Synology has issued an urgent security update for its DiskStation Manager (DSM) software to address a critical vulnerability. If left unpatched, this flaw could allow unauthenticated remote attackers to execute arbitrary commands on affected network-attached storage (NAS) devices. Tracked under security advisory Synology-SA-26:03, this ongoing security event requires immediate attention from system administrators to protect…
-
Microsoft Unveils New Guidance to Detect and Defend Against Trivy Supply Chain Attack
Tags: attack, credentials, cve, cyber, malware, microsoft, supply-chain, threat, tool, vulnerabilityAqua Security’s vulnerability scanner, Trivy, suffered a sophisticated CI/CD supply chain compromise. The threat actor, identified as TeamPCP, leveraged prior incomplete remediation to inject credential-stealing malware into official releases. This incident, tracked as CVE-2026-33634, successfully weaponized a trusted security tool against the organizations relying on it to stay safe. This visualizes the attack propagation timeline…
-
Cisco Secure Firewall Vulnerability Exposes Systems to Remote Code Execution by Attackers
Cisco has released critical security updates to address a maximum-severity vulnerability affecting its Secure Firewall Management Center (FMC) Software. Tracked under the identifier CVE-2026-20131, this flaw carries a perfect CVSS base score of 10.0 and allows unauthenticated, remote attackers to execute arbitrary code. The situation is particularly urgent as the company has confirmed that threat…
-
Node.js Releases Urgent Patches for Multiple Vulnerabilities Exposing Systems to DoS and Crashes
The Node.js project issued a critical security update for its Long-Term Support (LTS) branch, marking version 20.20.2 ‘Iron’ as a security release. This urgent patch addresses seven distinct vulnerabilities impacting TLS error handling, HTTP/2 flow control, cryptographic timing, and permission models. Several of these issues can be exploited remotely without authentication, posing an immediate risk…
-
New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert
CSO in an email, because the hole allows an unauthenticated remote attacker to leak potentially sensitive information from the appliance’s memory.”This vulnerability is one that threat actors and researchers alike are paying attention to,” he said.The vulnerability carries similar ramifications to 2023’s CitrixBleed and 2025’s CitrixBleed2 memory leak vulnerabilities, Emmons added. Then, unauthenticated attackers with…
-
GitHub adds AI-powered bug detection to expand security coverage
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-adds-ai-powered-bug-detection-to-expand-security-coverage/

