Tag: vulnerability
-
Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution
Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution.The weaknesses, discovered by the JFrog Security Research team, are listed below -CVE-2026-1470 (CVSS score: 9.9) – An eval injection vulnerability that could allow an authenticated user to bypass the Expression…
-
AI Security Threats Loom as Enterprise Usage Jumps 91%
Zscaler analysts found critical vulnerabilities in 100% of enterprise AI systems, with 90% compromised in under 90 minutes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-security-threats-loom-zscaler/
-
Critical FortiCloud SSO zero”‘day forces emergency service disablement at Fortinet
Attack details and indicators: Fortinet’s investigation into the exploitation revealed attackers used two specific FortiCloud accounts: “cloud-noc@mail.io” and “cloud-init@mail.io,” though the company warned “these addresses may change in the future.”Fortinet identified multiple IP addresses associated with the attacks, including several Cloudflare-protected addresses that attackers used to obscure their activities.”Following authentication via SSO, it has been…
-
Sicarii ransomware locks your data and throws away the keys
Tags: ai, business, communications, compliance, credentials, data, encryption, extortion, finance, malware, network, ransomware, risk, vulnerabilityUnusual technical profile hints at vibe-coding: One possible explanation for Sicarii’s broken encryption flow is immature or poorly implemented development practices. The ransomware’s failure to retain usable keys is inconsistent with established ransomware design and suggests it may have been assembled without rigorous testing or a clear understanding of operational consequences, or even vibe-coded.”Halcyon assesses…
-
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads.”Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated First…
-
Wechselrichter am Internet: Europas Solaranlagen brauchen Cyberschutz – Warum Solaranlagen zur neuen Schwachstelle im Stromnetz werden
First seen on security-insider.de Jump to article: www.security-insider.de/solaranlagen-cybersicherheit-nis2-a-d6a358a396812e3f22d49ea54667f27b/
-
PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun
Koi researchers found “PackageGate” flaws in NPM, PNPM, VLT, and Bun that let attackers perform supply chain attacks and run malicious code. Security firm Koi uncovered a set of vulnerabilities collectively tracked as “PackageGate” affecting major JavaScript package managers like NPM, PNPM, VLT, and Bun. These flaws could let attackers bypass supply chain protections and…
-
Hackers Exploit React2Shell Vulnerability to Deploy Miners and Botnets Worldwide
Threat actors have been actively exploiting a critical vulnerability in React Server Components, tracked as CVE-2025-55182 and commonly referred to as React2Shell, to compromise systems across multiple industry sectors worldwide. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2025-55182-react2shell-active-exploitation/
-
CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities
CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/28/cert-uefi-parser-open-source-tool/
-
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected
Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild.The vulnerability, assigned the CVE identifier CVE-2026-24858 (CVSS score: 9.4), has been described as an authentication bypass related to FortiOS single sign-on (SSO). The flaw also affects FortiManager and FortiAnalyzer. The company said it’s…
-
Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)
Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/28/fortinet-forticloud-sso-zero-day-vulnerability-cve-2026-24858/
-
Fortinet blocks exploited FortiCloud SSO zero day until patch is ready
Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fortinet-blocks-exploited-forticloud-sso-zero-day-until-patch-is-ready/
-
Report: Attacks ‘Cascade’ From IT, OT to Patient Care
Trellix Says Email, Identify Failures Are Among Top Vectors in Health Compromises. Of the millions of threats detected in healthcare IT environments last year, email phishing, identity failures and device vulnerabilities were among the top vectors for non-clinical IT compromises – often cascading and disrupting patient care, said a new report from security firm Trellix.…
-
Microsoft Rushes Emergency Patch for Office Zero-Day
To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious Office file. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-rushes-emergency-patch-office-zero-day
-
NDSS 2025 On the Robustness Of LDP Protocols For Numerical Attributes Under Data Poisoning Attacks
Session 10C: Privacy Preservation Authors, Creators & Presenters: Xiaoguang Li (Xidian University, Purdue University), Zitao Li (Alibaba Group (U.S.) Inc.), Ninghui Li (Purdue University), Wenhai Sun (Purdue University, West Lafayette, USA) PAPER On the Robustness of LDP Protocols for Numerical Attributes under Data Poisoning Attacks Recent studies reveal that local differential privacy (LDP) protocols are…
-
Telnet Flaw: 800,000 Servers at Risk Amid Active Attacks
Telnet Flaw Allows Unauthenticated Users to Gain Root Access. Hackers are on the hunt for open telnet ports in servers after discovering that a version of legacy client-server application protocol is vulnerable to an authentication bypass vulnerability. More than 800,000 servers could be actively targeted in the wild. First seen on govinfosecurity.com Jump to article:…
-
WinRAR path traversal flaw still exploited by numerous hackers
Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious payloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
-
Critical sandbox escape flaw found in popular vm2 NodeJS library
A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-sandbox-escape-flaw-discovered-in-popular-vm2-nodejs-library/
-
Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online
Tags: attack, authentication, cve, cybersecurity, data-breach, exploit, flaw, Internet, vulnerabilityShadowserver researchers found 6,000+ SmarterMail servers exposed online and likely vulnerable to a critical auth bypass flaw. Nonprofit security organization Shadowserver reported that over 6,000 SmarterMail servers are exposed on the internet and likely vulnerable to attacks exploiting a critical authentication bypass flaw tracked as CVE-2026-23760. Cybersecurity firm watchTowr disclosed the vulnerability on January 8,…
-
Critical sandbox escape flaw discovered in popular vm2 NodeJS library
A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-sandbox-escape-flaw-discovered-in-popular-vm2-nodejs-library/
-
Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core
Critical sandbox escape vulnerability in Grist-Core enables remote code execution via a malicious formula First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/pyodide-sandbox-escape-rce-grist/
-
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, infrastructure, kev, linux, microsoft, office, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog:…
-
Critical vm2 Flaw Lets Attackers Bypass Sandbox and Execute Arbitrary Code in Node.js
A critical vulnerability in the vm2 JavaScript sandbox library (versions ≤ 3.10.0) enables attackers to bypass sandbox protections and execute arbitrary code with full system privileges. The flaw exploits improper sanitization of Promise callback functions, allowing remote code execution without authentication or user interaction. Vulnerability Overview The vm2 library, deployed across 273,000 projects on npm,…
-
Over 6,000 SmarterMail Servers Exposed to Actively Exploited RCE Vulnerability
Tags: cve, cyber, data-breach, detection, email, exploit, rce, remote-code-execution, threat, vulnerabilityApproximately 6,000 vulnerable SmarterTools SmarterMail installations globally are all exposed to an actively exploited remote code execution vulnerability. The vulnerability, tracked as CVE-2026-23760, poses an immediate threat to organisations relying on SmarterMail for email and collaboration services. The Shadowserver Foundation integrated CVE-2026-23760 detection into their daily vulnerable HTTP scans, flagging susceptible servers based on version…
-
Attackers Exploit React2Shell Vulnerability to Target IT Sector Systems
Active exploitation of a critical vulnerability in React Server Components, tracked as CVE”‘2025″‘55182 (React2Shell), targeting companies across multiple industry sectors worldwide. React2Shell affects the Flight protocol, which facilitates client-server communication for React Server Components. The vulnerability stems from insecure deserialization servers accept client data without proper verification, enabling remote code execution under specific conditions. The…
-
Over 6,000 SmarterMail servers exposed to automated hijacking attacks
Nonprofit security organization Shadowserver has found over 6,000 SmarterMail servers exposed online and likely vulnerable to attacks exploiting a critical authentication bypass vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-6-000-smartermail-servers-exposed-to-automated-hijacking-attacks/
-
Hand CVE Over to the Private Sector
How MITRE has mismanaged the world’s vulnerability database for decades and wasted millions along the way. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/hand-cve-over-to-private-sector
-
CTEM in Practice: Prioritization, Validation, and Outcomes That Matter
Cybersecurity teams increasingly want to move beyond looking at threats and vulnerabilities in isolation. It’s not only about what could go wrong (vulnerabilities) or who might attack (threats), but where they intersect in your actual environment to create real, exploitable exposure.Which exposures truly matter? Can attackers exploit them? Are our defenses effective?Continuous Threat Exposure First…