Posts of last 24 hours
A vulnerability identified as critical has been detected in Ubiquiti UniFi Talk Application up to 5.2.1. Affected by this issue is some unknown functionality. This manipulation causes sql injection.
This vulnerability is tracked as CVE-2026-50747. The attack is possible to be carried out remotely. No exploit exists.
You should upgrade the affected component.
https://vuldb.com/vuln/375938
Жертва открывала честный подписанный файл, а Windows услужливо подтягивала рядом лежащий вредонос — классика, которая всё ещё работает.
https://www.securitylab.ru/news/574366.php
在工业自动化场景里,PLC 编程软件、SCADA 监控系统这类核心工具向来是防护重点,但很少有人会留意负责管理
https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451187521&idx=1&sn=d3b9f7bb0f1c7192f5882f4e24a5884d
Peter Stokes boasted on social media about the luxurious globetrotting life he enjoyed while he was still a child.
The post Alleged longstanding member of Scattered Spider extradited to US appeared first on CyberScoop.
https://cyberscoop.com/scattered-spider-peter-stokes-cybercrime-extradition/
This week’s security news is mostly about weak spots.
Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through.
This is not one big break. It is small permissions, weak checks, open systems, and normal tools doing things they were allowed to do. That same pattern runs
https://thehackernews.com/2026/07/threatsday-ai-compute-hijacking-apple.html
Court of Justice of the European Union (CJEU) has dismissed Google's final appeal against a €4.1 billion ($4.7 billion) antitrust fine over the company's use of Android to promote its Chrome browser and search service. [...]
https://www.bleepingcomputer.com/news/legal/google-loses-final-appeal-to-overturn-41-billion-eu-fine/
https://www.akamai.com/blog/cloud/2026/jul/real-time-observability-akamai-cloud-pulse-alerts
A vulnerability categorized as critical has been discovered in Progress Flowmon ADS up to 12.5.5/13.0.4. Affected by this vulnerability is an unknown functionality of the component Requests Handler. The manipulation results in sql injection.
This vulnerability is identified as CVE-2026-9272. The attack can be executed remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
https://vuldb.com/vuln/375937
A vulnerability was found in TR7 Cyber Defense WAF-ASP. It has been rated as problematic. Affected is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is referenced as CVE-2026-4772. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is advised.
https://vuldb.com/vuln/375936