Aggregator

Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. [...]

A vulnerability labeled as critical has been found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Affected by this vulnerability is the function FileCache::doGet of the file system/src/Grav/Framework/Cache/Adapter/FileCache.php of the component Cache Value Handler. The manipulation results in deserialization. This vulnerability is cataloged as CVE-2026-7317. The attack may be launched remotely. Furthermore, there is an exploit available. The affected component should be upgraded.

Submit #803083 / VDB-359971

Submit #798732 / VDB-359965

A vulnerability identified as critical has been detected in eiliyaabedini aider-mcp up to 667b914301aada695aab0e46d1fb3a7d5e32c8af. Affected is an unknown function of the file aider_mcp.py of the component code_with_ai. The manipulation of the argument working_dir/editable_files leads to command injection. This vulnerability is listed as CVE-2026-7316. The attack may be initiated remotely. In addition, an exploit is available. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.

A Chinese national tied to one of the most damaging state-sponsored hacking campaigns in recent history has been extradited to the United States from Italy. Xu Zewei, 34, a citizen of the People’s Republic of China, landed on U.S. soil this past weekend and appeared before U.S. District Court in Houston, Texas, on April 27, […]

The post Chinese Silk Typhoon Hacker Extradited to the U.S. from Italy appeared first on Cyber Security News.

Submit #803082 / VDB-359964

A vulnerability categorized as critical has been discovered in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. This vulnerability is tracked as CVE-2026-7315. The attack can be launched remotely. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability was found in eiceblue spire-doc-mcp-server 1.0.0. It has been rated as critical. This affects the function get_doc_path of the file src/spire_doc_mcp/api/base.py. Performing a manipulation of the argument document_name results in path traversal. This vulnerability is identified as CVE-2026-7314. The attack can be initiated remotely. Additionally, an exploit exists. The project was informed of the problem early through an issue report but has not responded yet.

Key Takeaways Background VECT Ransomware is a Ransomware-as-a-Service (RaaS) program that made its first appearance in December 2025 on a Russian-language cybercrime forum. After claiming their first two victims in January 2026, the group got back into the public eye due to an announcement of a partnership with TeamPCP, the actor behind several supply-chain attacks […]

The post VECT: Ransomware by design, Wiper by accident appeared first on Check Point Research.

WhatsApp is currently developing an independent cloud backup system designed to give users more direct control over their chat histories. This upcoming feature will allow users to store their backups securely on WhatsApp’s native servers. The update aims to reduce reliance on third-party cloud services like Google Drive and Apple’s iCloud while enforcing strict cryptographic […]

The post WhatsApp Testing Own Cloud Backup Provider for Default End-to-End Encryption appeared first on Cyber Security News.

«Телефон-агент» вместо «телефон-витрина». Что за устройство готовят создатели ChatGPT.

As enterprise adoption of generative AI accelerates, so does the number of new components showing up in architecture diagrams. Among the common are LLM proxies and MCP gateways. They are often grouped together because they both sit between applications and AI systems, and both introduce a level of abstraction that is intended to simplify development […]

The post LLM Proxies vs. MCP Gateways: What’s the Difference? appeared first on Cequence Security.

The post LLM Proxies vs. MCP Gateways: What’s the Difference? appeared first on Security Boulevard.

Submit #803081 / VDB-359963

Submit #803080 / VDB-359962

Ransomware groups 0APT and KryBit have doxxed each other online

The first quarter of 2026 saw a surge in Internet disruptions, from nationwide shutdowns in Uganda and Iran to unprecedented drone strikes on cloud infrastructure. We explore the data behind these events using Cloudflare Radar.

80后只是老了，不是亖了

LLMs leave statistical fingerprints in the passwords they generate. We built a 100-year-old model to find them and detected 28,000 in the wild.

The post The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords appeared first on Security Boulevard.

Threat actors are now publishing structured OPSEC playbooks to stay undetected. Flare reveals how these guides outline layered infrastructure, identity separation, and long-term evasion strategies. [...]