Aggregator
CVE-2026-6474 | PostgreSQL up to 18.3 Timezone timeofday format string (Nessus ID 315292 / WID-SEC-2026-1544)
CVE-2026-6473 | PostgreSQL up to 18.3 integer overflow (Nessus ID 315292 / WID-SEC-2026-1544)
CVE-2026-6472 | PostgreSQL up to 18.3 search_path authorization (Nessus ID 315292 / WID-SEC-2026-1544)
Reco Agent Security helps organizations govern AI agents and reduce exposure
Reco announced Reco Agent Security, which expands the Reco Platform with advanced capabilities that prevent data exposure, unintended use and process disruption caused by AI agents operating across connected applications and workflows. Agents function inside interconnected enterprise ecosystems where they can read sensitive data, invoke tools, trigger workflows, update records, communicate with other systems and take autonomous action. Agent security risks, therefore, are not isolated to the agent itself, but rather extend to the applications … More →
The post Reco Agent Security helps organizations govern AI agents and reduce exposure appeared first on Help Net Security.
Mitiga unveils Agentic Runtime Security for cloud, SaaS, identity, and AI protection
Mitiga has announced Agentic Runtime Security, a new approach to runtime detection and response across cloud, SaaS, identity, AI, and third-party services that anticipates, detects, interrupts, and stops active attacks before they impact the business. For two decades, security operations centered on the endpoint. EDR carried the load, most detections were built there, and most analyst muscle memory lived there. But the primary asset is no longer the server – it’s third-party services, cloud, SaaS, … More →
The post Mitiga unveils Agentic Runtime Security for cloud, SaaS, identity, and AI protection appeared first on Help Net Security.
KRYBIT
You must login to view this content
37 ТБ мусора за три недели. OpenAI Codex незаметно убивает накопители пользователей
Audit
You must login to view this content
CVE-2026-12937 | themefic Tourfic Plugin up to 2.22.7 on WordPress AJAX post_id sql injection (EUVD-2026-39189)
CVE-2026-10824 | Masteriyo LMS Plugin up to 2.2.0 on WordPress course-progress REST API access control (EUVD-2026-39186)
CVE-2026-56129 | Dynabook/TOSHIBA Generic IO & Memory Access Driver exposed ioctl with insufficient access control (EUVD-2026-39190)
CVE-2026-53135 | Linux Kernel up to 7.0.12 drm dp_sdp_message_debugfs_write Base buffer overflow (EUVD-2026-39340)
CVE-2026-53139 | Linux Kernel up to 6.18.35/7.0.12 drm buffer overflow (EUVD-2026-39344)
CVE-2026-53131 | Linux Kernel up to 7.0.12 netfilter eth_hdr head privilege escalation (EUVD-2026-39336)
CVE-2026-53133 | Linux Kernel up to 7.0.12 RDMA __rdma_block_iter_next stack-based overflow (EUVD-2026-39338)
LokiBot Campaign Uses JScript Attachment, .NET Injector, and Process Injection to Steal Credentials
LokiBot, one of the oldest credential-stealing malware families still active today, has resurfaced in a new multi-stage campaign designed to steal credentials from a wide range of applications. The campaign uses a JScript email attachment as its entry point, quietly setting off a chain of events that ends with sensitive data being silently lifted from […]
The post LokiBot Campaign Uses JScript Attachment, .NET Injector, and Process Injection to Steal Credentials appeared first on Cyber Security News.
ControlMonkey connects backup visibility with cloud recovery readiness
ControlMonkey announced its Data Backup Correlation, a new capability that extends its Cyber Resilience Platform by connecting data backup posture with cloud configuration recovery. The first release supports AWS Backup and Azure Backup. CISOs and cloud teams often lack full visibility into data backup coverage and available recovery points across critical data sources, including databases, storage accounts, and cloud data services, making it harder to understand what data assets are actually recoverable when it matters … More →
The post ControlMonkey connects backup visibility with cloud recovery readiness appeared first on Help Net Security.