Aggregator

A vulnerability was found in BorG SPM 2007. It has been classified as critical. Impacted is an unknown function. Performing a manipulation results in unrestricted upload. This vulnerability was named CVE-2026-6885. The attack may be initiated remotely. There is no available exploit.

Imagine a world where hackers don't sleep, don't take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerability before it gets attacked is shrinking to zero. We call this the Collapsing Exploit Window, and it means your

A nation-state-linked hacking group has found a clever way to hide its malicious activity inside Microsoft Outlook mailboxes, making its attacks much harder to detect by standard security tools. The Harvester APT group, believed to be a nation-state-backed threat actor active since at least 2021, has developed a new Linux version of its GoGra backdoor. […]

The post Hackers Use Outlook Mailboxes to Hide Linux GoGra Backdoor Communications appeared first on Cyber Security News.

A vulnerability was found in Google Cloud BigQuery up to 0.x/28 and classified as problematic. This issue affects some unknown processing. Such manipulation leads to information exposure through error message. This vulnerability is uniquely identified as CVE-2026-3259. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability has been found in smub ExactMetrics Plugin up to 9.1.2 on WordPress and classified as problematic. This vulnerability affects the function onboarding_key of the file /wp-json/exactmetrics/v1/onboarding/connect-url of the component Google Analytics Dashboard. This manipulation of the argument File causes missing authorization. This vulnerability is handled as CVE-2026-5464. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. This affects the function raw_rcv. The manipulation results in use after free. This vulnerability is known as CVE-2026-31532. Access to the local network is required for this attack. No exploit is available. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Zurich Instruments LabOne. Affected by this issue is some unknown functionality of the component User Interface. The manipulation leads to path traversal. This vulnerability is traded as CVE-2026-6903. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13. Affected by this vulnerability is the function rtm_get_nexthop of the file net/ipv4/nexthop.c of the component ipv4. Executing a manipulation can lead to allocation of resources. This vulnerability appears as CVE-2026-31531. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in h2oai h2o-3 up to 3.46.0.9/3.46.0.10. Affected is the function jdbc:postgresql of the file /99/ImportSQLTable of the component REST API Endpoint. Performing a manipulation results in code injection. This vulnerability is reported as CVE-2026-3960. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

Рассказываем, как методы из 90-х адаптировались к текущей цифровой реальности.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2026-39987 Marimo Remote Code Execution Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

New advisory highlights how to defend against attacker tactics believed to be used by China-linked actors to hide malicious cyber activity.

Explaining the widespread shift in tactics, techniques and procedures (TTPs) towards networks of compromised infrastructure, and how to defend against it

Adopting AI will require time, the development of new capabilities and careful oversight. 

Organisations should map and baseline their edge device traffic, especially VPN and remote access connections, and adopt dynamic threat feed filtering that includes known covert network indicators.

Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policies

Passkeys offer a more usable, secure replacement for passwords and are already supported by most modern devices.

Passkeys are the more secure and user-friendly login method and should be the default authentication option for consumers.

感谢您一直以来对腾讯安全应急响应中心（TSRC）的支持与信任。

为合理分配审核资源，聚焦真实有效漏洞，维护社区生态，特此公告。