Aggregator
CVE-2026-9595 | webpack-dev-server up to 5.2.4 origin validation (GHSA-mx8g-39q3-5c79)
CVE-2026-10634 | zephyrproject zephyr up to 4.4.x subsys/net/ip/tcp.c net_tcp_foreach use after free (GHSA-6c57-xfhw-j26x)
CVE-2025-15659 | liseperu Elizaibots Plugin up to 1.0.2 on WordPress cross site scripting
146K Records Allegedly Scraped From French Property Platform Superimmo
DPAPISnoop Tool Extracts CREDHIST Hashes for Offline Windows Credential Recovery
The open-source DPAPISnoop tool has been enhanced to extract CREDHIST entries, enabling offline cracking of historical Windows credentials and deeper insight into password patterns. Lefteris Panos, Security Consultant at LRQA Red Team, said the update adds CREDHIST extraction capabilities to DPAPISnoop, enabling the recovery and analysis of historical Windows credentials alongside DPAPI Master Key hashes. […]
The post DPAPISnoop Tool Extracts CREDHIST Hashes for Offline Windows Credential Recovery appeared first on Cyber Security News.
Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks
CVE-2026-43299 | Linux Kernel up to 6.19.5 btrfs fs/btrfs/extent-tree.c denial of service (WID-SEC-2026-1454)
CVE-2026-43298 | Linux Kernel up to 6.18.15/6.19.5 amdgpu_irq_put denial of service (WID-SEC-2026-1454)
CVE-2026-43297 | Linux Kernel up to 6.12.74/6.18.15/6.19.5 media rga_buf_init buffer overflow (WID-SEC-2026-1454)
CVE-2026-43294 | Linux Kernel up to 6.18.15/6.19.5 DSI Interface unprepare denial of service (WID-SEC-2026-1454)
CVE-2026-43293 | Linux Kernel up to 6.12.74/6.18.15/6.19.5 kernel/kthread.c wave5_vpu_timer_callback race condition (WID-SEC-2026-1454)
CVE-2026-43295 | Linux Kernel up to 6.19.5 rapidio rio_free_net allocation of resources (WID-SEC-2026-1454)
CVE-2026-43291 | Linux Kernel up to 6.19.5 net uninitialized pointer (WID-SEC-2026-1454)
CVE-2026-43292 | Linux Kernel up to 6.12.74/6.18.15/6.19.5 purge_vmap_node infinite loop (Nessus ID 318589 / WID-SEC-2026-1454)
CVE-2026-43290 | Linux Kernel up to 6.18.15/6.19.5 media /dev/video0 start_streaming buffer overflow (WID-SEC-2026-1454)
CVE-2026-43289 | Linux Kernel up to 6.19.5 kernel/kexec_file.c kexec_load_purgatory privilege escalation (Nessus ID 318589 / WID-SEC-2026-1454)
CVE-2026-43288 | Linux Kernel up to 6.6.127/6.12.74/6.18.15/6.19.5 ext4 ext4_percpu_param_init memory corruption (WID-SEC-2026-1454)
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat
Dozens of practitioners said the decision to place export controls on the foreign use of Fable are misguided, and recent jailbreak reports don’t show the model providing unique hacking capabilities.
The post Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat appeared first on CyberScoop.
SHADOWBYT3$ Allegedly Claim Breach of Nintendo, Stealing Sensitive Data
Threat intelligence sources have reported that the threat actor group SHADOWBYT3$ has allegedly breached Nintendo, claiming to have exfiltrated approximately 859 MB of sensitive internal data. The incident, first observed on June 13, 2026, remains unverified at the time of writing. However, early details suggest potential exposure of employee-related information. The alleged breach is linked […]
The post SHADOWBYT3$ Allegedly Claim Breach of Nintendo, Stealing Sensitive Data appeared first on Cyber Security News.