Aggregator

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.18.16/6.19.6/7.0-rc2. Impacted is the function siphash of the component tcp. The manipulation leads to algorithm downgrade. This vulnerability is documented as CVE-2026-23247. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

Преступники построили лабиринт, чтобы украсть пароль у профессионала.

The Russian state-backed hacker group APT28 targeted a Ukrainian government agency by exploiting a vulnerability in Zimbra webmail software.

A well-known banking trojan called Horabot has resurfaced in an active campaign targeting users across Mexico, combining a multi-stage infection chain with an email worm that turns every compromised machine into a phishing relay. The threat bundles a Delphi-based banking trojan with a PowerShell-driven spreader, making it one of the more layered financially motivated threats […]

The post Horabot Banking Trojan Resurfaces in Mexico With Multi-Stage Phishing and Email Worm Tactics appeared first on Cyber Security News.

嗯，用户让我总结一下这篇文章的内容，控制在100字以内，而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。好的，我先仔细读一下这篇文章。 文章主要讲的是Horizon3.ai公司在2026财年的增长情况。ARR增长了102%，这挺不错的。他们提到NodeZero这个产品，全球有超过5200个组织在使用，包括 Fortune 10企业和学校、医院等。然后还有一些关键指标，比如净美元保留率125%，毛美元保留率94%，渠道合作伙伴贡献了32%的Q4预订量。 MSSP（托管安全服务提供商）是他们增长最快的领域之一，占了大约70%的客户。CEO Snehal Antani提到MSSP在国际市场的重要性，帮助他们扩展业务。另外，NodeZero作为AI黑客，在真实环境中执行了超过22.5万次渗透测试，效果显著。 文章还提到当前网络安全威胁加剧，NodeZero帮助客户在生产环境中识别和修复漏洞，提升防御能力。最后介绍了Horizon3.ai公司的情况，他们是美国增长最快的网络安全公司之一。 现在我要把这些信息浓缩到100字以内。重点包括：公司增长情况、NodeZero的使用情况、关键指标、MSSP的作用、NodeZero的优势以及当前的威胁环境。 可能的结构是：Horizon3.ai FY26增长显著（ARR增102%），NodeZero被5200+组织采用；MSSP推动增长；AI驱动安全防御。 Horizon3.ai FY26增长显著（ARR增102%），NodeZero被5,200+组织采用；MSSP推动增长；AI驱动安全防御。

A vulnerability identified as problematic has been detected in Tips and Tricks HQ WP eMember Plugin up to 10.2.2 on WordPress. This affects an unknown part. This manipulation causes missing authorization. This vulnerability is handled as CVE-2026-28070. The attack can be initiated remotely. There is not any exploit available.

A vulnerability was found in Tips and Tricks HQ WP eMember Plugin up to 10.2.2 on WordPress. It has been declared as problematic. This affects an unknown part. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2026-28073. The attack can be launched remotely. No exploit exists.

嗯，用户让我总结一下这篇文章的内容，控制在一百个字以内，而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。首先，我得仔细阅读文章，抓住主要信息。 文章主要讲的是三星电子在2026年的投资计划。他们计划投资超过730亿美元，用于研发和设施建设，特别是在人工智能领域的半导体行业。此外，三星还在机器人、医疗技术、汽车电子和空调解决方案等领域寻求并购。去年他们的总投资是90.4万亿韩元，包括资本支出和研发费用，并且还计划支付9.8万亿韩元的股息。 接下来，我需要把这些信息浓缩到100字以内。要突出投资金额、用途、重点领域以及并购计划和股息支付。这样用户就能快速了解三星的主要动向。 可能会用到的关键词：三星电子、2026年、730亿美元、研发设施、人工智能半导体、并购、机器人医疗汽车空调、股息支付。 然后组织语言，确保流畅且信息完整。比如：“三星电子计划2026年投资超730亿美元用于研发和设施，重点发展人工智能半导体，并寻求在机器人、医疗技术等领域进行并购，同时计划支付9.8万亿韩元股息。” 检查一下字数，确保不超过100字，并且没有使用任何开头的套话。 三星电子计划2026年投资超730亿美元用于研发和设施，重点发展人工智能半导体，并寻求在机器人、医疗技术等领域进行并购，同时计划支付9.8万亿韩元股息。

A vulnerability marked as critical has been reported in Linux Kernel up to 6.19.3. The impacted element is the function siw_get_hdr of the component RDMA. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2026-23242. The attacker needs to be present on the local network. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in Monkey Audio 11.31. Affected by this issue is the function CAPECharacterHelper::GetUTF16FromUTF8. Executing a manipulation can lead to out-of-bounds read. This vulnerability appears as CVE-2025-61043. The attacker needs to be present on the local network. There is no available exploit.

Даже производители джинсов вступили в игру. Похоже, мошенники достали абсолютно всех.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

• CVE-2026-20131 Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

The report includes an overview of work completed on the Champlain Towers South investigation.

Advice for small and medium-sized organisations on choosing, setting up and using online meeting services safely.

A vulnerability described as critical has been identified in GNOME localsearch. This vulnerability affects unknown code of the component MP3 Extractor. Executing a manipulation can lead to heap-based buffer overflow. This vulnerability is handled as CVE-2026-1767. It is possible to launch the attack on the local host. There is not any exploit available. A patch should be applied to remediate this issue.

A vulnerability marked as critical has been reported in GNOME localsearch. This affects an unknown part of the component ID3v2.3 COMM Tag Handler. Performing a manipulation results in heap-based buffer overflow. This vulnerability is known as CVE-2026-1766. Attacking locally is a requirement. No exploit is available. It is suggested to install a patch to address this issue.

A vulnerability labeled as critical has been found in GNOME localsearch. Affected by this issue is some unknown functionality of the component TXXX Tag Handler. Such manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2026-1765. An attack has to be approached locally. There is no exploit available. Applying a patch is advised to resolve this issue.

A vulnerability identified as critical has been detected in GNOME localsearch. Affected by this vulnerability is an unknown functionality of the component MP3 Extractor. This manipulation causes heap-based buffer overflow. This vulnerability appears as CVE-2026-1764. The attack requires local access. There is no available exploit. It is recommended to apply a patch to fix this issue.

The US Cybersecurity and Infrastructure Security Agency (CISA) warns that the cyberattack on Stryker Corporation serves as a signal to U.S. organizations that foreign cyber activity tied to Middle East conflicts may be spilling into their operations. Attackers breached Stryker’s internal Microsoft environment and reportedly wiped 200,000 systems, servers, and mobile devices, while extracting 50 terabytes of data. To defend against similar malicious activity involving the misuse of legitimate endpoint management software, CISA urges organizations … More →

The post Secure endpoint management systems immediately, CISA urges appeared first on Help Net Security.