Chaos
You must login to view this content
Aggregator
CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector
4 days 21 hours ago
Acting director Nick Andersen said a binding operational directive is en route for agencies, and that more specific discussions need to happen with critical infrastructure owners.
The post CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector appeared first on CyberScoop.
Tim Starks
Proprietes-Privees Data Breach: 3.2M Records on 2.5M People Leaked
4 days 21 hours ago
A threat actor using the alias ChimeraZ claims to have breached Proprietes-Privees.com, a French real-estate network operating through independent property consultants.
Dark Web Informer
CVE-2026-50751 | Check Point Quantum Security Gateway/Spark Firewalls IKEv1 Key Exchange improper authentication (EUVD-2026-35047 / WID-SEC-2026-1818)
4 days 21 hours ago
A vulnerability labeled as critical has been found in Check Point Quantum Security Gateway and Spark Firewalls. Impacted is an unknown function of the component IKEv1 Key Exchange Handler. Such manipulation leads to improper authentication.
This vulnerability is documented as CVE-2026-50751. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
Akira
4 days 21 hours ago
You must login to view this content
cohenido
Akira
4 days 21 hours ago
You must login to view this content
cohenido
Microsoft Entra Agent ID Logs Reveal Suspicious Assistive Agent Activity
4 days 21 hours ago
AI agents built into enterprise platforms are no longer just productivity tools. Security researchers have found that these agents, when configured to act on behalf of real users, can become a quiet but serious risk deep inside an organization’s identity layer. A new investigation reveals how Microsoft Entra Agent ID logs capture suspicious behavior tied […]
The post Microsoft Entra Agent ID Logs Reveal Suspicious Assistive Agent Activity appeared first on Cyber Security News.
Tushar Subhra Dutta
North Korea-Aligned Hackers Abuse GitHub Repositories to Infect Developers
4 days 21 hours ago
North Korea-aligned hackers are once again targeting the developer community, this time by hiding malicious code inside seemingly legitimate GitHub repositories. The campaign, tracked under the name UNK_DeadDrop, uses fake job offers and code review requests to lure developers into cloning infected repositories and unknowingly executing malware on their own machines. The threat actor sent […]
The post North Korea-Aligned Hackers Abuse GitHub Repositories to Infect Developers appeared first on Cyber Security News.
Tushar Subhra Dutta
云端Wireshark
4 days 21 hours ago
借助现代浏览器和js的NB,把Wireshark的GUI在网页里实现了
Roblox пошел на мировую. Любимая игра школьников пообещала Роскомнадзору вести себя хорошо
4 days 21 hours ago
Roblox признал ошибки модерации.
SecWiki News 2026-06-09 Review
4 days 21 hours ago
SecWiki周刊(第640期) by ourren
从 EDR 到 ADR:Agent 安全正在进入检测响应时代 by ourren
Supervisor-Skills: 从 Idea 构思到论文投稿 by ourren
反入侵 Pipeline 2.0 (Agentic) by swim
AI时代安全运营交互新范式: BrowserSecOps / CliSecOps / ChatSecOps by swim
从零开始构建智能体 by ourren
更多最新文章,请访问SecWiki
从 EDR 到 ADR:Agent 安全正在进入检测响应时代 by ourren
Supervisor-Skills: 从 Idea 构思到论文投稿 by ourren
反入侵 Pipeline 2.0 (Agentic) by swim
AI时代安全运营交互新范式: BrowserSecOps / CliSecOps / ChatSecOps by swim
从零开始构建智能体 by ourren
更多最新文章,请访问SecWiki
CVE-2026-11045 | Google Chrome up to 148.0.7778.216 GPU information disclosure (ID 498727)
4 days 21 hours ago
A vulnerability, which was classified as problematic, has been found in Google Chrome. This impacts an unknown function of the component GPU. The manipulation leads to information disclosure.
This vulnerability is listed as CVE-2026-11045. The attack may be initiated remotely. There is no available exploit.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-11047 | Google Chrome up to 148.0.7778.216 on Windows Base sandbox (ID 498768)
4 days 21 hours ago
A vulnerability was found in Google Chrome on Windows and classified as critical. Affected by this issue is some unknown functionality of the component Base. Such manipulation leads to sandbox issue.
This vulnerability is documented as CVE-2026-11047. The attack can be executed remotely. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-11048 | Google Chrome up to 148.0.7778.216 Extensions cross-domain policy (ID 498808)
4 days 21 hours ago
A vulnerability, which was classified as problematic, has been found in Google Chrome. This affects an unknown part of the component Extensions. Performing a manipulation results in permissive cross-domain policy with untrusted domains.
This vulnerability was named CVE-2026-11048. The attack may be initiated remotely. There is no available exploit.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-11037 | Google Chrome up to 148.0.7778.216 Codecs out-of-bounds write (ID 497971 / WID-SEC-2026-1794)
4 days 21 hours ago
A vulnerability described as critical has been identified in Google Chrome. The affected element is an unknown function of the component Codecs. Such manipulation leads to out-of-bounds write.
This vulnerability is referenced as CVE-2026-11037. It is possible to launch the attack remotely. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-11038 | Google Chrome up to 148.0.7778.216 access control (ID 498080 / WID-SEC-2026-1794)
4 days 21 hours ago
A vulnerability identified as critical has been detected in Google Chrome. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in improper access controls.
This vulnerability was named CVE-2026-11038. The attack may be initiated remotely. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2026-11040 | Google Chrome up to 148.0.7778.216 ANGLE use after free (ID 498371 / WID-SEC-2026-1794)
4 days 21 hours ago
A vulnerability identified as critical has been detected in Google Chrome. This vulnerability affects unknown code of the component ANGLE. The manipulation leads to use after free.
This vulnerability is uniquely identified as CVE-2026-11040. The attack is possible to be carried out remotely. No exploit exists.
You should upgrade the affected component.
vuldb.com
CVE-2026-11041 | Google Chrome up to 148.0.7778.216 on Windows Media sandbox (ID 498700 / WID-SEC-2026-1794)
4 days 21 hours ago
A vulnerability classified as critical was found in Google Chrome on Windows. This affects an unknown function of the component Media. Executing a manipulation can lead to sandbox issue.
This vulnerability is tracked as CVE-2026-11041. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-11039 | Google Chrome up to 148.0.7778.216 Skia uninitialized variable (ID 498204 / WID-SEC-2026-1794)
4 days 21 hours ago
A vulnerability was found in Google Chrome. It has been classified as problematic. The affected element is an unknown function of the component Skia. This manipulation causes use of uninitialized variable.
This vulnerability is tracked as CVE-2026-11039. The attack is possible to be carried out remotely. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-11043 | Google Chrome up to 148.0.7778.216 on macOS ANGLE out-of-bounds write (ID 498721 / WID-SEC-2026-1794)
4 days 21 hours ago
A vulnerability categorized as critical has been discovered in Google Chrome on macOS. This affects an unknown part of the component ANGLE. Executing a manipulation can lead to out-of-bounds write.
This vulnerability is handled as CVE-2026-11043. The attack can be executed remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com