Aggregator

Authorities seize crypto-laundering network and fake recruitment sites, JDY botnet targets U.S. military, and Miasma worm infects Microsoft and PyPi repos.

NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts

Cloudflare Security Insights system now processes over 120 scans per second, providing frequent insights for all customers. By optimizing Kafka consumers, Postgres queries, and our API, we scaled our throughput 10x without adding hardware.

Есть проблема, которую невозможно решить деньгами…

TeamPCP 在 3 个月内横扫 npm、PyPI、GitHub Actions、Docker Hub 等开源生态，本文解剖其全链路攻击技战法与防御策略。

A newly identified remote access trojan named SHEETCREEP is making headlines for its clever use of Google Sheets as a hidden communication channel between attackers and infected machines. This C# malware targets diplomatic organizations, using a carefully crafted lure to trick victims into executing it on their systems. The campaign represents a calculated move by […]

The post SHEETCREEP C# RAT Abuses Google Sheets API as C2 to Target Diplomatic Organizations appeared first on Cyber Security News.

A vulnerability identified as critical has been detected in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workflow. This manipulation causes command injection. This vulnerability is registered as CVE-2026-11406. Remote exploitation of the attack is possible. Furthermore, an exploit is available. You should upgrade the affected component. The vendor confirms: "This issue has been addressed by implementing malicious checks on OpenVPN configuration files to prevent command injection attacks carried through malicious configuration files."

A vulnerability labeled as critical has been found in vertex-app vertex up to 2026.02.12. This issue affects some unknown processing of the file app/model/LogMod.js of the component Log Viewer Endpoint. Such manipulation of the argument req.query leads to os command injection. This vulnerability is documented as CVE-2026-11408. The attack can be executed remotely. Additionally, an exploit exists. It is best practice to apply a patch to resolve this issue.

A vulnerability marked as critical has been reported in iAI Lab PDF AI App 4.21.0 on Android. Impacted is the function getExternalCacheDir of the component chatpdf.pro. Performing a manipulation of the argument _display_name results in path traversal. This vulnerability is reported as CVE-2026-11411. The attack requires a local approach. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in ubccr xdmod up to 10.0.2. It has been declared as critical. This vulnerability affects unknown code. The manipulation results in sql injection. This vulnerability is identified as CVE-2026-45779. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability labeled as critical has been found in ubccr xdmod up to 11.0.2. The impacted element is an unknown function of the component HTTPS Handler. Executing a manipulation can lead to improper access controls. This vulnerability is registered as CVE-2026-45776. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability classified as critical has been found in ubccr xdmod up to 11.0.2. Affected is an unknown function of the component System Configuration Handler. This manipulation causes os command injection. This vulnerability appears as CVE-2026-45777. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability has been found in ubccr xdmod up to 11.0.2 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-45778. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromDhcpListClient of the component HTTP Handler. Performing a manipulation of the argument page results in stack-based buffer overflow. This vulnerability is reported as CVE-2026-36785. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability described as problematic has been identified in holithemes Click to Chat Plugin up to 4.39 on WordPress. The impacted element is the function CCW_Shortcode::shortcode of the component WA Widget. The manipulation of the argument num results in cross site scripting. This vulnerability is cataloged as CVE-2026-7795. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability identified as problematic has been detected in CRUX Protocol::HTTP2 up to 1.12 on Perl. This affects the function headers_decode. Performing a manipulation results in highly compressed data. This vulnerability was named CVE-2026-10725. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in Altium Enterprise Server and 365 up to 8.1.0 and classified as critical. This issue affects some unknown processing of the component Git Service. The manipulation results in path traversal. This vulnerability was named CVE-2026-11429. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and scam infrastructure. The company said the operation has affected “hundreds of thousands of victims,” with losses estimated in the millions of dollars. It also links the group to more than 9,000 fake websites and 1 million fraudulent URLs. “Criminals increasingly use AI to make fraud like this more convincing and harder to … More →

The post Google sues China-based scammers over Gemini AI abuse appeared first on Help Net Security.

A vulnerability was found in SourceCodester Ship Ferry Ticket Reservation System 1.0. It has been rated as problematic. Impacted is an unknown function of the file /admin/?page=user/manage_user. The manipulation of the argument Username leads to cross site scripting. This vulnerability is traded as CVE-2026-11338. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability categorized as critical has been discovered in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. This vulnerability is known as CVE-2026-11339. It is possible to launch the attack remotely. Furthermore, an exploit is available.