The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against U.S. organizations. [...]
Proofpoint details how attackers spoof OAuth client IDs to probe Microsoft Entra accounts, test credentials and bypass common sign-in detections at cloud scale.
A vulnerability has been found in Linux Kernel up to 6.19.10 and classified as critical. Affected is the function s_first_data_block of the component ext4. The manipulation leads to privilege escalation.
This vulnerability is uniquely identified as CVE-2026-31447. The attack can only be initiated within the local network. No exploit exists.
The affected component should be upgraded.
A vulnerability classified as critical has been found in Linux Kernel up to 6.18.20/6.19.10. Affected by this vulnerability is the function damon_call. Performing a manipulation results in null pointer dereference.
This vulnerability is known as CVE-2026-31445. Access to the local network is required for this attack. No exploit is available.
It is recommended to upgrade the affected component.
A vulnerability classified as critical was found in Linux Kernel up to 6.19.10. Affected by this issue is the function ext4_unregister_sysfs of the file /proc/fs/ext4/xx/mb_groups. Executing a manipulation can lead to use after free.
This vulnerability is handled as CVE-2026-31446. The attack can only be done within the local network. There is not any exploit available.
Upgrading the affected component is advised.
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.130/6.12.79/6.18.20/6.19.10. This impacts the function smb_grant_oplock. Executing a manipulation can lead to use after free.
This vulnerability is handled as CVE-2026-31444. The attack can only be done within the local network. There is not any exploit available.
You should upgrade the affected component.
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.18.20/6.19.10. This affects an unknown function of the component dmaengine. Performing a manipulation results in denial of service.
This vulnerability is known as CVE-2026-31443. Access to the local network is required for this attack. No exploit is available.
It is advisable to upgrade the affected component.
A vulnerability identified as problematic has been detected in Ollama 0.7.1. This affects the function downloadBlob of the component Download Blob. Performing a manipulation results in improper validation of array index.
This vulnerability is reported as CVE-2026-15685. The attack is possible to be carried out remotely. No exploit exists.