Aggregator

Outbound Workers for Sandboxes provide a programmable, zero-trust egress proxy for AI agents. This allows developers to inject credentials and enforce dynamic security policies without exposing sensitive tokens to untrusted code.

A vulnerability has been found in BeyondTrust Remote Support & Privileged Remote Access up to PRA 24.3.4/RS 25.3.1 and classified as critical. This vulnerability affects unknown code. This manipulation causes os command injection. The identification of this vulnerability is CVE-2026-1731. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The affected component should be upgraded.

OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.

More than $12 million has been frozen, and over 20,000 victims have been identified in an international law enforcement operation targeting cryptocurrency and investment scammers. Authorities also uncovered more than $45 million in suspected cryptocurrency fraud losses worldwide. One UK victim identified during the operation is thought to have lost more than £52,000 to the fraud. According to the FBI’s report, cryptocurrency remained a central element in fraud-related activity, with losses totaling $11.3 billion. Investment … More →

The post $12 million frozen, 20,000 victims identified in crypto scam crackdown appeared first on Help Net Security.

安卓内核Hook技术实现分析与应用

当LiteLLM以Proxy服务方式的默认配置启动时，可以通过多个漏洞造成任意代码执行。

И может научиться искать что угодно. Без обновлений. Без вашего ведома.

NETSCOUT is proud to be recognized as a Leader and Outperformer in the “2026 GigaOm Radar for Network Observability” report. This marks the fifth time we have earned a Leader position, reflecting our steady innovation focused on helping organizations address the growing scale, complexity, and criticality of modern...

本文记录了一个真实 Flutter 项目（含 MediaKit 视频播放器、QuickJS 引擎、InAppWebView 等重量级插件）从 144MB 优化到 […]

Copier-Branch：批量保存Burp报文

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2012-1854 Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
• CVE-2020-9715 Adobe Acrobat Use-After-Free Vulnerability
• CVE-2023-21529 Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability
• CVE-2023-36424 Microsoft Windows Out-of-Bounds Read Vulnerability
• CVE-2025-60710 Microsoft Windows Link Following Vulnerability
• CVE-2026-21643 Fortinet SQL Injection Vulnerability
• CVE-2026-34621 Adobe Acrobat and Reader Prototype Pollution Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

A vulnerability marked as critical has been reported in Huawei HarmonyOS 6.0.0. The impacted element is an unknown function of the component Application Read Module. This manipulation causes memory corruption. This vulnerability is tracked as CVE-2026-34864. The attack is restricted to local execution. No exploit exists.

A vulnerability identified as critical has been detected in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. This vulnerability is tracked as CVE-2026-6158. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability labeled as problematic has been found in Samsung Escargot 97e8115ab1110bc502b4b5e4a0c689a71520d335. The affected element is an unknown function. The manipulation results in type confusion. This vulnerability is identified as CVE-2026-40446. The attack is only possible with local access. There is not any exploit available. A patch should be applied to remediate this issue.

A vulnerability marked as critical has been reported in Dynabook TOSRFEC.SYS and DRFEC.SYS. Affected is an unknown function of the component Bluetooth ACPI Driver. Performing a manipulation results in stack-based buffer overflow. This vulnerability is identified as CVE-2026-35553. The attack is only possible with local access. There is not any exploit available.

A vulnerability marked as problematic has been reported in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatbox_PHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. This vulnerability is cataloged as CVE-2026-6160. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability described as critical has been identified in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. This vulnerability is registered as CVE-2026-6161. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability was found in PHPGurukul Company Visitor Management System 2.0. It has been classified as problematic. This impacts an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdate leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-6162. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Rockstar Games, the developer behind titles such as Grand Theft Auto and Red Dead Redemption, has confirmed a cyberattack claimed by hacking group ShinyHunters, which says it accessed the company’s Snowflake environment and obtained data. The attackers exploited Anodot, a third-party SaaS platform used for cloud cost monitoring and analytics, as the entry point and are reported to have extracted authentication tokens, enabling access to a connected Snowflake account without exploiting vulnerabilities in Snowflake itself. … More →

The post Rockstar Games receives “pay or leak” warning after cyberattack appeared first on Help Net Security.