Aggregator

A vulnerability labeled as problematic has been found in Dell Wyse Management Suite up to 5.5. This issue affects some unknown processing. The manipulation results in use of default credentials. This vulnerability is identified as CVE-2026-44273. The attack is only possible with local access. There is not any exploit available. The affected component should be upgraded.

Klue привлекла CrowdStrike к расследованию и заявила об удалении вредоносного кода.

A CVSS score 7.1 AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Daniil Romanovych' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Musaab Khan (@bxff)' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'p0her (@_p0her_) of TeamH4C' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'p0her (@_p0her_) of TeamH4C' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.9 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Bobby Gould (@bobbygould5) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Landon Peng (lunbun) of Lunbun LLC' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Liang Zhu' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Pwn2Sleep ' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mat Powell of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mat Powell of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-06-23, 5 days ago. The vendor is given until 2026-10-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A vulnerability labeled as critical has been found in tmux up to 3.6a. Affected is the function image_free of the file image.c. Such manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2026-11623. Local access is required to approach this attack. Moreover, an exploit is present. The affected component should be upgraded.

Музыкальные архивы оказались слишком удобной добычей для чужих алгоритмов.

Researchers at Malwarebytes identified dozens of websites claiming to offer free access to FIFA World Cup matches. Instead of streaming games, the sites directed visitors through a chain of advertising pages designed to generate revenue for their operators. Fake World Cup streaming website (Source: Malwarebytes) “We’ve identified more than 40 websites that are effectively identical. They use different World Cup-themed names, but behind the scenes they’re running the same page template, the same code, and … More →

The post Free, no-signup World Cup streams serve scams instead of football appeared first on Help Net Security.

​别再叫「小微」，叫它「阿信」！

Хотите загубить деловую репутацию? Просто сходите на ужин с инвестором.

Most organizations now run or pilot AI agents that operate on company data with limited human direction at each step, a share that reaches 88% in Veeam Software’s Data and AI Trust Gap report. The systems that are supposed to keep an eye on them have not caught up. That gap is the heart of the report. Most executives say their data problems are already holding their AI back. The issues are familiar ones: data … More →

The post Only 7% of companies are ready for the AI agents they deployed appeared first on Help Net Security.

近日，国内数字安全领域专业研究机构数世咨询正式发布《新质・中国数字安全百强（2026）》报告，锦行科技凭借清晰

Indian manufacturer Tata Electronics said a recent cybersecurity incident had "no impact" on operations. A cybercrime group had said it stolen confidential documents from the company.