Aggregator

A vulnerability marked as problematic has been reported in Microsoft Excel up to Office Online Server. This impacts an unknown function. The manipulation leads to race condition. This vulnerability is listed as CVE-2026-44818. The attack may be initiated remotely. There is no available exploit. Applying a patch is the recommended action to fix this issue.

A vulnerability classified as critical has been found in Microsoft Excel up to Office Online Server. Affected by this vulnerability is an unknown functionality. This manipulation causes out-of-bounds read. This vulnerability is registered as CVE-2026-44820. Remote exploitation of the attack is possible. No exploit is available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Excel -/3/5.1/10.0.17763.8880/16.0.10417.20128. It has been declared as problematic. The impacted element is an unknown function. Such manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2026-45455. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Microsoft Excel -/3/5.1/10.0.17763.8880/16.0.10417.20128. This affects an unknown part. Performing a manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2026-44822. The attack is possible to be carried out remotely. No exploit exists. It is suggested to install a patch to address this issue.

A vulnerability labeled as critical has been found in Microsoft Excel, Office and SharePoint. This affects an unknown function. Executing a manipulation can lead to type confusion. This vulnerability is tracked as CVE-2026-44817. The attack can be launched remotely. No exploit exists. It is advisable to implement a patch to correct this issue.

Key Points Introduction In this research, we analyze a clipboard hijacker campaign that is hidden inside a collection of “solutions” and “tools” that claim to give users an unfair advantage. These offers include Solana and Pump.fun sniper bots (automated tools that try to buy new tokens or meme coins faster than other traders), Aviator Predictor […]

The post From Stars to Upvotes: Fake Reputation Fueling a Crypto Clipboard Hijacker appeared first on Check Point Research.

Достаточно посчитать, сколько людей уже родилось, чтобы предсказать, когда родится последний. Без войн. Без вирусов.

本文提出了全新的激发式侧信道攻击。电磁注入不仅仅只会影响设备行为，也可能成为诱导信息泄露的手段。

A newly discovered Android banking trojan, dubbed Rokarolla, targets 217 banking and cryptocurrency applications and can execute 137 commands on infected devices, according to researchers at Zimperium. Named after its command-and-control (C2) infrastructure, Rokarolla is primarily distributed through malicious websites that impersonate popular applications such as TikTok and Google Chrome, fooling users into downloading what appears to be a legitimate app. Banker malware impersonating a legitimate app and requesting accessibility service (Source: Zimperium) Zimperium said … More →

The post Rokarolla Android trojan targets banking and crypto users, enables device takeover appeared first on Help Net Security.

A vulnerability has been found in Microsoft Office -/0.37.3 and classified as critical. This affects an unknown function. Performing a manipulation results in untrusted pointer dereference. This vulnerability is cataloged as CVE-2026-45645. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to install a patch to address this issue.

The rise of AI-assistants and applications in the enterprise has seen a 93% increase in employees attempting to upload sensitive data, bringing security challenges

India has banned Telegram until June 22 after the app was used to circulate leaked exam papers. CEO Pavel Durov accuses telecom Reliance of BGP hijacking that disrupted the app as far away as the UAE. Here's what happened, and how to get around the block with an MTProto proxy. [...]

Каждый ввезенный в Россию гаджет обяжут регистрировать в специальной базе данных.

SentinelOne’s Purple AI Agentic Investigation, now GA, solves the SOC investigation capacity gap with zero-click, machine-speed alert analysis.

Austin, TX, USA, 17th June 2026, CyberNewswire

The Cloudflare One stack is a library of agent skills that gives any AI agent the knowledge it needs to plan, deploy, and manage a Zero Trust environment — no migration calls required.

Flip has announced Frontline Identity and Flip Fusion, two new offerings that help organizations securely connect frontline employees to enterprise systems, applications and AI-powered workflows. Flip’s new products expand the platform beyond employee communications, helping organizations provide secure digital identity, enterprise application access and AI-powered workflow automation through a single mobile experience. Frontline Identity brings secure digital identity to frontline workers Flip’s Frontline Identity is a digital identity and authentication platform purpose-built for frontline workers. … More →

The post Flip expands platform with digital identity, no-code apps, and AI automation appeared first on Help Net Security.

Submit #836150 / VDB-297637

Submit #836149 / VDB-297637