Aggregator

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from threat actors' abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability

The European Union is on the verge of issuing its largest-ever penalty under the Digital Markets Act, targeting Alphabet’s Google for allegedly manipulating search results to favor its own services over competitors, a move set to further strain transatlantic tech relations. Brussels has formally accused Google and its parent company, Alphabet, of violating the Digital Markets […]

The post EU Finalizes Record DMA Fine Against Google Over Search Self-Preferencing Abuse appeared first on Cyber Security News.

Iran's Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning

Nimbus Manticore accelerated cyberattacks during wartime, using AI-assisted malware, fake Zoom installers, and SEO poisoning. When the United States launched Operation Epic Fury against Iran at the end of February 2026, most analysts expected the country’s cyber apparatus to hunker down and weather the storm. That’s not what happened. Instead, researchers at Check Point have […]

Масштабная атака затронула более 700 версий, а защита даже не сработала.

A vulnerability, which was classified as critical, has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree. Performing a manipulation of the argument sort results in sql injection. This vulnerability is identified as CVE-2026-9523. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, was found in xianrendzw EasyReport up to 2.0.17.0522_Beta. Affected by this issue is the function execute of the component REST Endpoint. Executing a manipulation of the argument reportParams can lead to sql injection. This vulnerability is tracked as CVE-2026-9524. The attack can be launched remotely. No exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in itsourcecode Electronic Judging System 1.0 and classified as critical. This affects an unknown part of the file /admin/edit_judge.php. The manipulation of the argument judge_id leads to sql injection. This vulnerability is listed as CVE-2026-9525. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability was found in itsourcecode Electronic Judging System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit_team.php. The manipulation of the argument num_id results in sql injection. This vulnerability is cataloged as CVE-2026-9526. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in BINGOS Archive::Tar up to 3.9 on Perl. This affects the function _read_tar of the component Header Handler. The manipulation results in uncontrolled memory allocation. This vulnerability was named CVE-2026-9538. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.

The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise

A vulnerability was found in Totolink CA750-PoE 6.2c.510 and classified as critical. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. This vulnerability is listed as CVE-2026-9532. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability was found in Totolink CA750-PoE 6.2c.510. It has been classified as critical. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument fwUrl/magicid results in os command injection. This vulnerability is cataloged as CVE-2026-9533. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in koa router 14.x. It has been rated as critical. The impacted element is an unknown function. The manipulation leads to improper access controls. This vulnerability is listed as CVE-2026-9495. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.

A vulnerability identified as problematic has been detected in pacote up to 11.2.7. This impacts the function addGitSha. This manipulation causes inefficient regular expression complexity. This vulnerability is registered as CVE-2026-9496. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Totolink CA750-PoE 6.2c.510. It has been declared as critical. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. This vulnerability is registered as CVE-2026-9534. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability categorized as problematic has been discovered in Hitachi Ops Center Analyzer, Ops Center Analyzer viewpoint and Infrastructure Analytics Advisor. This affects an unknown function. The manipulation results in missing password field masking. This vulnerability is cataloged as CVE-2026-3314. An attack on the physical device is feasible. There is no exploit available. It is advisable to upgrade the affected component.

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. [...]

A new wave of phishing operations is quietly changing the way cybercriminals steal financial data from everyday people. Rather than relying on traditional SMS messages that carriers can easily flag and block, threat actors are now using encrypted messaging channels like Rich Communication Services (RCS) and Apple iMessage to deliver malicious links directly to victims’ […]

The post Phishing Services Use RCS and iMessage to Bypass Traditional SMS Security Filters appeared first on Cyber Security News.