🔐 Security flaws and vulnerabilities
CERT-FR (Government Center for Monitoring, Alerting and Response to Computer Attacks)
- Une vulnérabilité a été découverte dans Cisco Catalyst SD-WAN. Elle permet à un attaquant de provoquer une élévation de privilèges. Cisco indique que la vulnérabilité CVE-2026-20245 est activement exploitée.
- De multiples vulnérabilités ont été découvertes dans Microsoft Azure Linux. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
- De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.
- De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
- De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian LTS. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Exploit Database (Offensive Security)
- WordPress Contest Gallery 28.1.4 – Unauthenticated Blind SQL Injection
- Drupal Core 10.5.5 – Error-Based SQL Injection
- WordPress OrderConvo 14 – Path Traversal
- YAMCS yamcs-core 5.12.7 – LDAP Injection
- YAMCS yamcs-core 5.12.7 – User Enumeration
🛡️ Ongoing attacks and active campaigns
The Hacker News
- Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer "scrapes every secret it can find on a developer's machine, hides behind an eBPF […]
- Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of distinct websites mimicking utilities, war-related updates, and a government news source: govlens[.]net, […]
- Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where "OP" stands for "opponent") that has been observed targeting Microsoft Internet Information Services (IIS) servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to high confidence that the espionage-focused activity is linked to China. "OP-512 was highly
- Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the security stack. The data shows SOCs are buying, […]
- Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, […]
🛠️ Microsoft Security Update Guide (Patch Tuesday & other updates)
This feed lists security bulletins (CVE, monthly patches) released by Microsoft. It is the official source for Windows, Office, Azure security updates, etc.
- Updated an acknowledgement. This is an informational change only.
- This CVE was updated to fix the download link for .NET Framework 3.8 & 4.81 for Windows 2025
- This CVE was updated to fix the download link for .NET Framework 3.8 & 4.81 for Windows 2025
- Information published.
- Information published.