VulnHub

A recent investigation by Citizen Lab has revealed that the Jordanian government allegedly utilized Cellebrite's phone-cracking technology to target activists during protests related to Gaza. This use of advanced surveillance tools raises serious concerns about human rights violations and the government's approach to dissent. The technology, which is designed to extract data from mobile devices, appears to have been deployed to monitor and potentially intimidate individuals expressing their views. This incident is part of a broader pattern of state surveillance and repression against activists, highlighting the ongoing challenges faced by those advocating for human rights in the region.

Last month, a situation involving Waymo's autonomous vehicles in San Francisco raised concerns about their ability to process contextual identity information. When the vehicles shut down, they inadvertently caused significant traffic disruptions, revealing a gap in their operational understanding. This incident points to the need for improved identity recognition systems within autonomous technology to prevent similar occurrences in the future. As these vehicles integrate more into urban environments, ensuring they can effectively interpret their surroundings and react appropriately is crucial for maintaining traffic flow and safety. The implications of this incident highlight the challenges faced by companies developing self-driving technology and the importance of addressing potential identity-related issues in their systems.

A serious vulnerability has been discovered in the GNU InetUtils telnet daemon (telnetd) that has existed for nearly 11 years. This flaw, identified as CVE-2026-24061, allows attackers to bypass authentication remotely and gain root access to affected systems. It impacts all versions of GNU InetUtils from 1.9.3 to 2.7. Given its high CVSS score of 9.8, this vulnerability poses a significant risk to organizations still using these versions. Users and administrators should prioritize addressing this issue to prevent unauthorized access to their systems.

A failure in operational security by the INC ransomware group has allowed researchers to recover data stolen from 12 U.S. organizations. This incident highlights vulnerabilities in the ransomware gang's methods, which typically aim to keep their operations hidden and secure. The affected organizations were able to regain access to their compromised data, which could lessen the impact of the attack. Such operational oversights by attackers can provide critical opportunities for recovery and response for victims. This situation serves as a reminder for organizations to remain vigilant and proactive in their cybersecurity measures to protect against ransomware threats.

A recent report by the World Economic Forum indicates a significant lack of confidence among cybersecurity professionals in Latin America regarding their countries' ability to defend against cyberattacks targeting critical infrastructure. The findings suggest that many experts believe their nations are not adequately prepared to handle potential threats, which could lead to serious vulnerabilities in essential services. This lack of faith is concerning, especially as cyberattacks continue to rise globally. The situation calls for urgent attention to improve cybersecurity measures and training in the region. Without stronger defenses, critical infrastructure may remain at risk of attacks that could disrupt services and endanger public safety.

A serious vulnerability in Appsmith has been discovered that could allow attackers to take over user accounts through a flawed password reset process. This flaw could potentially expose sensitive information and disrupt services for users relying on the platform for application development. The issue affects all users of Appsmith who utilize the password reset feature, making it a widespread concern. Security researchers are urging users to stay vigilant and take immediate action to protect their accounts. It's crucial for Appsmith to address this vulnerability quickly to prevent any further exploitation and maintain user trust.

Researchers from Graz University of Technology in Austria have optimized attacks targeting the Linux page cache, a previously known vulnerability. By enhancing the speed of these attacks, they can potentially extract sensitive data from the memory of running applications more efficiently. This could affect systems that rely on Linux, particularly in environments where sensitive information is processed. The implications of this research are significant, as it raises concerns about the security of Linux-based systems used in various sectors, including servers and cloud environments. Users and organizations should be aware of the potential for data leakage and consider reviewing their security measures to protect against such exploits.

The rise of hybrid work arrangements has led to a significant increase in Active Directory password resets, which are causing productivity issues for many organizations. According to research from Specops, factors such as remote access challenges, cached credentials, and strict security policies are contributing to this surge. When employees work remotely, they often encounter lockouts that require IT support for password resets, which can take time and disrupt workflows. This situation underscores the need for companies to reassess their password management strategies and consider solutions that can streamline the process for remote workers. As businesses continue to adapt to hybrid models, addressing these password issues is crucial for maintaining productivity and ensuring smooth operations.

A recent analysis by VulnCheck has revealed a troubling trend in cybersecurity: the percentage of vulnerabilities being exploited before they are publicly disclosed has risen significantly from 23.6% in 2024 to nearly 29% in 2025. This increase indicates that attackers are becoming more adept at identifying and exploiting weaknesses in software and systems before developers have a chance to address them. This situation puts both companies and users at greater risk, as they may be unaware of the vulnerabilities affecting their systems until after an attack occurs. It’s crucial for organizations to prioritize vulnerability management and stay updated on potential threats to safeguard their assets effectively. The rise in zero-day exploits highlights the need for more proactive security measures and timely disclosure by vendors.

During the second day of the Pwn2Own Automotive 2026 competition, hackers successfully exploited 29 zero-day vulnerabilities, earning a total of $439,250 in rewards. This event highlights the ongoing security challenges in the automotive sector, as researchers and ethical hackers test the resilience of vehicles against cyber threats. The vulnerabilities targeted various systems within automotive technology, but specific details about the affected models or manufacturers were not provided. This incident is significant because it showcases the ease with which skilled attackers can uncover critical flaws, raising concerns about the safety and security of connected vehicles. As the automotive industry increasingly adopts smart technology, it must prioritize robust security measures to protect against such vulnerabilities.

A recent survey conducted by Vodafone reveals that many executives in the UK are deeply concerned about the potential impact of a major cyber-attack on their businesses. The findings indicate that a significant number of leaders believe their companies may not survive such an incident. This sentiment reflects a growing awareness of the vulnerabilities organizations face in an increasingly digital landscape. With cyber threats becoming more sophisticated, the urgency for robust cybersecurity measures is evident. Executives are now recognizing that proactive strategies and investments in security are essential to safeguard their operations and data.