Wiz has discovered a significant vulnerability on GitHub using an AI reverse-engineering tool. This vulnerability was identified in a way that previously would have required extensive resources, making it a notable achievement in cybersecurity research. The flaw could potentially allow attackers to exploit systems that rely on GitHub for code management, putting numerous developers and organizations at risk. The discovery underscores the growing role of AI in identifying security issues more efficiently. It’s crucial for developers to stay informed and apply any necessary updates to safeguard their projects against potential exploitation.
Articles tagged "Exploit"
Found 577 articles
A serious vulnerability has been discovered in cPanel and WebHost Manager (WHM) that allows unauthorized users to access the control panel without proper authentication. This flaw affects all versions except the most recent ones, putting many web hosting services at risk. Attackers could exploit this weakness to gain control over web hosting environments, which could lead to data breaches or service disruptions. Users of cPanel and WHM are strongly advised to update their systems immediately to the latest versions to mitigate this risk. The urgency of this situation highlights the importance of keeping software up to date to protect against potential exploits.
Infosecurity Magazine
Researchers from LayerX have discovered a significant vulnerability in the Cursor extension that allows malicious extensions to steal API keys and session tokens without any user interaction. This flaw poses a serious risk to developers, as it can potentially expose sensitive information needed for accessing various services and APIs. Developers using the Cursor extension are particularly at risk, as attackers can exploit this vulnerability to gain unauthorized access to their accounts and services. The implications of this vulnerability are concerning, as it could lead to data breaches or unauthorized actions taken on behalf of developers. Users of the Cursor extension should take immediate steps to assess their security and consider removing or disabling the extension until a fix is provided.
Help Net Security
CISA and Microsoft have issued a warning about the exploitation of a Windows Shell vulnerability identified as CVE-2026-32202. This zero-click vulnerability allows attackers to trick victims' systems into authenticating with the attacker's server, potentially exposing sensitive information. CVE-2026-32202 is linked to an incomplete fix for a previous vulnerability (CVE-2026-21510), which was targeted by the APT28 group using malicious LNK files. Microsoft had released patches for these vulnerabilities in February 2026, but the new exploit indicates that attackers have found ways to bypass these security measures. Users and organizations running affected systems need to be vigilant and apply available updates to safeguard against these kinds of attacks.
Researchers have discovered a serious vulnerability in GitHub, identified as CVE-2026-3854, which allows attackers to execute arbitrary code by simply pushing a git command. This flaw affects several GitHub products, including GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, and GitHub Enterprise Cloud with Enterprise. The ability to run code remotely poses significant risks, as it could lead to unauthorized access or manipulation of repositories. Companies using these GitHub services should be vigilant and take immediate action to address this vulnerability, as it could potentially compromise their code and data integrity. Ensuring that all systems are updated and secure is essential to mitigate the risks associated with this exploit.
The Hacker News
A Brazilian cybercrime group known as LofyGang has returned after a three-year hiatus, launching a campaign targeting Minecraft players through a malware called LofyStealer, also referred to as GrabBot. This malicious software is disguised as a Minecraft hack named 'Slinky' and uses the official game icon to trick users into executing it. Once installed, LofyStealer can steal sensitive information from the victim's device. This resurgence is concerning for the gaming community, as it shows that cybercriminals are still active and adapting their tactics to exploit popular platforms. Players need to be cautious about downloading third-party software, especially those that claim to enhance game performance or functionality.
Udemy, a popular e-learning platform, has reportedly suffered a data breach involving more than 1.4 million user records. The ShinyHunters group, known for extortion tactics, claimed responsibility and is threatening to release the stolen data if Udemy does not engage in negotiations by April 27. This breach raises concerns for users about the potential exposure of personal information, which could lead to identity theft or phishing attacks. Companies like Udemy need to take swift action to protect their users and secure their systems against further attacks. The incident highlights the ongoing risks that online platforms face from cybercriminals seeking to exploit vulnerabilities for profit.
The Hacker News
A serious security flaw has been identified in LeRobot, Hugging Face's open-source robotics platform, which has garnered nearly 24,000 stars on GitHub. The vulnerability, designated as CVE-2026-25874, has a high severity score of 9.3 and allows attackers to exploit untrusted data deserialization, potentially leading to remote code execution without authentication. This flaw poses a significant risk to developers and organizations using LeRobot, as it could allow unauthorized access and control over their systems. Researchers are urging users to take immediate action to safeguard their implementations, given the potential for widespread exploitation. The details of the flaw emphasize the importance of security diligence in open-source projects.
SCM feed for Latest
BlackFile hackers are using voice phishing, or vishing, to target the retail and hospitality sectors. They make calls using spoofed numbers to pose as IT support, tricking employees into revealing sensitive information. This method allows them to gather data for potential extortion. Companies in these industries should be vigilant as the attackers exploit trust in IT communications to gain access to critical systems. The rise of such tactics underscores the need for enhanced security training for staff to recognize and respond to these types of scams.
A significant vulnerability in OpenSSH has been discovered, allowing attackers to gain full root shell access to affected systems. This flaw, which has been present for 15 years, stems from a coding issue that misinterprets comma characters in certificate principals as list separators. As a result, unauthorized users could exploit this vulnerability to escalate privileges and take control of systems. OpenSSH is widely used for secure remote access, making this a serious concern for organizations relying on it for security. Users and administrators are urged to review their systems and apply any available patches to mitigate this risk.
PhantomCore, a pro-Ukrainian hacktivist group, has been targeting TrueConf video conferencing software in Russia since September 2025. Researchers from Positive Technologies reported that the group is exploiting a series of three vulnerabilities to gain remote access to affected systems. This attack is significant as it affects servers that may be crucial for communications in various sectors, potentially disrupting operations and compromising sensitive information. The ongoing nature of these attacks raises concerns for organizations using TrueConf, as they may be at risk of unauthorized access and data breaches. Users of this software are advised to remain vigilant and implement security measures to protect their systems.
SCM feed for Latest
Bitwarden CLI has been compromised as a result of a supply chain attack linked to TeamPCP, according to researchers from Socket and JFrog. This incident stems from a breach involving Checkmarx, a company that provides security solutions. The implications are significant, as users of Bitwarden CLI may have been exposed to malicious code or vulnerabilities that could compromise their sensitive data. The attack underscores the risks associated with supply chain vulnerabilities, where attackers exploit third-party software to gain access to broader systems. Organizations using Bitwarden should take this seriously and consider evaluating their security measures to prevent potential exploitation.
The Digital Operational Resilience Act (DORA) mandates that financial entities in the EU implement strict authentication and access control measures. This legal requirement aims to enhance security and protect sensitive data against unauthorized access. A breach due to inadequate controls can lead to severe financial repercussions and undermine customer trust. For instance, without proper credential management, attackers could exploit weak points to gain access to financial systems, potentially resulting in data theft or fraud. As financial institutions prepare for compliance, they must prioritize robust authentication strategies to mitigate risks and ensure operational resilience.
Security Affairs
Germany's Bundestag President Julia Klöckner was recently targeted in a phishing attack using the Signal messaging app. The attackers created a fake chat group that appeared to be associated with her political party, the CDU, in an attempt to deceive her. This incident highlights the vulnerabilities of even secure messaging platforms, showing that attackers can exploit them to gain access to personal or sensitive information. As political figures become more reliant on digital communication, the risk of such phishing attempts increases. It serves as a reminder for all users to remain vigilant about the authenticity of the contacts they interact with online.
Researchers from Unit 42 have found that attackers are now using artificial intelligence to exploit vulnerabilities in cloud systems with impressive speed. This capability allows cybercriminals to automate attacks, potentially leading to more significant breaches and data theft. The report emphasizes the growing sophistication of these AI-driven attacks, making it vital for organizations to bolster their security measures. Companies that rely heavily on cloud infrastructure must stay vigilant and update their defenses to counter these emerging threats. As AI technology continues to evolve, the risk of such attacks will likely increase, necessitating a proactive approach to cloud security.