A critical vulnerability has been identified in the Java security engine, specifically within the pac4j library, which is widely used for authentication and authorization in web applications. While researchers have not yet seen active exploitation of this flaw in real-world scenarios, the ease with which attackers could exploit it raises significant concerns. This vulnerability could impact a range of applications that rely on pac4j, potentially exposing sensitive user data and compromising security protocols. Developers and organizations using pac4j need to assess their systems and prepare for potential updates or patches to mitigate this risk.
Articles tagged "Vulnerability"
Found 954 articles
Infosecurity Magazine
Ericsson has reported a data breach that has potentially compromised the personal information of about 15,000 employees and customers. The breach occurred due to a security vulnerability in a third-party service provider, which allowed unauthorized access to sensitive data. As a result, affected individuals might face risks such as identity theft or fraud. This incident raises concerns about the security measures companies have in place for their third-party vendors and the importance of rigorous vetting processes. Companies and users alike should be vigilant in monitoring their accounts for any suspicious activity following this breach.
OpenAI has launched Codex Security, a vulnerability scanner that has already identified hundreds of serious flaws in software over the past month. This tool, previously known as Aardvark, aims to help developers and organizations find and fix security vulnerabilities in their applications. The discovery of these vulnerabilities is significant as they could potentially be exploited by attackers, putting users and data at risk. Companies using affected software need to take action to protect their systems and users. This rollout marks an important step in enhancing software security and addressing prevalent issues in the industry.
The Cybersecurity and Infrastructure Security Agency (CISA) has identified a serious vulnerability in Ivanti Endpoint Manager (EPM) that is currently being exploited in the wild. This flaw has been marked with high severity and affects U.S. federal agencies, which are now mandated to patch their systems within three weeks. The urgency stems from the risk that attackers could leverage this vulnerability to gain unauthorized access to sensitive information. Organizations using Ivanti EPM should prioritize applying the necessary patches to safeguard their systems and data from potential breaches.
Schneier on Security
A new Wi-Fi attack method called AirSnitch has been identified, exploiting weaknesses in how devices connect to networks. This attack takes advantage of issues in the communication layers of Wi-Fi, allowing attackers to perform a bidirectional man-in-the-middle (MitM) attack. In this scenario, the attacker can intercept and alter data being sent to and from the intended recipient. AirSnitch can operate on both small home networks and larger enterprise networks, making it a versatile threat. Users of Wi-Fi networks need to be aware of this vulnerability and take steps to secure their connections, as it could lead to significant data breaches and privacy violations.
The Hacker News
Cisco has confirmed that two vulnerabilities in the Catalyst SD-WAN Manager are currently being exploited by attackers. The first vulnerability, identified as CVE-2026-20122, has a CVSS score of 7.1 and allows authenticated remote users to overwrite files on the local file system. This could lead to significant disruptions and unauthorized access to sensitive data. Organizations using the Catalyst SD-WAN Manager should take immediate action to address these vulnerabilities, as they pose a serious risk to network security. It’s crucial for affected users to monitor their systems closely and apply any available patches as soon as possible.
A serious vulnerability known as 'ContextCrush' has been identified in the Context7 MCP Server, which could allow attackers to inject harmful instructions into AI development tools. This flaw poses a risk to developers using these tools, as it may compromise the integrity of their AI applications. The issue raises significant concerns, especially as AI technologies become more prevalent in various industries. Companies relying on Context7 MCP Server need to assess their security measures and ensure that they are protected against potential exploitation. Researchers are urging affected users to act swiftly to mitigate any risks associated with this vulnerability.
A new vulnerability in FreeScout, identified by researchers at Ox Security, allows attackers to execute remote code without any user interaction, a situation referred to as a zero-click exploit. This flaw, dubbed Mail2Shell, could enable malicious actors to take control of FreeScout systems, putting organizations that use this customer support platform at risk. Users of FreeScout should be particularly vigilant, as this vulnerability could lead to unauthorized access and data breaches. The lack of user interaction required for the exploit makes it especially concerning, as it can be executed without any action from the target. Organizations are urged to monitor their systems closely and apply any available updates to mitigate potential risks from this vulnerability.
Help Net Security
Last week, a newly patched vulnerability in BeyondTrust's Remote Code Execution (RCE) software was exploited in the wild. This vulnerability poses significant risks as it allows attackers to execute commands on affected systems without authorization. BeyondTrust has issued patches to address this issue, but organizations using the affected software need to act quickly to apply these updates to prevent potential breaches. Additionally, in an interview, Deneen DeFiore, the Chief Information Security Officer at United Airlines, discussed the importance of resilience in cybersecurity. She emphasized that while prevention is crucial, organizations must also prepare for disruptions and manage risks associated with their interconnected vendor and partner ecosystems. This dual focus on resilience and safety is essential for maintaining operational integrity in today's complex digital landscape.
Fintech company Figure has confirmed a data breach resulting from a phishing attack that targeted one of its employees. The attackers used social engineering tactics to deceive the employee and gain access to a limited number of files. A spokesperson for Figure stated that while the breach is concerning, the extent of the data compromised is not extensive. This incident raises alarms about the effectiveness of employee training and awareness regarding phishing tactics, which continue to be a significant vulnerability for many organizations. Users and stakeholders of Figure should remain vigilant and monitor for any unusual activity related to their accounts.
Atlas Air, a major U.S. cargo airline, has publicly rejected claims made by the Everest ransomware group that it successfully breached the airline's systems and stole 1.2 terabytes of sensitive technical information, including data related to Boeing aircraft. The airline insists that its operations remain secure and that there has been no compromise of its data. The allegations by Everest raise concerns about the vulnerability of critical infrastructure in the aviation sector, particularly as ransomware attacks have become more frequent and sophisticated. If the claims were true, it could have serious implications for aviation safety and security. However, with Atlas Air's denial, the situation remains unclear, and further investigation may be necessary to determine the validity of the ransomware group's claims.
SCM feed for Latest
A serious vulnerability has been identified in the WPvivid backup plugin, tracked as CVE-2026-1357, which has a high severity score of 9.8. This issue affects all versions of the plugin up to version 0.9.123, leaving many WordPress sites potentially at risk. The flaw allows attackers to execute remote code, which could lead to unauthorized access or control over affected systems. Users of the plugin are strongly advised to take immediate action to protect their sites. This vulnerability poses a significant threat, especially for those who have not updated their plugins recently.
Hackers have begun exploiting a serious vulnerability in BeyondTrust Remote Support known as CVE-2026-1731, which allows unauthenticated remote code execution. This flaw was identified and a proof of concept (PoC) was released just a day prior to the exploitation attempts, indicating a rapid response from malicious actors. Organizations using BeyondTrust Remote Support should be particularly vigilant, as this vulnerability poses significant risks, potentially allowing attackers to take control of affected systems. The quick exploitation of this flaw underscores the importance of timely patch management and security measures to protect sensitive data and systems from unauthorized access. Users are urged to monitor for updates and apply any patches as soon as they become available to mitigate risks.
Recent zero-day vulnerabilities in Ivanti's Endpoint Manager Mobile (EPMM) have sparked renewed concern among cybersecurity experts. These flaws, which can be exploited by attackers, could potentially compromise sensitive data in mobile devices managed by the software. Organizations using EPMM must act quickly to secure their systems, as these vulnerabilities are already being exploited in the wild. Experts are urging a shift away from simply applying patches and towards more robust security measures, including better authentication controls and reducing unnecessary public interfaces. The urgency of the situation emphasizes the need for businesses to prioritize security and stay updated with the latest patches and practices.
A serious vulnerability has been discovered in BeyondTrust Remote Support and Privileged Remote Access appliances, allowing attackers to execute code remotely without authentication. This flaw has become a target for exploitation after a proof-of-concept (PoC) was made publicly available. Organizations using these systems should be particularly vigilant, as the flaw can lead to unauthorized access and potential data breaches. BeyondTrust has released patches to address this issue, and it’s crucial for users to apply these updates promptly to protect their systems. The urgency of this situation highlights the need for proactive security measures in remote access technologies.