Articles tagged "Vulnerability"

Found 929 articles

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

The Hacker News

Actively Exploited

Researchers at Sysdig have reported that threat actors are actively trying to exploit a serious security vulnerability in Gitea Docker images, identified as CVE-2026-20896. This flaw, which carries a CVSS score of 9.8, allows unauthorized internet clients to gain elevated access by manipulating the 'X-WEBAUTH-USER' header. The vulnerability arises because Gitea's DevOps platform trusts this header from any source IP address, making it easier for attackers to gain control. The attempts to exploit this vulnerability began just 13 days after it was disclosed, indicating that attackers are quick to act on newly revealed weaknesses. Companies using Gitea should prioritize applying the latest patches to protect their systems from potential breaches.

Read Original

A recently discovered flaw in the Opera GX gaming browser allowed malicious websites to automatically install modifications (mods) that could steal data from other pages users visited. This vulnerability raised concerns about user privacy and security, as it could enable attackers to access sensitive information without the users' consent. The issue has now been patched, but it serves as a reminder of the potential risks associated with browser extensions and modifications. Users of Opera GX should ensure they have updated their browser to the latest version to mitigate any risks. This incident highlights the ongoing challenges in maintaining security in web browsing environments.

Read Original

Last week, vulnerabilities in SimpleHelp and Oracle EBS Payments were actively exploited. The SimpleHelp flaw allows attackers to gain unauthorized access to systems, posing a serious risk to users of the remote support software. Meanwhile, a vulnerability in Oracle's EBS Payments system has also come under attack, potentially compromising financial data for organizations using this enterprise resource planning software. These incidents emphasize the growing challenges in securing software, particularly as companies increasingly integrate AI features, which often introduce new vulnerabilities. Organizations relying on these systems need to prioritize patching and monitoring to protect sensitive information.

Read Original

This week's security updates reveal a series of vulnerabilities across various systems, including browsers, AI tools, and email services. Researchers discovered that many of these weaknesses stem from small permission gaps and inadequate security checks, which attackers can exploit. Notably, the article mentions the BlueHammer ransomware, which targets businesses by leveraging these types of vulnerabilities. This situation underscores the need for organizations to regularly assess their security measures and patch any identified weaknesses to prevent potential breaches. Overall, the findings serve as a reminder that even seemingly secure systems can harbor significant risks if not properly maintained.

Read Original

Hackers have begun exploiting a newly disclosed vulnerability known as CitrixBleed, targeting NetScaler appliances. This vulnerability allows attackers to access arbitrary memory content through HTTP responses, putting sensitive information at risk. The exploitation started almost immediately after the vulnerability was publicly disclosed, indicating a rapid response from malicious actors. Organizations using affected NetScaler devices need to be vigilant, as this could lead to significant data breaches or unauthorized access. It's crucial for companies to take immediate action to safeguard their systems and protect sensitive information from being compromised.

Read Original

Researchers have discovered a new type of attack dubbed 'BioShocking' that exploits AI-driven web browsers. By manipulating the context in which these browsers operate, attackers can trick them into bypassing their built-in safety features, leading to the theft of sensitive credentials. This vulnerability poses a significant risk to users who rely on AI browsers for secure transactions, as it could result in unauthorized access to personal accounts. The implications are serious, especially as more people use AI tools for everyday tasks, making it crucial for developers to address these weaknesses. Users should be cautious and vigilant when using AI-driven browsing tools until a fix is implemented.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in Microsoft SharePoint that is currently being exploited by attackers. This vulnerability, identified as CVE-2026-45659, allows for remote code execution, which means that hackers can run malicious code on affected systems. Organizations using SharePoint should take this threat seriously, as it could lead to unauthorized access and data breaches. Microsoft has already released a patch to address this issue, so it's crucial for users to apply the update as soon as possible to protect their systems from potential exploitation.

Read Original

A newly discovered vulnerability, named GuardFall, affects 10 out of 11 open-source AI agents. This flaw arises from a discrepancy between how security filters evaluate commands and the way the Bash shell processes them. As a result, attackers could exploit this gap to execute unauthorized commands within these AI systems. The impact of this vulnerability is significant as it could compromise the security of various applications that rely on these AI agents. Developers and users of affected systems should take immediate action to secure their applications and prevent potential exploitation.

Read Original

Researchers at Cato AI Labs have identified two serious vulnerabilities in Cursor, an AI code editor. These flaws, named DuneSlide and tracked as CVE-2026-50548 and CVE-2026-50549, could allow an attacker to bypass the editor's safety sandbox using a seemingly harmless prompt. This means that any command could potentially be executed on a developer's computer without requiring any user interaction, such as clicks or approvals. With a severity rating of 9.8 out of 10, these vulnerabilities pose a significant risk to developers using Cursor. It is crucial for users to remain vigilant and consider the implications of these flaws on their systems and data security.

Read Original
Actively Exploited

A new Brazilian banking trojan named Ousaban is now targeting users in Spain and Portugal through phishing attacks, according to FortiGuard researchers. This malware is designed to steal sensitive banking information, posing a significant risk to individuals and financial institutions in these countries. Phishing typically involves deceptive emails or messages that trick users into revealing personal data or downloading malicious software. As Ousaban spreads, it raises concerns about the vulnerability of online banking systems and highlights the need for robust security measures among users. Both individuals and businesses in Spain and Portugal should remain vigilant against suspicious communications and take steps to protect their financial information.

Read Original

A WordPress site faced a significant spam attack that flooded its database with malicious accounts. The author utilized a tool named Claude to identify vulnerabilities in their system, while Codex helped write the necessary code to mitigate these issues. In just two days, they implemented a new defense strategy that involved 4,700 lines of code to stop the spam influx. This incident highlights the ongoing challenges many website owners face with spam attacks and the importance of proactive security measures. It serves as a reminder that vulnerabilities can often be exploited if not properly addressed, impacting website performance and user experience.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that the BlueHammer vulnerability, identified as CVE-2026-33825, is now being exploited in ransomware attacks. This flaw allows attackers to escalate privileges within Microsoft Defender, potentially giving them SYSTEM-level access. Initially, BlueHammer was just a proof-of-concept, but it has now transitioned into a real threat actively being used by cybercriminals. Organizations using Microsoft Defender should be particularly vigilant as this vulnerability poses a significant risk to their security posture. Immediate action is required to mitigate the potential impacts of these ransomware attacks as they become more widespread.

Read Original

A new attack method known as 'BioShocking' can exploit AI-powered browsers by manipulating them into considering real-world risky actions as part of a fictional scenario. This allows the browsers to bypass important safety measures, potentially leading to data theft. Researchers are concerned that this vulnerability could affect users who rely on AI for web browsing, as it may enable attackers to extract sensitive information without triggering typical security protocols. The implications are significant, as it raises questions about the reliability of AI systems in safeguarding user data. Users and companies alike need to be aware of this emerging threat and take necessary precautions to protect their information.

Read Original

Citrix has released a security update addressing six vulnerabilities in its NetScaler product line, with a particular focus on one high-severity flaw that bears a resemblance to the previously exploited CitrixBleed issue. This flaw could potentially allow attackers to exploit the system if left unpatched. Organizations using affected versions of NetScaler should prioritize applying these patches to safeguard their systems from possible exploitation. The timely response is crucial, especially given the history of similar vulnerabilities being actively targeted by cybercriminals. Users and administrators are encouraged to check their systems and ensure they are running the latest versions to mitigate any risks associated with this flaw.

Read Original

A new malware called RustDuck is actively hijacking various devices, including home routers, IP cameras, Android boxes, and poorly secured servers. The malware operates in two stages and connects these compromised devices into a botnet designed to launch Distributed Denial of Service (DDoS) attacks, effectively taking websites and online services offline. Researchers from QiAnXin's XLab have been monitoring RustDuck since February 2026 and note that its rapid evolution is particularly concerning. This highlights the vulnerability of consumer devices and poorly secured servers, which can be easily exploited by attackers. Users and organizations need to ensure their devices are secured to prevent becoming part of such a botnet.

Read Original
PreviousPage 7 of 62Next