VulnHub

A newly discovered zero-day vulnerability in the Gogs self-hosted Git service allows attackers to execute remote code on servers that are exposed to the internet. This flaw poses a significant risk to organizations using Gogs for version control, as malicious actors could potentially gain full control over affected systems. Currently, there are no patches available to fix this issue, leaving users vulnerable until a solution is released. The exploitation of this vulnerability is particularly concerning because it can lead to data breaches or further attacks within an organization's infrastructure. Users and administrators of Gogs should take immediate action to secure their installations and monitor for any unusual activity.

A recently discovered zero-day vulnerability in the LiteSpeed cPanel plugin has been exploited by attackers to execute scripts with root privileges. This security flaw poses a significant risk to users of LiteSpeed's web server and cPanel, particularly those who have not yet applied the necessary patches. The Cybersecurity and Infrastructure Security Agency (CISA) has urged immediate action to patch this vulnerability, which had been actively exploited before it was resolved last week. Failure to address this issue could leave systems vulnerable to further attacks, potentially compromising sensitive data and system integrity. Users are strongly advised to prioritize updates to safeguard their environments.

Hackers have taken advantage of a zero-day vulnerability in the KnowledgeDeliver learning management system (LMS) to install a malicious web shell known as Godzilla. This security flaw allows attackers to gain unauthorized access to systems running this LMS, potentially compromising sensitive data and disrupting services. Organizations using KnowledgeDeliver should be particularly vigilant, as the exploitation of this vulnerability could lead to significant operational and data security issues. The presence of a web shell means that attackers can execute commands remotely, making it crucial for affected users to take immediate action to secure their systems. Companies must prioritize patching and monitoring their environments to mitigate the risks associated with this exploit.

A zero-day vulnerability identified as CVE-2026-5426 has been discovered in a Japanese Learning Management System (LMS). This security flaw arises from the use of hard-coded ASP.NET machine keys, which attackers can exploit to deploy Cobalt Strike, a popular penetration testing tool that can also be used for malicious purposes. The exploitation of this vulnerability poses significant risks to educational institutions and organizations using the LMS, potentially allowing unauthorized access to sensitive information and systems. Users of the affected LMS should take immediate steps to secure their systems to prevent potential intrusions.

Trend Micro has reported a serious security vulnerability in its Apex One platform, identified as CVE-2026-34926. This flaw allows for a directory path traversal, which means attackers could potentially access files and directories outside the intended scope. The company has confirmed that this vulnerability is being actively exploited in the wild, with at least one confirmed incident. Organizations using the Apex One platform are at risk, which makes it crucial for them to act quickly. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding this vulnerability, urging affected users to take immediate action to protect their systems.

TrendAI has addressed a serious vulnerability in its Apex One security software, identified as CVE-2026-34926. This flaw is a directory traversal issue that could be exploited by attackers to gain unauthorized access to files on the system. The vulnerability specifically affects the on-premise version of Apex One, which is used by various organizations for endpoint security. Given that this vulnerability has been exploited in the wild, it poses a significant risk to users who have not yet applied the necessary updates. Companies using Apex One should prioritize applying the latest patches to safeguard their systems against potential breaches.

Microsoft has addressed a significant vulnerability in its BitLocker encryption feature, identified as YellowKey and tracked under the CVE-2026-45585 designation. This security flaw, which has a CVSS score of 6.8, allows attackers to bypass key protections, potentially exposing sensitive data on affected systems. The issue was publicly disclosed last week, prompting Microsoft to issue a mitigation to protect users. This vulnerability primarily affects Windows operating systems that utilize BitLocker for disk encryption. Given that BitLocker is widely used by businesses and individuals to secure data, the implications of this flaw are serious, making it crucial for users to implement the provided mitigation as soon as possible.

On July 23, 2025, Luxembourg experienced a major telecom outage that lasted over three hours, affecting landline, 4G, 5G, and emergency services. The disruption was reportedly caused by a zero-day vulnerability in Huawei enterprise routers. This flaw allowed attackers to exploit the system, leading to widespread communication failures across the country. The incident raised concerns about the security of telecom infrastructure and the potential risks associated with undisclosed vulnerabilities in widely used equipment. The implications of this outage are significant, as it not only disrupted everyday communications but also emergency services, highlighting the critical need for robust cybersecurity measures in telecommunications.

A newly discovered zero-day vulnerability in Microsoft Exchange, tracked as CVE-2026-42897, poses a significant risk as it allows attackers to exploit cross-site scripting (XSS) to compromise Outlook Web Access (OWA) mailboxes. This vulnerability is reportedly under active attack, meaning that malicious actors are currently trying to exploit it in the wild. Organizations using Microsoft Exchange should be particularly vigilant, as the absence of an available patch leaves their systems exposed. Without immediate remediation, users could face unauthorized access to sensitive email communications. Companies are advised to implement security measures, such as input validation and monitoring for suspicious activity, until an official patch is released.

A security researcher known as Chaotic Eclipse has disclosed a serious zero-day vulnerability in Windows called MiniPlasma, which allows attackers to gain SYSTEM privileges on fully updated Windows 11 systems. This flaw, affecting the 'cldflt.sys' file, was believed to have been patched back in 2020 under the CVE-2020-17103 designation, but it appears that the fix was either incomplete or not properly implemented. The existence of a proof-of-concept exploit for this vulnerability raises significant concerns for users and organizations, as it could allow malicious actors to escalate their privileges and potentially take control of affected systems. This issue affects all patched versions of Windows 11, meaning a wide range of users are at risk. Companies should prioritize reviewing their security protocols and consider additional monitoring to mitigate potential exploitation.

A cybersecurity researcher has disclosed a serious vulnerability in Windows, known as 'MiniPlasma', which allows attackers to escalate their privileges to SYSTEM level on fully patched systems. This zero-day exploit poses a significant risk because it can enable unauthorized access to sensitive data and system controls. Users of Windows systems, particularly those in corporate environments, should be on high alert as this exploit can potentially be used in cyberattacks. The researcher has also released a proof-of-concept (PoC) for the exploit, which can facilitate its misuse by malicious actors. This situation underscores the need for immediate attention to system security measures and vigilance against potential exploitation.