infosec Archives • Page 10 of 45 • Daily CyberSecurity

Critical 9.8 CVSS Flaws in Qualcomm Chipsets Enable Remote Takeover Qualcomm Security Bulletin CVE-2026-25254 RCE Qualcomm Diversification, Mobile Chip Competition CVE-2023-33025

Qualcomm Security Bulletin CVE-2026-25254 RCE Qualcomm Diversification, Mobile Chip Competition CVE-2023-33025

Critical 9.8 CVSS Flaws in Qualcomm Chipsets Enable Remote Takeover

Ddos May 5, 2026

Qualcomm has released its May 2026 Security Bulletin, disclosing a series of high-impact vulnerabilities across its proprietary...

Gremlin Injection Flaw in Apache Atlas Exposes Enterprise Data CVE-2024-46910 Apache Atlas Vulnerability Gremlin Code Injection

Gremlin Injection Flaw in Apache Atlas Exposes Enterprise Data

Ddos May 5, 2026

Apache Atlas, the foundational governance service that many enterprises rely on to manage compliance and data catalogs...

Millions at Risk: Apache HTTP Server Fixes Critical Remote Code Execution Flaw CVE-2024-39884 Apache HTTP Server RCE CVE-2026-23918

Millions at Risk: Apache HTTP Server Fixes Critical Remote Code Execution Flaw

Ddos May 5, 2026

The Apache HTTP Server Project, the long-standing standard for secure and extensible web services on UNIX and...

Multi Apache Polaris Flaws Granting Unauthorized Multi-Cloud Access Apache Polaris Security Iceberg Credential Bypass

Multi Apache Polaris Flaws Granting Unauthorized Multi-Cloud Access

Ddos May 5, 2026

The Apache Polaris project, a popular open-source catalog for Apache Iceberg, has released a major security update...

Critical Zero-Click Android Flaw Grants Remote Shell Access Without Interaction Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Critical Zero-Click Android Flaw Grants Remote Shell Access Without Interaction

Ddos May 5, 2026

Google has issued an urgent warning in its May 2026 Android Security Bulletin regarding a critical vulnerability...

Apache Neethi Patches Triple Threat of DoS and Redirection Flaws Apache Neethi Vulnerabilities WS-Policy Denial of Service

Apache Neethi Patches Triple Threat of DoS and Redirection Flaws

Ddos May 5, 2026

The Apache Neethi project, a cornerstone framework used by Java developers to implement WS-Policy specifications, has released...

Maximum Severity Flaw: How a Newline Character Shattered Gotenberg’s PDF Security Gotenberg PDF RCE CVE-2026-40281

Maximum Severity Flaw: How a Newline Character Shattered Gotenberg’s PDF Security

Ddos May 5, 2026

Thousands of companies rely on Gotenberg, the Docker-based API for document-to-PDF conversion, to handle production workloads. However,...

Patch Now: GnuTLS Release 3.8.13 Fixes 12 Vulnerabilities GnuTLS Security Update DTLS Heap Overwrite GnuTLS Vulnerability CVE-2026-1584

Patch Now: GnuTLS Release 3.8.13 Fixes 12 Vulnerabilities

Ddos May 4, 2026

The GnuTLS project, a vital secure communications library used extensively across the Linux ecosystem to implement SSL,...

Sentry’s 9.1 CVSS SSO Flaw Lets Attackers “Link” Their Way Into Your Account Sentry SAML SSO Bypass CVE-2026-42354

Sentry’s 9.1 CVSS SSO Flaw Lets Attackers “Link” Their Way Into Your Account

Ddos May 4, 2026

Sentry, the widely used application monitoring and error-tracking platform, has disclosed a critical vulnerability in its SAML...

Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

Critical Collision Bug in Auth Library Merges All Patreon Users

Ddos May 4, 2026

A critical authentication vulnerability has been discovered in the popular auth library, a tool used by developers...

OpenAI Introduces Advanced Account Security to Safeguard AI Identities OpenAI Advanced Account Security Phishing-Resistant AI Authentication OpenAI Codex Security AI Application Security

OpenAI Advanced Account Security Phishing-Resistant AI Authentication OpenAI Codex Security AI Application Security

OpenAI Introduces Advanced Account Security to Safeguard AI Identities

Ddos May 4, 2026

In an era where AI interactions hold increasingly sensitive personal and professional context, OpenAI has announced the...

CVE-2026-29200: A 9.9 CVSS Comet Backup Flaw Granting Total Cross-Tenant Takeover Comet Backup RCE vulnerability CVE-2026-32999 patch Comet Backup IDOR Cross-Tenant Takeover

Comet Backup RCE vulnerability CVE-2026-32999 patch Comet Backup IDOR Cross-Tenant Takeover

CVE-2026-29200: A 9.9 CVSS Comet Backup Flaw Granting Total Cross-Tenant Takeover

Ddos May 4, 2026

Comet Backup, a prominent provider of secure backup software for IT professionals and global businesses, has issued...

The Self-Parsing Ghost: Inside Deep#Door’s Stealthy Python Backdoor Deep#Door Backdoor Python RAT Framework

The Self-Parsing Ghost: Inside Deep#Door’s Stealthy Python Backdoor

Ddos May 4, 2026

Securonix Threat Research has detailed a sophisticated new Python-based backdoor framework dubbed Deep#Door. This high-tech implant exemplifies...

Tax Audit Trap: Silver Fox Unleashes “ABCDoor” via Modified Rust Loaders ABCDoor Malware Silver Fox Phishing

Tax Audit Trap: Silver Fox Unleashes “ABCDoor” via Modified Rust Loaders

Ddos May 4, 2026

Security researchers at Kaspersky Labs have uncovered a sophisticated, multi-stage phishing campaign orchestrated by the Silver Fox...

Attackers Weaponized Kuse.ai for Stealth Phishing AI Phishing Vendor Email Compromise (VEC)

Attackers Weaponized Kuse.ai for Stealth Phishing

Ddos May 4, 2026

Security researchers at Trend Micro have uncovered a sophisticated phishing campaign that turns the burgeoning popularity of...

Apache MINA Fixes Critical RCE Vulnerabilities Apache MINA Deserialization CVE-2026-42778 RCE Apache MINA RCE CVE-2026-41635

Apache MINA Fixes Critical RCE Vulnerabilities

Ddos May 4, 2026

The Apache MINA project has issued a high-priority security release to address two critical vulnerabilities that were...

MOVEit Automation Alert: Critical Authentication Bypass Hits CVSS 9.8 MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

MOVEit Automation Alert: Critical Authentication Bypass Hits CVSS 9.8

Ddos May 4, 2026

Progress Software has issued an urgent security bulletin for MOVEit Automation users, disclosing two significant vulnerabilities that...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 27 – May 3, 2026) cPanel Authentication Bypass Architectural Mismatch

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 27 – May 3, 2026)

Ddos May 4, 2026

Welcome to your weekly vulnerability digest. As we transition from April to May, attackers are weaponizing critical...

FreeBSD DHCP Client Flaw Opens Door to Remote Code Execution as Root Privilege FreeBSD Wi-Fi RCE Vulnerability CVE-2026-45255 Patch FreeBSD dhclient Root Exploit CVE-2026-42511 FreeBSD Vulnerability - CVE-2024-7589 FreeBSD Jail Escape CVE-2025-15576