infosec Archives • Page 2 of 45 • Daily CyberSecurity

CISA Sound the Alarm: Langflow AI Platform and Trend Micro Added to KEV Catalog Due to Active Exploitation CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA KEV Catalog Updates Langflow CVE-2025-34291 Exploit SharePoint Spoofing CISA KEV Catalog Actively Exploited Vulnerability

CISA Sound the Alarm: Langflow AI Platform and Trend Micro Added to KEV Catalog Due to Active Exploitation

Ddos May 21, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two newly weaponized security vulnerabilities to its...

KongTuke Abandoning “ClickFix” to Launch Direct Microsoft Teams Attacks KongTuke Microsoft Teams Phishing ModeloRAT Initial Access Broker CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect

KongTuke Microsoft Teams Phishing ModeloRAT Initial Access Broker CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect

KongTuke Abandoning “ClickFix” to Launch Direct Microsoft Teams Attacks

Ddos May 21, 2026

Corporate collaboration platforms have officially moved to the top of the initial access broker playbook. A new...

Predating Stuxnet: How the “fast16” Malware Secretly Sabotaged Nuclear Weapons Simulations fast16 Sabotage Malware Nuclear Weapon Simulation Tampering

fast16 Sabotage Malware Nuclear Weapon Simulation Tampering

Predating Stuxnet: How the “fast16” Malware Secretly Sabotaged Nuclear Weapons Simulations

Ddos May 21, 2026

In the annals of cyber warfare, Stuxnet has long been considered the premier example of malware specifically...

PawsRunner Steganography Loader PureLogs Infostealer Campaign

New PawsRunner Steganography Loader Evades EDR to Deploy PureLogs Infostealer

Ddos May 21, 2026

The use of steganography—the ancient art of hiding secret messages inside seemingly ordinary files—is experiencing a massive...

Bypassing MFA: Gremlin Stealer Evolves into Advanced Memory-Resident Session Hijacker Gremlin Stealer Unit 42 Session Hijacking Malware

Bypassing MFA: Gremlin Stealer Evolves into Advanced Memory-Resident Session Hijacker

Ddos May 21, 2026

Information stealers are no longer just basic, entry-level scripts designed to lift saved passwords from standard browser...

Beyond Email: Attackers Hijack Microsoft Teams External Access to Launch Deep Network Compromise Microsoft Teams External Phishing Rapid7 Labs Incident Response

Microsoft Teams External Phishing Rapid7 Labs Incident Response

Beyond Email: Attackers Hijack Microsoft Teams External Access to Launch Deep Network Compromise

Ddos May 21, 2026

A newly detailed incident response investigation highlights a critical reality for corporate security teams: the perimeter of...

Ecosystem Poisoned: Mini Shai-Hulud Worm Hijacks @antv npm Packages to Target CI/CD Pipelines AntV npm Supply Chain Attack Mini Shai-Hulud npm Worm

AntV npm Supply Chain Attack Mini Shai-Hulud npm Worm

Ecosystem Poisoned: Mini Shai-Hulud Worm Hijacks @antv npm Packages to Target CI/CD Pipelines

Ddos May 21, 2026

A massive, fast-moving software supply chain attack has struck the global JavaScript development ecosystem. Over the past...

Hundreds of Millions Affected: New “nginx-poolslip” Zero-Day Weaponizes ASLR Bypass for Remote Code Execution nginx-poolslip zero-day Nginx 1.31.0 RCE

nginx-poolslip zero-day Nginx 1.31.0 RCE

Hundreds of Millions Affected: New “nginx-poolslip” Zero-Day Weaponizes ASLR Bypass for Remote Code Execution

Ddos May 21, 2026

Just when the internet thought it was safe to breathe following the patching of the notorious nginx-rift...

Signature Bypass Alert: Critical Coder Flaw (CVE-2026-46354) Exposes Git Keys and Developer Tokens Coder Token Theft Vulnerability CVE-2026-46354 Azure Identity

Coder Token Theft Vulnerability CVE-2026-46354 Azure Identity

Signature Bypass Alert: Critical Coder Flaw (CVE-2026-46354) Exposes Git Keys and Developer Tokens

Ddos May 21, 2026

Coder, the prominent self-hosted platform used by enterprises to build cloud development environments and manage AI coding...

CVSS 10.0 Alert: Critical Cisco Secure Workload Exploit Grants Unauthenticated Site Admin Access Cisco Secure Workload Vulnerability CVE-2026-20223 CVSS 10

Cisco Secure Workload Vulnerability CVE-2026-20223 CVSS 10

CVSS 10.0 Alert: Critical Cisco Secure Workload Exploit Grants Unauthenticated Site Admin Access

Ddos May 21, 2026

Cisco has issued an urgent security advisory addressing a maximum-severity vulnerability discovered within its zero-trust microsegmentation and...

Unpatched CVSS 10 Alert: ChromaDB Python Server Grants Pre-Auth RCE via Malicious Hugging Face Models ChromaDB Pre-Auth RCE CVE-2026-45829

Unpatched CVSS 10 Alert: ChromaDB Python Server Grants Pre-Auth RCE via Malicious Hugging Face Models

Ddos May 21, 2026

ChromaDB, one of the most widely adopted open-source vector databases engineered to enable semantic matching, retrieval-augmented generation...

Double Critical Threat: Google Chrome Rushes Out Urgent Fixes for WebRTC and UI Sandbox Flaws Google Chrome Security Update CVE-2026-9111 Critical Patch

Google Chrome Security Update CVE-2026-9111 Critical Patch

Double Critical Threat: Google Chrome Rushes Out Urgent Fixes for WebRTC and UI Sandbox Flaws

Ddos May 21, 2026

Google has officially released a security update for the Google Chrome Stable channel on Desktop, addressing 16...

Exploited in the Wild: Critical Drupal SQL Injection (CVE-2026-9082) Grants Attacker Root Access CVE-2022-39261 Drupal SQL Injection Vulnerability CVE-2026-9082 PostgreSQL Flaw

CVE-2022-39261 Drupal SQL Injection Vulnerability CVE-2026-9082 PostgreSQL Flaw

Exploited in the Wild: Critical Drupal SQL Injection (CVE-2026-9082) Grants Attacker Root Access

Ddos May 21, 2026

The Drupal Security Team has released an urgent advisory detailing a highly critical vulnerability lurking within the...

Unpatched SGLang Vulnerabilities (CVE-2026-7301) Expose AI Inference Pipelines to RCE SGLang RCE Vulnerability CVE-2026-7301 Zero-Day SGLang RCE AI Infrastructure Vulnerability

SGLang RCE Vulnerability CVE-2026-7301 Zero-Day SGLang RCE AI Infrastructure Vulnerability

Unpatched SGLang Vulnerabilities (CVE-2026-7301) Expose AI Inference Pipelines to RCE

Ddos May 21, 2026

The rapid adoption of large language models (LLMs) and multimodal artificial intelligence has created a brand-new frontier...

Critical RCE Exploits Exposed: Apache OFBiz Patches Severe Authentication Bypass Flaws CVE-2022-25371 - CVE-2025-26865 Apache OFBiz RCE Vulnerability CVE-2026-45434 Authentication Bypass

CVE-2022-25371 - CVE-2025-26865 Apache OFBiz RCE Vulnerability CVE-2026-45434 Authentication Bypass

Critical RCE Exploits Exposed: Apache OFBiz Patches Severe Authentication Bypass Flaws

Ddos May 21, 2026

The Apache OFBiz project has released a critical security update to patch several important vulnerabilities affecting its...

Public Exploit Exposes Root Privilege Escalation Flaw in VMware Fusion VMware Fusion TOCTOU Exploit CVE-2026-41702 PoC

Public Exploit Exposes Root Privilege Escalation Flaw in VMware Fusion

Ddos May 21, 2026

Mathieu Farrell, an independent security researcher operating under the handle @coiffeur0x90, has publicly disclosed the inner workings...

Secret Blizzard Transforms Kazuar into a Modular P2P Botnet Ecosystem Kazuar P2P Botnet Secret Blizzard Malware Evolution

Secret Blizzard Transforms Kazuar into a Modular P2P Botnet Ecosystem

Ddos May 20, 2026

The Russian state-sponsored cyber-espionage threat group widely known as Secret Blizzard is fundamentally rewriting its technical playbook....

Inside UNC6671’s “BlackFile” Cloud Extortion Campaigns UNC6671 BlackFile Cloud Attacks AiTM MFA Bypass Okta Microsoft

Inside UNC6671’s “BlackFile” Cloud Extortion Campaigns

Ddos May 20, 2026

A sophisticated identity-centric threat actor operating under the brand “BlackFile” has spent the early months of 2026...

Velvet Chollima Leaves Backend Keys Inside Critical GitLab Dead-Drop Malware Velvet Chollima GitLab Malware Tralert FX EV Certificate

Velvet Chollima Leaves Backend Keys Inside Critical GitLab Dead-Drop Malware

Ddos May 20, 2026

A routine investigation into a low-detection installer has blown the doors off a highly organized, financially motivated...

Kimsuky Core Upgrades Weaponize Rust Backdoors and VSCode Remote Tunneling Kimsuky HelloDoor Backdoor VSCode Tunneling Espionage

Kimsuky Core Upgrades Weaponize Rust Backdoors and VSCode Remote Tunneling

Ddos May 20, 2026

The prolific Korean-speaking threat actor known as Kimsuky is executing a major tactical evolution, incorporating modern programming...