news
Security Leftovers
-
Security Week ☛ Splunk, Palo Alto Networks Patch Severe Vulnerabilities
The security defects could allow attackers to create or modify arbitrary files and access and modify protected resources.
-
Security Week ☛ Hackers Exploit Langflow Vulnerability for Remote Code Execution
Disclosed in March, the security defect enables unauthenticated attackers to write files to arbitrary locations on the system.
-
Security Week ☛ CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk
The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries.
-
Security Week ☛ Alert Fatigue Is Becoming a Security Threat of Its Own
As alert volumes outpace human capacity, organizations are turning to AI, automation, and deeper context to separate real threats from the noise.
-
Security Week ☛ Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks
Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks.
-
LWN ☛ Security updates for Friday
Security updates have been issued by AlmaLinux (.NET 10.0, .NET 8.0, .NET 9.0, bind, expat, httpd:2.4, kernel, kernel-rt, mod_http2, openssl, poppler, redis, redis:7, samba, and unbound), Debian (ironic, kernel-wedge, libinput, linux-base, and neutron), Fedora (kernel, openssl, vaultwarden, and vaultwarden-web), Mageia (erlang-hex_core, erlang-rebar3, gnupg2, and sqlite3), Red Hat (buildah, podman, and skopeo), SUSE (flannel, gdk-pixbuf-loader-libheif, gnutls, google-cloud-sap-agent, grafana, graphite2, hplip, libIex-3_4-33, libzypp, nginx, openssh, perl-DBI, perl-Git-Repository, perl-Protocol-HTTP2, python-Pygments, python-simpleeval, python311-Django4, rclone, roundcubemail, strongswan, tomcat10, tomcat11, unbound, and webkit2gtk3), and Ubuntu (apache2, dotnet8, dotnet9, dotnet10, gst-plugins-base1.0, ironic, linux-azure-5.15, linux-azure-fips, lwip, mistral, and ubuntu-kylin-software-center).
-
Hacker News ☛ China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself.
-
Windows TCO / Windows Bot Nets
-
Security Week ☛ ‘GreatXML’ Zero-Day Exploit Bypasses BitLocker
The PoC exploits Abusive Monopolist Microsoft Defender’s offline scan to spawn a SYSTEM shell when rebooting in Recovery Mode.
-
Security Week ☛ Iranian Cyber Group Handala Claims Cal Water Hack
The hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform.
-