news
Security Leftovers and Windows TCO
-
Security Week ☛ Critical Adobe ColdFusion Vulnerability Exploited in Attacks
Hackers are exploiting a recently patched critical vulnerability (CVE-2026-48282) in Adobe ColdFusion that carries a CVSS score of 10/10.
-
Security Week ☛ Critical Gitea Flaw Under Active Exploitation, Researchers Warn
Attackers are exploiting the critical Gitea vulnerability CVE-2026-20896 to bypass authentication with a single HTTP header and access vulnerable repositories and secrets.
-
OpenSSF (Linux Foundation) ☛ Navigating The OpenSSF is as Easy as Floating Down A Lazy River
Navigating the vast ecosystem of the Open Source Security Foundation (OpenSSF) is now as easy as floating down a lazy river. Discover our newly curated, role-based User Journeys designed to seamlessly guide developers, security engineers, OSPO leaders, marketers, and executives to the exact tools, resources, and communities they need.
-
Security Week ☛ County Government Reportedly Paid $1 Million to Cyber Extortion Group
The alleged victim, believed to be a small Ohio county, reportedly paid the extortion group to prevent the public release of sensitive stolen data.
-
Security Week ☛ CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws
The audits are reportedly being spearheaded by CISA’s Attack Surface Evaluation team, a specialized unit tasked with conducting digital defense assessments and simulated hacking exercises.
-
LWN ☛ Security updates for Thursday
Security updates have been issued by AlmaLinux (cups, git-lfs, kernel, libsolv, libxml2, python3.12, and python3.9), Debian (chromium, dhcpcd5, and ntfs-3g), Fedora (firefox, perl-Imager, python-bcrypt, python-tiktoken, roundcubemail, and xrdp), Mageia (openssl, poppler, python-mistune, and tmux), Oracle (389-ds-base, cups, git-lfs, glibc, host-metering, kernel, libsolv, libxml2, nginx:1.24, PackageKit, python-pillow, and qemu-kvm), Red Hat (buildah, containernetworking-plugins, and skopeo), SUSE (buildah, cosign, curl, distribution, dnsmasq, glib-networking, glibc, gnutls, gstreamer-plugins-bad, ImageMagick, kernel, podman, python-cryptography, python313-django-debug-toolbar, rekor, sccache, sssd, and yelp), and Ubuntu (dotnet8, dotnet10, libslirp, luajit, python-idna, sympa, and tomcat8).
-
LWN ☛ [Old] Security updates for Tuesday
Security updates have been issued by AlmaLinux (nodejs22 and nodejs24), Fedora (clamav, hplip, kernel, kernel-headers, librabbitmq, mingw-expat, mir, perl-Imager, podman-tui, prometheus-podman-exporter, python-rpds-py, rust-ashpd, rust-busd, rust-gtk4-macros, rust-inferno, rust-quick-xml, rust-reqsign-aws-v4, rust-wayland-scanner, and sandogasa), Oracle (container-tools:rhel8, kernel, mariadb:10.11, mariadb:11.8, nginx, perl:5.32, php, php:7.4, rrdtool, ruby:2.5, ruby:3.3, ruby:4.0, and uek-kernel), Red Hat (kernel, opentelemetry-collector, and python-urllib3), Slackware (c-ares and openssh), SUSE (bind, chromedriver, cryptsetup, s390-tools, dnsmasq, jackson-annotations, jackson-core, jackson-databind, lcms2, pacemaker, perl-Cpanel-JSON-XS, perl-Crypt-SaltedHash, postfix, and python-mistune), and Ubuntu (gnutls28, gzip, openssh, php7.0, python-parsl, python3.10, python3.12, python3.14, request-tracker5, socat, sogo, and tar).
-
LWN ☛ Security updates for Monday
Security updates have been issued by Debian (chromium, libxfont, mesa, opam, and wireless-regdb), Fedora (acl, attr, chromium, cjson, composer, docker-compose, jfrog-cli, librabbitmq, libssh2, libXfont2, log4cxx, OpenImageIO, openssh, p11-kit, perl-Crypt-DSA, perl-HTML-Gumbo, prometheus, python-dulwich, python-idna, python-pillow, python-tornado, sssd, tmux, upower, webkitgtk, xorg-x11-server, and xorg-x11-server-Xwayland), Mageia (libarchive and vim), Oracle (389-ds:1.4, buildah, cups, edk2, freerdp, golang, grafana, gstreamer1-plugins-bad-free, gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, kernel, libexif, libsolv, libtasn1, libxml2, nginx:1.24, nginx:1.26, nodejs:22, nodejs:24, oci-seccomp-bpf-hook, podman, postgresql:18, python-urllib3, tigervnc, tomcat, unbound, and xorg-x11-server), Slackware (p11-kit), and SUSE (agama, dash, dracut, flannel, go1.26, gsasl, gstreamer-plugins-good, ImageMagick, imagemagick, kernel, krb5, krb5, krb5-mini, libIex-3_4-33, libmbedtls23, libxfont2, nasm, nghttp2, perl-CGI-Session, perl-dbi, perl-List-SomeUtils-XS, python-pillow, python-social-auth-app-django, python-urllib3, python313-Django4, python313-Django6, python313-pytest-html, python313-sqlparse, python313-websockets, rclone, rust-keylime, rustup, sccache, spectre-meltdown-checker, sssd, terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid, thunderbird, tiff, traefik2, xorg-x11-server, and xwayland).
-
Security Week ☛ F5 Patches Multiple NGINX, BIG-IP Vulnerabilities
Attackers could exploit the bugs to modify configurations, terminate or restart processes, cross security boundaries, leak memory, and execute code.
-
Security Week ☛ Splunk, Zoom Patch Critical Vulnerabilities
The flaws could allow attackers to access credentials and data, take over accounts, and escalate their privileges.
-
Security Week ☛ Two Scattered Spider Hackers Sentenced to Jail in UK
Thalha Jubair and Owen Flowers were prosecuted over a 2024 cyberattack targeting Transport for London (TfL).
-
Security Week ☛ Legacy Systems, Real-World Impacts: The Reality of OT Security
Legacy systems, safety concerns, and critical infrastructure risks make OT vulnerability disclosure one of cybersecurity's most challenging balancing acts.
-
Security Week ☛ ‘ClickLock Stealer’ Bypasses macOS Security With Social Engineering, Process Killing
The new macOS malware has targeted at least 100 users to steal their passwords and cryptocurrency.
-
Windows TCO / Windows Bot Nets
-
Security Week ☛ Nightmare Eclipse Drops ‘LegacyHive’ backdoored Windows Zero-Day
The researcher stripped the proof-of-concept (PoC) exploit to prevent immediate exploitation of the vulnerability.
-
Silicon Angle ☛ ‘GitLost’ vulnerability let Microsoft's proprietary prison GitHub ’s Hey Hi (AI) workflows leak private repositories
Researchers at artificial intelligence security company Noma Security Inc. today disclosed a critical prompt injection vulnerability in Microsoft's proprietary prison GitHub Inc.’s new Agentic Workflows feature that allowed an unauthenticated attacker to siphon data from private code repositories by posting a single crafted issue in a public one.
-
It's FOSS ☛ LOL! Storage Bug on Abusive Monopolist Microsoft backdoored Windows 11 Could Eat Up 500 GB Disk Space
A Abusive Monopolist Microsoft customer support agent even suggested buying a new hard disk instead of acknowledging the problem.
-