<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>Samit Hota — Security Advisories</title><description>Dated vulnerability advisories and disclosure bulletins — severity, affected products, and remediation guidance.</description><link>https://samithota.com/</link><item><title>[High] New ClickLock macOS Stealer Kills Apps and Exfiltrates Passwords</title><link>https://samithota.com/security-advisories/clicklock-macos-stealer/</link><guid isPermaLink="true">https://samithota.com/security-advisories/clicklock-macos-stealer/</guid><description>A new macOS malware, &quot;ClickLock,&quot; actively terminates applications every 210 milliseconds to force users into re-typing passwords, which it then steals.</description><pubDate>Sat, 18 Jul 2026 09:06:07 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>clicklock</category><author>Samit Hota</author></item><item><title>[High] Malicious Vite npm Packages Deliver RAT via Blockchain C2 in Software Supply Chain Attack</title><link>https://samithota.com/security-advisories/vite-npm-packages-rat/</link><guid isPermaLink="true">https://samithota.com/security-advisories/vite-npm-packages-rat/</guid><description>A new campaign, &quot;ViteVenom,&quot; injects seven malicious npm packages into the Vite ecosystem, utilizing a four-tier blockchain C2 to deploy a RAT.</description><pubDate>Sat, 18 Jul 2026 09:06:07 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>vite</category><author>Samit Hota</author></item><item><title>[High] OpenSSL HollowByte Vulnerability Disclosed, Posing Denial-of-Service Risk</title><link>https://samithota.com/security-advisories/openssl-hollowbyte-dos/</link><guid isPermaLink="true">https://samithota.com/security-advisories/openssl-hollowbyte-dos/</guid><description>Okta&apos;s Red Team disclosed &quot;HollowByte,&quot; an OpenSSL denial-of-service vulnerability that can freeze server memory with minimal traffic.</description><pubDate>Sat, 18 Jul 2026 09:06:07 GMT</pubDate><category>High</category><category>Resolved</category><category>news</category><category>openssl</category><author>Samit Hota</author></item><item><title>[Critical] CISA Warns of Actively Exploited SonicWall SMA1000 Zero-Days</title><link>https://samithota.com/security-advisories/sonicwall-sma1000-zero-days/</link><guid isPermaLink="true">https://samithota.com/security-advisories/sonicwall-sma1000-zero-days/</guid><description>Two critical remote access vulnerabilities (CVE-2026-15409, CVE-2026-15410) in SonicWall SMA1000 appliances are being actively exploited.</description><pubDate>Sat, 18 Jul 2026 09:06:06 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>sonicwall</category><author>Samit Hota</author></item><item><title>[High] Morris Communications Company Discloses Data Breach Affecting Sensitive Information</title><link>https://samithota.com/security-advisories/morris-communications-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/morris-communications-data-breach/</guid><description>Questo, parent company of Morris Communications, announced a data breach affecting personal and financial data, with notifications sent July 17, 2026.</description><pubDate>Sat, 18 Jul 2026 09:06:06 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>morris</category><author>Samit Hota</author></item><item><title>[High] Inter-Con Security Systems Suffers Ransomware Attack and Data Breach by ShinyHunters</title><link>https://samithota.com/security-advisories/inter-con-security-data-breach-shinyhunters/</link><guid isPermaLink="true">https://samithota.com/security-advisories/inter-con-security-data-breach-shinyhunters/</guid><description>Inter-Con Security Systems Inc., a multinational private security company, disclosed a June 2026 data breach resulting from a ransomware attack, with…</description><pubDate>Sat, 18 Jul 2026 05:08:58 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>inter</category><author>Samit Hota</author></item><item><title>[High] HMC Fresh Foods Discloses Data Breach Exposing Sensitive Information</title><link>https://samithota.com/security-advisories/hmc-fresh-foods-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/hmc-fresh-foods-data-breach/</guid><description>HMC Fresh Foods LLC, a grape processing company, has disclosed a data breach that occurred on June 5, 2026, potentially exposing personal information of…</description><pubDate>Sat, 18 Jul 2026 05:08:58 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>hmc</category><author>Samit Hota</author></item><item><title>[Critical] GodDamn Ransomware Leverages BYOVD to Disable EDR</title><link>https://samithota.com/security-advisories/goddamn-ransomware-poisonx-byovd/</link><guid isPermaLink="true">https://samithota.com/security-advisories/goddamn-ransomware-poisonx-byovd/</guid><description>A new ransomware campaign, &quot;GodDamn Ransomware,&quot; is utilizing a Bring-Your-Own-Vulnerable-Driver (BYOVD) technique with a Microsoft-signed kernel driver to…</description><pubDate>Sat, 18 Jul 2026 05:08:58 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>goddamn</category><author>Samit Hota</author></item><item><title>[High] Ingram Content Group Suffers Data Breach, ShinyHunters Claims SSNs Exposed</title><link>https://samithota.com/security-advisories/ingram-content-group-data-breach-shinyhunters/</link><guid isPermaLink="true">https://samithota.com/security-advisories/ingram-content-group-data-breach-shinyhunters/</guid><description>Book distribution giant Ingram Content Group has been hit by a data breach, with the ShinyHunters extortion group claiming to have exfiltrated highly…</description><pubDate>Sat, 18 Jul 2026 05:08:58 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>ingram</category><author>Samit Hota</author></item><item><title>[High] Ernst &amp; Young Reports Data Breach via Third-Party Platform</title><link>https://samithota.com/security-advisories/ey-third-party-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/ey-third-party-data-breach/</guid><description>Professional services firm Ernst &amp; Young has disclosed a data breach originating from unauthorized access to a third-party platform, potentially exposing…</description><pubDate>Sat, 18 Jul 2026 05:08:58 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>ey</category><author>Samit Hota</author></item><item><title>[High] Abbott Laboratories Investigates Two Separate Cyber Incidents</title><link>https://samithota.com/security-advisories/abbott-laboratories-dual-cyber-incidents/</link><guid isPermaLink="true">https://samithota.com/security-advisories/abbott-laboratories-dual-cyber-incidents/</guid><description>Healthcare giant Abbott Laboratories is investigating two distinct cyber incidents affecting its legacy Exact Sciences systems and its LabCentral customer…</description><pubDate>Sat, 18 Jul 2026 05:08:58 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>abbott</category><author>Samit Hota</author></item><item><title>[Critical] Critical RCE and SQLi Vulnerabilities Patched in WordPress Core</title><link>https://samithota.com/security-advisories/wordpress-core-rce-cve-2026-63030-cve-2026-60137/</link><guid isPermaLink="true">https://samithota.com/security-advisories/wordpress-core-rce-cve-2026-63030-cve-2026-60137/</guid><description>Two critical vulnerabilities, an unauthenticated SQL injection and an unauthenticated remote code execution flaw, have been patched in WordPress Core versions…</description><pubDate>Sat, 18 Jul 2026 05:08:58 GMT</pubDate><category>Critical</category><category>Resolved</category><category>news</category><category>wordpress</category><author>Samit Hota</author></item><item><title>[High] GoldDigger Android Banking Trojan Poses Evolving Mobile Threat</title><link>https://samithota.com/security-advisories/golddigger-android-banking-trojan-threat/</link><guid isPermaLink="true">https://samithota.com/security-advisories/golddigger-android-banking-trojan-threat/</guid><description>The GoldDigger Android Banking Trojan is highlighted as an evolving threat, capable of credential compromise and data exposure through mobile ecosystems.</description><pubDate>Fri, 17 Jul 2026 18:32:52 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>golddigger</category><author>Samit Hota</author></item><item><title>[High] Aura Identity Protection Discloses Data Breach via Voice Phishing</title><link>https://samithota.com/security-advisories/aura-identity-protection-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/aura-identity-protection-data-breach/</guid><description>An employee account at Aura, an identity protection company, was compromised via voice phishing, exposing 900,000 marketing records.</description><pubDate>Fri, 17 Jul 2026 18:32:52 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>aura</category><author>Samit Hota</author></item><item><title>[Critical] Actively Exploited Zero-Days in Microsoft SharePoint and AD FS Demand Immediate Patching</title><link>https://samithota.com/security-advisories/microsoft-sharepoint-adfs-zero-days-exploited/</link><guid isPermaLink="true">https://samithota.com/security-advisories/microsoft-sharepoint-adfs-zero-days-exploited/</guid><description>Microsoft has addressed two actively exploited zero-day vulnerabilities in SharePoint Server and Active Directory Federation Services.</description><pubDate>Fri, 17 Jul 2026 18:32:52 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>microsoft</category><author>Samit Hota</author></item><item><title>[High] BL4CK SP1D3R Ransomware Discovered, Employing Double-Extortion Tactics</title><link>https://samithota.com/security-advisories/new-bl4ck-sp1d3r-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/new-bl4ck-sp1d3r-ransomware/</guid><description>A newly identified ransomware, BL4CK SP1D3R, has been found using encryption and double-extortion tactics, targeting Windows systems.</description><pubDate>Fri, 17 Jul 2026 14:11:52 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>new</category><author>Samit Hota</author></item><item><title>[Critical] Critical Authentication Bypass in Oracle E-Business Suite Added to CISA KEV</title><link>https://samithota.com/security-advisories/oracle-ebs-auth-bypass-cve-2026-46817/</link><guid isPermaLink="true">https://samithota.com/security-advisories/oracle-ebs-auth-bypass-cve-2026-46817/</guid><description>CISA added a critical Oracle E-Business Suite vulnerability (CVE-2026-46817) allowing unauthenticated remote takeover to its KEV catalog due to active…</description><pubDate>Fri, 17 Jul 2026 14:11:52 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>oracle</category><author>Samit Hota</author></item><item><title>[High] Nichirei Corp. Suffers Cyberattack, Disrupting Food and Cold Chain Operations</title><link>https://samithota.com/security-advisories/nichirei-cyberattack/</link><guid isPermaLink="true">https://samithota.com/security-advisories/nichirei-cyberattack/</guid><description>Japanese food and logistics giant Nichirei Corp. confirmed a cyberattack causing system failures and operational disruptions across its group.</description><pubDate>Fri, 17 Jul 2026 14:11:52 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>nichirei</category><author>Samit Hota</author></item><item><title>[High] Locus Technologies Discloses Data Breach Exposing Social Security Numbers</title><link>https://samithota.com/security-advisories/locus-technologies-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/locus-technologies-data-breach/</guid><description>Environmental software company Locus Technologies has disclosed a data breach resulting in the exposure of Social Security Numbers for an undisclosed number…</description><pubDate>Fri, 17 Jul 2026 09:26:34 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>locus</category><author>Samit Hota</author></item><item><title>[High] Fairlife Halts US Production Following Cyberattack on Operational Systems</title><link>https://samithota.com/security-advisories/fairlife-production-halt-cyberattack/</link><guid isPermaLink="true">https://samithota.com/security-advisories/fairlife-production-halt-cyberattack/</guid><description>Dairy company Fairlife, owned by Coca-Cola, has temporarily suspended U.S. production operations after unauthorized access to its production-related systems.</description><pubDate>Fri, 17 Jul 2026 09:26:34 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>fairlife</category><author>Samit Hota</author></item><item><title>[High] Romania&apos;s National Land Registry Hit by Cyberattack, Data Theft Claimed</title><link>https://samithota.com/security-advisories/romania-ancpi-cyberattack/</link><guid isPermaLink="true">https://samithota.com/security-advisories/romania-ancpi-cyberattack/</guid><description>A cyberattack has severely disrupted Romania&apos;s National Agency for Cadastre and Land Registration (ANCPI), with threat actors claiming data exfiltration and…</description><pubDate>Fri, 17 Jul 2026 09:26:34 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>romania</category><author>Samit Hota</author></item><item><title>[Critical] Malicious Code Injected into Popular AsyncAPI npm Packages via GitHub Actions Exploit</title><link>https://samithota.com/security-advisories/asyncapi-npm-supply-chain-attack/</link><guid isPermaLink="true">https://samithota.com/security-advisories/asyncapi-npm-supply-chain-attack/</guid><description>Attackers leveraged a GitHub Actions workflow to inject credential-stealing malware into AsyncAPI npm packages with millions of weekly downloads.</description><pubDate>Fri, 17 Jul 2026 09:26:34 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>asyncapi</category><author>Samit Hota</author></item><item><title>[Critical] Files Related to India&apos;s Largest Nuclear Plant Exposed in Data Breach</title><link>https://samithota.com/security-advisories/kudankulam-nuclear-plant-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/kudankulam-nuclear-plant-data-breach/</guid><description>Ransomware group World Leaks has published a significant cache of files linked to India&apos;s Kudankulam Nuclear Power Plant, originating from Reliance Group.</description><pubDate>Fri, 17 Jul 2026 09:26:34 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>kudankulam</category><author>Samit Hota</author></item><item><title>[Critical] Critical Fortinet FortiSandbox OS Command Injection Under Active Exploitation…</title><link>https://samithota.com/security-advisories/cve-2026-39808-fortisandbox/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-39808-fortisandbox/</guid><description>An unauthenticated OS command injection vulnerability in Fortinet FortiSandbox (CVE-2026-39808) poses critical risk, allowing unauthorized code execution via…</description><pubDate>Fri, 17 Jul 2026 09:25:18 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>fortinet</category><author>Samit Hota</author></item><item><title>[Critical] Critical OS Command Injection in FortiSandbox: Immediate Action Required</title><link>https://samithota.com/security-advisories/cve-2026-25089-fortisandbox/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-25089-fortisandbox/</guid><description>A critical unauthenticated OS command injection vulnerability (CVE-2026-25089) in Fortinet FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS allows…</description><pubDate>Fri, 17 Jul 2026 09:24:48 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>fortinet</category><author>Samit Hota</author></item><item><title>[Critical] Critical SharePoint RCE (CVE-2026-58644) Actively Exploited – Immediate Action Required</title><link>https://samithota.com/security-advisories/cve-2026-58644-sharepoint/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-58644-sharepoint/</guid><description>A critical deserialization vulnerability (CVE-2026-58644) in Microsoft SharePoint Server is under active exploitation, enabling unauthenticated remote code…</description><pubDate>Thu, 16 Jul 2026 18:38:08 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>microsoft</category><author>Samit Hota</author></item><item><title>[High] PhantomEnigma Campaign Hijacks Brazilian Government Websites for Malware Delivery</title><link>https://samithota.com/security-advisories/hijacked-brazilian-gov-websites-phantom-enigma/</link><guid isPermaLink="true">https://samithota.com/security-advisories/hijacked-brazilian-gov-websites-phantom-enigma/</guid><description>A new campaign, &quot;PhantomEnigma,&quot; has compromised over 20 Brazilian government websites, turning them into malware delivery channels.</description><pubDate>Thu, 16 Jul 2026 14:32:36 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>hijacked</category><author>Samit Hota</author></item><item><title>[High] New Spirals Ransomware Encrypts Victim Networks in Under 24 Hours</title><link>https://samithota.com/security-advisories/spirals-ransomware-rapid-encryption/</link><guid isPermaLink="true">https://samithota.com/security-advisories/spirals-ransomware-rapid-encryption/</guid><description>A new ransomware variant, &quot;Spirals,&quot; is capable of encrypting victim networks rapidly, often within 24 hours of infiltration.</description><pubDate>Thu, 16 Jul 2026 14:32:36 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>spirals</category><author>Samit Hota</author></item><item><title>[High] Microsoft Hyper-V Privilege Escalation Vulnerability (CVE-2026-54129) Disclosed</title><link>https://samithota.com/security-advisories/microsoft-hyper-v-netvsc-lpe-cve-2026-54129/</link><guid isPermaLink="true">https://samithota.com/security-advisories/microsoft-hyper-v-netvsc-lpe-cve-2026-54129/</guid><description>A local privilege escalation vulnerability (CVE-2026-54129) in Microsoft Hyper-V&apos;s netvsc.sys driver allows guest VM compromise.</description><pubDate>Thu, 16 Jul 2026 14:32:36 GMT</pubDate><category>High</category><category>Mitigated</category><category>news</category><category>microsoft</category><author>Samit Hota</author></item><item><title>[Critical] Critical SAP NetWeaver ABAP Flaw (CVE-2026-44747) Poses High Risk to Enterprises</title><link>https://samithota.com/security-advisories/sap-netweaver-abap-cvss-9-9-flaw/</link><guid isPermaLink="true">https://samithota.com/security-advisories/sap-netweaver-abap-cvss-9-9-flaw/</guid><description>SAP has patched CVE-2026-44747, a critical 9.9 CVSS vulnerability in NetWeaver ABAP allowing data exposure or modification.</description><pubDate>Thu, 16 Jul 2026 14:32:36 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>sap</category><author>Samit Hota</author></item><item><title>[High] Australian Healthcare Provider Partnered Health Suffers Major Data Breach</title><link>https://samithota.com/security-advisories/partnered-health-australia-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/partnered-health-australia-data-breach/</guid><description>Partnered Health, an Australian healthcare provider, experienced a data breach exposing medical records of patients.</description><pubDate>Thu, 16 Jul 2026 14:32:36 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>partnered</category><author>Samit Hota</author></item><item><title>[Critical] Critical Zoom for Windows Vulnerability Allows Unauthenticated Account Takeover</title><link>https://samithota.com/security-advisories/zoom-windows-account-takeover-cve-2026-53412/</link><guid isPermaLink="true">https://samithota.com/security-advisories/zoom-windows-account-takeover-cve-2026-53412/</guid><description>A critical vulnerability in Zoom Workplace for Windows (CVE-2026-53412) enables unauthenticated attackers to hijack accounts.</description><pubDate>Thu, 16 Jul 2026 14:32:36 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>zoom</category><author>Samit Hota</author></item><item><title>[Critical] Critical Authentication Bypass Vulnerability Patched in VMware Avi Load Balancer</title><link>https://samithota.com/security-advisories/vmware-avi-critical-auth-bypass/</link><guid isPermaLink="true">https://samithota.com/security-advisories/vmware-avi-critical-auth-bypass/</guid><description>A critical authentication bypass vulnerability (CVE-2026-47865) affecting VMware Avi Load Balancer allows unauthenticated network access to the control plane.</description><pubDate>Thu, 16 Jul 2026 09:34:03 GMT</pubDate><category>Critical</category><category>Resolved</category><category>news</category><category>vmware</category><author>Samit Hota</author></item><item><title>[High] Easypak Discloses Data Breach Exposing Social Security Numbers and Medical Records</title><link>https://samithota.com/security-advisories/easypak-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/easypak-data-breach/</guid><description>Packaging manufacturer Easypak confirmed a data breach, with the Akira ransomware group claiming responsibility for stealing 67GB of corporate and personal…</description><pubDate>Thu, 16 Jul 2026 09:34:03 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>easypak</category><author>Samit Hota</author></item><item><title>[High] Nightmare Eclipse Drops Unpatched &apos;LegacyHive&apos; Windows Privilege Escalation Zero-Day</title><link>https://samithota.com/security-advisories/legacyhive-windows-privilege-escalation/</link><guid isPermaLink="true">https://samithota.com/security-advisories/legacyhive-windows-privilege-escalation/</guid><description>A new Windows zero-day vulnerability, dubbed &apos;LegacyHive,&apos; has been publicly disclosed, enabling local privilege escalation on patched systems.</description><pubDate>Thu, 16 Jul 2026 09:34:03 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>legacyhive</category><author>Samit Hota</author></item><item><title>[High] CISA Adds Two New Actively Exploited Vulnerabilities to KEV Catalog</title><link>https://samithota.com/security-advisories/cisa-kev-knx-oracle-ebs/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cisa-kev-knx-oracle-ebs/</guid><description>CISA has added CVE-2023-4346 affecting KNX Association and CVE-2026-46817 affecting Oracle E-Business Suite to its Known Exploited Vulnerabilities Catalog.</description><pubDate>Thu, 16 Jul 2026 05:24:49 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>cisa</category><author>Samit Hota</author></item><item><title>[High] Google Chrome Addresses Multiple Vulnerabilities, Including RCE and DoS</title><link>https://samithota.com/security-advisories/google-chrome-multiple-vulnerabilities-update/</link><guid isPermaLink="true">https://samithota.com/security-advisories/google-chrome-multiple-vulnerabilities-update/</guid><description>Google has released an urgent update for Chrome, version 150.0.7871.124/.125, patching numerous vulnerabilities including remote code execution and…</description><pubDate>Thu, 16 Jul 2026 05:24:49 GMT</pubDate><category>High</category><category>Resolved</category><category>news</category><category>google</category><author>Samit Hota</author></item><item><title>[Critical] Critical Remote Code Execution Vulnerability in ServiceNow AI Platform Patched</title><link>https://samithota.com/security-advisories/servicenow-ai-rce-vulnerability/</link><guid isPermaLink="true">https://samithota.com/security-advisories/servicenow-ai-rce-vulnerability/</guid><description>A critical remote code execution flaw in the ServiceNow AI platform, CVE-2026-6875, has been patched, allowing unauthenticated attackers to execute arbitrary…</description><pubDate>Thu, 16 Jul 2026 05:24:49 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>servicenow</category><author>Samit Hota</author></item><item><title>[High] Advisory: Critical KNX Protocol Lockout Vulnerability (CVE-2023-4346)</title><link>https://samithota.com/security-advisories/cve-2023-4346-knx-protocol-connection-authorization-option-1/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2023-4346-knx-protocol-connection-authorization-option-1/</guid><description>An overly restrictive account lockout mechanism in KNX Protocol Connection Authorization Option 1 allows attackers to purge devices and lock them.</description><pubDate>Wed, 15 Jul 2026 18:36:25 GMT</pubDate><category>High</category><category>Open</category><category>kev</category><category>knx-association</category><author>Samit Hota</author></item><item><title>[Critical] BeyondTrust Patches Two Critical Authentication Bypass Vulnerabilities</title><link>https://samithota.com/security-advisories/beyondtrust-critical-patches/</link><guid isPermaLink="true">https://samithota.com/security-advisories/beyondtrust-critical-patches/</guid><description>BeyondTrust has released patches for two critical authentication bypass vulnerabilities found in its Remote Support and Privileged Remote Access products,…</description><pubDate>Wed, 15 Jul 2026 14:19:34 GMT</pubDate><category>Critical</category><category>Resolved</category><category>news</category><category>beyondtrust</category><author>Samit Hota</author></item><item><title>[Critical] Critical Vulnerability in Zimbra Email Service Allows Malicious Code Execution</title><link>https://samithota.com/security-advisories/zimbra-email-service-vulnerability/</link><guid isPermaLink="true">https://samithota.com/security-advisories/zimbra-email-service-vulnerability/</guid><description>A critical security flaw in Zimbra&apos;s Classic Web Client allows specially crafted emails to execute malicious code within a user&apos;s session, potentially…</description><pubDate>Wed, 15 Jul 2026 14:19:34 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>zimbra</category><author>Samit Hota</author></item><item><title>[High] Deutsche Bank Confirms Cyber Incident Following Ransomware Group&apos;s Claims</title><link>https://samithota.com/security-advisories/deutsche-bank-third-party-incident/</link><guid isPermaLink="true">https://samithota.com/security-advisories/deutsche-bank-third-party-incident/</guid><description>Deutsche Bank confirmed a cybersecurity incident involving a third-party service provider after the Unsafe ransomware group claimed to have breached the…</description><pubDate>Wed, 15 Jul 2026 14:19:34 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>deutsche</category><author>Samit Hota</author></item><item><title>[Critical] CISA Adds Four Actively Exploited Vulnerabilities, Including SonicWall and Microsoft…</title><link>https://samithota.com/security-advisories/cisa-four-kev-sonicwall-microsoft/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cisa-four-kev-sonicwall-microsoft/</guid><description>CISA has added four new vulnerabilities, two affecting SonicWall SMA1000 appliances and two impacting Microsoft Active Directory Federation Services and…</description><pubDate>Wed, 15 Jul 2026 14:19:34 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>cisa</category><author>Samit Hota</author></item><item><title>[Critical] Global IT Outage Disrupts Banks and Flights Following Zero-Day Cyberattack</title><link>https://samithota.com/security-advisories/global-it-outage-zero-day-attack/</link><guid isPermaLink="true">https://samithota.com/security-advisories/global-it-outage-zero-day-attack/</guid><description>A coordinated global IT outage, suspected to be a zero-day cyberattack, has paralyzed critical infrastructure worldwide, affecting major financial…</description><pubDate>Wed, 15 Jul 2026 14:19:34 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>global</category><author>Samit Hota</author></item><item><title>[High] China-Linked APT Group Exploits Roundcube Flaws in Cyberespionage Campaign</title><link>https://samithota.com/security-advisories/china-roundcube-espionage/</link><guid isPermaLink="true">https://samithota.com/security-advisories/china-roundcube-espionage/</guid><description>Proofpoint warns of UNK_MassTraction, a China-linked threat actor, actively exploiting multiple vulnerabilities in Roundcube email servers for cyberespionage…</description><pubDate>Wed, 15 Jul 2026 09:27:21 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>china</category><author>Samit Hota</author></item><item><title>[Critical] Microsoft July 2026 Patch Tuesday Addresses Critical Zero-Days and Information Leaks</title><link>https://samithota.com/security-advisories/microsoft-july-2026-patch-tuesday/</link><guid isPermaLink="true">https://samithota.com/security-advisories/microsoft-july-2026-patch-tuesday/</guid><description>Microsoft&apos;s latest Patch Tuesday delivers crucial security updates, including fixes for the actively exploited &quot;RoguePlanet&quot; flaw and a Windows Cryptographic…</description><pubDate>Wed, 15 Jul 2026 09:27:21 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>microsoft</category><author>Samit Hota</author></item><item><title>[High] Advisory: Critical Code Injection in SonicWall SMA1000 Appliances</title><link>https://samithota.com/security-advisories/cve-2026-15410-sma1000-appliances/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-15410-sma1000-appliances/</guid><description>A code injection vulnerability (CVE-2026-15410) in SonicWall SMA1000 appliances could allow remote authenticated administrators to execute OS commands.</description><pubDate>Wed, 15 Jul 2026 09:26:23 GMT</pubDate><category>High</category><category>Open</category><category>kev</category><category>sonicwall</category><author>Samit Hota</author></item><item><title>[Critical] Critical SonicWall SMA1000 SSRF Demands Immediate Action</title><link>https://samithota.com/security-advisories/cve-2026-15409-sma1000-appliances/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-15409-sma1000-appliances/</guid><description>A critical server-side request forgery vulnerability (CVE-2026-15409) in SonicWall SMA1000 Appliances requires immediate mitigation to prevent potential…</description><pubDate>Wed, 15 Jul 2026 09:26:13 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>sonicwall</category><author>Samit Hota</author></item><item><title>[Medium] Urgent Advisory: SharePoint Zero-Day Under Active Exploitation - CVE-2026-56164</title><link>https://samithota.com/security-advisories/cve-2026-56164-sharepoint-server/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-56164-sharepoint-server/</guid><description>An actively exploited missing authentication vulnerability (CVE-2026-56164) in Microsoft SharePoint Server allows unauthenticated privilege elevation,…</description><pubDate>Wed, 15 Jul 2026 09:26:01 GMT</pubDate><category>Medium</category><category>Open</category><category>kev</category><category>microsoft</category><author>Samit Hota</author></item><item><title>[High] Urgent: Actively Exploited Microsoft ADFS Privilege Elevation Vulnerability…</title><link>https://samithota.com/security-advisories/cve-2026-56155-active-directory-federation-services/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-56155-active-directory-federation-services/</guid><description>An actively exploited zero-day privilege elevation vulnerability in Microsoft Active Directory Federation Services (CVE-2026-56155) demands immediate patching…</description><pubDate>Tue, 14 Jul 2026 18:36:03 GMT</pubDate><category>High</category><category>Open</category><category>kev</category><category>microsoft</category><author>Samit Hota</author></item><item><title>[Critical] Critical Backdoor (CVE-2026-11405) Found in Multiple Tenda Router Models</title><link>https://samithota.com/security-advisories/tenda-router-backdoor/</link><guid isPermaLink="true">https://samithota.com/security-advisories/tenda-router-backdoor/</guid><description>An undocumented authentication backdoor (CVE-2026-11405) has been discovered in several Tenda router models, granting unauthorized administrative access.</description><pubDate>Tue, 14 Jul 2026 14:23:35 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>tenda</category><author>Samit Hota</author></item><item><title>[High] DHS Homeland Security Network Intrusion Dismissed Twice Before Confirmation</title><link>https://samithota.com/security-advisories/dhs-hsin-false-positives/</link><guid isPermaLink="true">https://samithota.com/security-advisories/dhs-hsin-false-positives/</guid><description>The U.S. Department of Homeland Security&apos;s Homeland Security Information Network (HSIN) was breached after personnel twice dismissed signs of intruders as…</description><pubDate>Tue, 14 Jul 2026 14:23:35 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>dhs</category><author>Samit Hota</author></item><item><title>[High] Nihon Kotsu Suffers Major Cyberattack, Disrupting Japan&apos;s Largest Taxi Operations</title><link>https://samithota.com/security-advisories/nihon-kotsu-cyberattack/</link><guid isPermaLink="true">https://samithota.com/security-advisories/nihon-kotsu-cyberattack/</guid><description>Japan&apos;s largest taxi and chauffeur operator, Nihon Kotsu, experienced a significant malware infection, leading to a shutdown of critical IT systems.</description><pubDate>Tue, 14 Jul 2026 14:23:35 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>nihon</category><author>Samit Hota</author></item><item><title>[Critical] JadePuffer: Autonomous LLM-Driven Ransomware Operation Exploits Langflow CVE</title><link>https://samithota.com/security-advisories/jadepuffer-autonomous-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/jadepuffer-autonomous-ransomware/</guid><description>Researchers have profiled JadePuffer, an autonomous ransomware operation leveraging Large Language Models to conduct intrusions and exploit CVE-2025-3248 in…</description><pubDate>Tue, 14 Jul 2026 14:23:35 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>jadepuffer</category><author>Samit Hota</author></item><item><title>[Informational] U.S. Treasury Sanctions 1VPNS and Individuals for Enabling Ransomware Attacks</title><link>https://samithota.com/security-advisories/treasury-sanctions-1vpns-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/treasury-sanctions-1vpns-ransomware/</guid><description>The U.S. Treasury Department has sanctioned 1VPNS and two individuals for providing infrastructure and tools that enable ransomware operations against…</description><pubDate>Tue, 14 Jul 2026 09:21:56 GMT</pubDate><category>Informational</category><category>Open</category><category>news</category><category>treasury</category><author>Samit Hota</author></item><item><title>[High] New OAuth Client ID Spoofing Technique Exploited to Target Microsoft Entra User Data</title><link>https://samithota.com/security-advisories/oauth-client-id-spoofing-microsoft-entra/</link><guid isPermaLink="true">https://samithota.com/security-advisories/oauth-client-id-spoofing-microsoft-entra/</guid><description>Threat actors are employing a novel OAuth client ID spoofing technique to collect Microsoft Entra user data without triggering typical security alerts.</description><pubDate>Tue, 14 Jul 2026 09:21:56 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>oauth</category><author>Samit Hota</author></item><item><title>[Critical] CISA Adds Actively Exploited Cisco IOS CSRF Vulnerability to KEV Catalog</title><link>https://samithota.com/security-advisories/cisa-kev-cisco-ios-csrf-cve-2008-4128/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cisa-kev-cisco-ios-csrf-cve-2008-4128/</guid><description>CISA has added an old Cisco IOS Cross-Site Request Forgery vulnerability (CVE-2008-4128) to its KEV catalog due to active exploitation.</description><pubDate>Tue, 14 Jul 2026 09:21:56 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>cisa</category><author>Samit Hota</author></item><item><title>[High] Inter-Con Security Systems Under Investigation Following ShinyHunters Data Breach Claim</title><link>https://samithota.com/security-advisories/intercon-security-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/intercon-security-data-breach/</guid><description>Inter-Con Security Systems, a multinational private security company, is under investigation following claims by ShinyHunters of breaching 2.7 million records.</description><pubDate>Tue, 14 Jul 2026 09:21:56 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>intercon</category><author>Samit Hota</author></item><item><title>[High] Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft</title><link>https://samithota.com/security-advisories/forg365-microsoft365-phaas/</link><guid isPermaLink="true">https://samithota.com/security-advisories/forg365-microsoft365-phaas/</guid><description>A new phishing-as-a-service (PhaaS) operation, Forg365, is actively targeting Microsoft 365 tenants with device code phishing and adversary-in-the-middle…</description><pubDate>Tue, 14 Jul 2026 05:14:12 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>forg365</category><author>Samit Hota</author></item><item><title>[High] NSA and Partners Warn of Russian State-Sponsored Router Targeting</title><link>https://samithota.com/security-advisories/nsa-cisa-russian-router-targeting/</link><guid isPermaLink="true">https://samithota.com/security-advisories/nsa-cisa-russian-router-targeting/</guid><description>NSA, CISA, and international partners issued a joint advisory detailing ongoing Russian FSB exploitation of poorly configured routers targeting critical…</description><pubDate>Tue, 14 Jul 2026 05:14:12 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>nsa</category><author>Samit Hota</author></item><item><title>[Medium] Lidl Online Shop Customers Affected by Third-Party Data Breach</title><link>https://samithota.com/security-advisories/lidl-online-shop-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/lidl-online-shop-data-breach/</guid><description>Lidl has informed online shop customers in Germany, Belgium, and the Netherlands of a data breach at an external IT service provider.</description><pubDate>Tue, 14 Jul 2026 05:14:12 GMT</pubDate><category>Medium</category><category>Open</category><category>news</category><category>lidl</category><author>Samit Hota</author></item><item><title>[Critical] Injective Labs Suffers Supply Chain Attack Via Malicious npm Packages</title><link>https://samithota.com/security-advisories/injective-labs-supply-chain-compromise/</link><guid isPermaLink="true">https://samithota.com/security-advisories/injective-labs-supply-chain-compromise/</guid><description>Blockchain software developer Injective Labs experienced a supply chain compromise involving malicious npm packages that exfiltrated crypto wallet keys.</description><pubDate>Tue, 14 Jul 2026 05:14:12 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>injective</category><author>Samit Hota</author></item><item><title>[High] Moody Bible Institute Breach Exposes 2.3 Million Records via ShinyHunters</title><link>https://samithota.com/security-advisories/moody-bible-institute-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/moody-bible-institute-data-breach/</guid><description>Moody Bible Institute has disclosed a data breach affecting over 2.3 million individuals, with the ShinyHunters group publishing stolen data.</description><pubDate>Tue, 14 Jul 2026 05:14:12 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>moody</category><author>Samit Hota</author></item><item><title>[Medium] Advisory: Critical Cisco IOS CSRF Vulnerability (CVE-2008-4128) Actively Exploited</title><link>https://samithota.com/security-advisories/cve-2008-4128-ios/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2008-4128-ios/</guid><description>CISA warns of active exploitation of CVE-2008-4128, a critical Cross-Site Request Forgery vulnerability in Cisco IOS 12.4, by state-sponsored actors.</description><pubDate>Mon, 13 Jul 2026 18:54:22 GMT</pubDate><category>Medium</category><category>Open</category><category>kev</category><category>cisco</category><author>Samit Hota</author></item><item><title>[High] Irish Consultancy eclective.ie Hit by m3rx Ransomware Group</title><link>https://samithota.com/security-advisories/eclective-ie-m3rx-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/eclective-ie-m3rx-ransomware/</guid><description>Irish organization eclective.ie has fallen victim to a ransomware attack by the m3rx group, underscoring ongoing ransomware threats.</description><pubDate>Mon, 13 Jul 2026 15:21:11 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>eclective</category><author>Samit Hota</author></item><item><title>[High] CSA Warns of Critical Integer Overflow Vulnerability in Windows File System Proxy (WinFsp)</title><link>https://samithota.com/security-advisories/winfsp-integer-overflow-vulnerability/</link><guid isPermaLink="true">https://samithota.com/security-advisories/winfsp-integer-overflow-vulnerability/</guid><description>A critical integer overflow vulnerability (CVE-2026-7162) in WinFsp, an open-source Windows file system software, allows attackers to achieve system-level…</description><pubDate>Mon, 13 Jul 2026 15:21:11 GMT</pubDate><category>High</category><category>Mitigated</category><category>news</category><category>winfsp</category><author>Samit Hota</author></item><item><title>[Critical] Latvijas Valsts Meži Suffers Ransomware Attack, 44GB Data Leaked</title><link>https://samithota.com/security-advisories/latvijas-valsts-mezi-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/latvijas-valsts-mezi-ransomware/</guid><description>Latvia&apos;s state-owned forestry company, Latvijas Valsts Meži, was hit by a ransomware attack that disrupted systems and led to the leakage of 44GB of internal…</description><pubDate>Mon, 13 Jul 2026 15:21:11 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>latvijas</category><author>Samit Hota</author></item><item><title>[High] Centers Laboratory Discloses Breach Affecting Over 540,000 Individuals</title><link>https://samithota.com/security-advisories/centers-laboratory-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/centers-laboratory-data-breach/</guid><description>Healthcare diagnostics provider Centers Laboratory disclosed a data breach exposing personal and medical information of over 540,000 individuals.</description><pubDate>Mon, 13 Jul 2026 15:21:11 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>centers</category><author>Samit Hota</author></item><item><title>[Critical] CISA Adds Actively Exploited Joomla iCagenda and Balbooa Forms RCEs to KEV Catalog</title><link>https://samithota.com/security-advisories/joomla-extension-rce-cisa-kev/</link><guid isPermaLink="true">https://samithota.com/security-advisories/joomla-extension-rce-cisa-kev/</guid><description>Critical remote code execution vulnerabilities in Joomla&apos;s iCagenda and Balbooa Forms extensions are being actively exploited in the wild.</description><pubDate>Mon, 13 Jul 2026 15:21:11 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>joomla</category><author>Samit Hota</author></item><item><title>[Critical] EU Condemns Russia&apos;s State-Sponsored Cyber Activities, Exposes FSB&apos;s Role</title><link>https://samithota.com/security-advisories/eu-denounces-russia-cyber-ecosystem/</link><guid isPermaLink="true">https://samithota.com/security-advisories/eu-denounces-russia-cyber-ecosystem/</guid><description>The European Union and its member states have denounced Russia&apos;s malicious cyber ecosystem, identifying the FSB&apos;s 16th Centre as controlling groups like TURLA.</description><pubDate>Mon, 13 Jul 2026 10:38:52 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>eu</category><author>Samit Hota</author></item><item><title>[High] Aflac Japan Subsidiary Breach Exposes 4.38 Million Customer Records</title><link>https://samithota.com/security-advisories/aflac-customer-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/aflac-customer-data-breach/</guid><description>Insurance giant Aflac disclosed a breach affecting its Japan subsidiary, exposing personal and bank account data for approximately 4.38 million customers.</description><pubDate>Mon, 13 Jul 2026 10:38:52 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>aflac</category><author>Samit Hota</author></item><item><title>[Critical] ShinyHunters Leverages Oracle PeopleSoft Flaw, Breaches 100+ Orgs</title><link>https://samithota.com/security-advisories/shinyhunters-oracle-peoplesoft-nissan-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/shinyhunters-oracle-peoplesoft-nissan-breach/</guid><description>The ShinyHunters group exploited an Oracle PeopleSoft vulnerability to breach over 100 organizations, including Nissan, exfiltrating sensitive employee data.</description><pubDate>Mon, 13 Jul 2026 10:38:52 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>shinyhunters</category><author>Samit Hota</author></item><item><title>[High] CISA Adds Actively Exploited SharePoint RCE (CVE-2026-45659) to KEV Catalog</title><link>https://samithota.com/security-advisories/sharepoint-rce-cve-2026-45659-kev/</link><guid isPermaLink="true">https://samithota.com/security-advisories/sharepoint-rce-cve-2026-45659-kev/</guid><description>CISA has added a high-severity remote code execution vulnerability in Microsoft SharePoint Server to its KEV catalog due to active exploitation.</description><pubDate>Mon, 13 Jul 2026 10:38:52 GMT</pubDate><category>High</category><category>Mitigated</category><category>news</category><category>sharepoint</category><author>Samit Hota</author></item><item><title>[Critical] Critical Citrix NetScaler Flaw CVE-2026-8451 Actively Exploited</title><link>https://samithota.com/security-advisories/citrix-netscaler-cve-2026-8451/</link><guid isPermaLink="true">https://samithota.com/security-advisories/citrix-netscaler-cve-2026-8451/</guid><description>A critical memory overread vulnerability in Citrix NetScaler ADC and Gateway appliances, similar to CitrixBleed, is being actively exploited.</description><pubDate>Mon, 13 Jul 2026 10:38:52 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>citrix</category><author>Samit Hota</author></item><item><title>[High] Critical Unauthenticated SQL Injection Vulnerability Found in Jinher OA</title><link>https://samithota.com/security-advisories/jinher-oa-sql-injection-cve-2026-15517/</link><guid isPermaLink="true">https://samithota.com/security-advisories/jinher-oa-sql-injection-cve-2026-15517/</guid><description>Jinher OA version 1.0 contains an unauthenticated SQL injection vulnerability (CVE-2026-15517) allowing remote arbitrary SQL command execution.</description><pubDate>Mon, 13 Jul 2026 05:52:50 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>jinher</category><author>Samit Hota</author></item><item><title>[Critical] Accenture Faces Data Breach: 35GB of Source Code Allegedly Stolen</title><link>https://samithota.com/security-advisories/accenture-source-code-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/accenture-source-code-breach/</guid><description>A threat actor claims to have breached Accenture, exfiltrating over 35GB of source codes.</description><pubDate>Mon, 13 Jul 2026 05:52:50 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>accenture</category><author>Samit Hota</author></item><item><title>[High] Eureka Construction INC Hit by Titan Ransomware Group</title><link>https://samithota.com/security-advisories/eureka-construction-titan-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/eureka-construction-titan-ransomware/</guid><description>US-based Eureka Construction INC suffers a ransomware attack by the Titan group, leading to a data breach.</description><pubDate>Mon, 13 Jul 2026 05:52:50 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>eureka</category><author>Samit Hota</author></item><item><title>[High] Allied Plumbing &amp; Heating Hit by Qilin Ransomware Group</title><link>https://samithota.com/security-advisories/allied-plumbing-heating-qilin-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/allied-plumbing-heating-qilin-ransomware/</guid><description>Allied Plumbing &amp; Heating, a New Hampshire-based organization, has fallen victim to a ransomware attack orchestrated by the Qilin group.</description><pubDate>Sun, 12 Jul 2026 14:03:30 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>allied</category><author>Samit Hota</author></item><item><title>[High] CISA Adds Langflow Authorization Bypass (CVE-2026-55255) to KEV Catalog</title><link>https://samithota.com/security-advisories/cisa-langflow-cve-2026-55255-kev/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cisa-langflow-cve-2026-55255-kev/</guid><description>CISA has added an actively exploited Langflow Authorization Bypass vulnerability, CVE-2026-55255, to its Known Exploited Vulnerabilities Catalog.</description><pubDate>Sun, 12 Jul 2026 14:03:30 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>cisa</category><author>Samit Hota</author></item><item><title>[Critical] Critical Adobe ColdFusion Vulnerability (CVE-2026-48282) Actively Exploited In The Wild</title><link>https://samithota.com/security-advisories/adobe-coldfusion-cve-2026-48282-exploited/</link><guid isPermaLink="true">https://samithota.com/security-advisories/adobe-coldfusion-cve-2026-48282-exploited/</guid><description>A critical vulnerability, CVE-2026-48282, in Adobe ColdFusion is being actively exploited in attacks, allowing remote code execution.</description><pubDate>Sun, 12 Jul 2026 14:03:30 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>adobe</category><author>Samit Hota</author></item><item><title>[Critical] JadePuffer Identified as First Agentic Ransomware Driven by Large Language Model</title><link>https://samithota.com/security-advisories/jadepuffer-agentic-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/jadepuffer-agentic-ransomware/</guid><description>The Sysdig Threat Research Team has uncovered JadePuffer, the first documented instance of agentic ransomware, fully automating attacks using an LLM.</description><pubDate>Sun, 12 Jul 2026 14:03:30 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>jadepuffer</category><author>Samit Hota</author></item><item><title>[High] Rockstar Games Suffers Data Breach Affecting Corporate Assets via Third-Party</title><link>https://samithota.com/security-advisories/rockstar-games-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/rockstar-games-data-breach/</guid><description>Rockstar Games confirmed a data breach affecting corporate assets, with ShinyHunters claiming responsibility and seeking a ransom.</description><pubDate>Sun, 12 Jul 2026 14:03:30 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>rockstar</category><author>Samit Hota</author></item><item><title>[Critical] DarkSword iOS Spyware Actively Deployed Against Hundreds of Millions of Devices</title><link>https://samithota.com/security-advisories/darksword-ios-spyware-deployment/</link><guid isPermaLink="true">https://samithota.com/security-advisories/darksword-ios-spyware-deployment/</guid><description>A sophisticated iOS spyware named DarkSword has been found in active deployment, targeting hundreds of millions of iOS devices globally.</description><pubDate>Sun, 12 Jul 2026 14:03:30 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>darksword</category><author>Samit Hota</author></item><item><title>[High] Eleveo Call Recording Software Vulnerabilities Allow Improper Authorization</title><link>https://samithota.com/security-advisories/eleveo-improper-authorization-cves/</link><guid isPermaLink="true">https://samithota.com/security-advisories/eleveo-improper-authorization-cves/</guid><description>Multiple improper authorization vulnerabilities (CVE-2026-15474, CVE-2026-15472) in Eleveo Call Recording Software 9.7.0 allow remote attacks.</description><pubDate>Sun, 12 Jul 2026 09:23:53 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>eleveo</category><author>Samit Hota</author></item><item><title>[High] Zimbra Collaboration Suite Patches Stored XSS Vulnerability</title><link>https://samithota.com/security-advisories/zimbra-stored-xss-fix/</link><guid isPermaLink="true">https://samithota.com/security-advisories/zimbra-stored-xss-fix/</guid><description>Zimbra has released a patch for its Collaboration Suite (ZCS) 10.1.19 to address a stored cross-site scripting (XSS) vulnerability in the Classic Web Client.</description><pubDate>Sun, 12 Jul 2026 09:23:53 GMT</pubDate><category>High</category><category>Resolved</category><category>news</category><category>zimbra</category><author>Samit Hota</author></item><item><title>[Critical] OpenClaw AI Assistant Vulnerabilities Enable Remote Code Execution via WhatsApp</title><link>https://samithota.com/security-advisories/openclaw-whatsapp-rce/</link><guid isPermaLink="true">https://samithota.com/security-advisories/openclaw-whatsapp-rce/</guid><description>Multiple high-severity flaws in the OpenClaw AI coding assistant allow remote code execution through specially crafted WhatsApp messages.</description><pubDate>Sun, 12 Jul 2026 09:23:53 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>openclaw</category><author>Samit Hota</author></item><item><title>[High] Conduent Data Breach Exposes Health and Personal Information of Millions</title><link>https://samithota.com/security-advisories/conduent-health-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/conduent-health-data-breach/</guid><description>A significant data breach at Conduent has exposed the personal health information of over 25 million individuals in Texas and Oregon.</description><pubDate>Sun, 12 Jul 2026 09:23:53 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>conduent</category><author>Samit Hota</author></item><item><title>[Critical] Dell BIOS Flaw (CVE-2026-40639) Exposes Admin Passwords</title><link>https://samithota.com/security-advisories/dell-bios-cve-2026-40639/</link><guid isPermaLink="true">https://samithota.com/security-advisories/dell-bios-cve-2026-40639/</guid><description>A critical vulnerability in Dell BIOS allows attackers to recover administrator and user passwords from SPI flash in milliseconds due to a broken encryption…</description><pubDate>Sun, 12 Jul 2026 09:23:53 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>dell</category><author>Samit Hota</author></item><item><title>[High] Exposed Hacker Server Reveals WP SHELLSTORM Backdooring Thousands of WordPress Sites</title><link>https://samithota.com/security-advisories/wpshellstorm-backdooring-wordpress/</link><guid isPermaLink="true">https://samithota.com/security-advisories/wpshellstorm-backdooring-wordpress/</guid><description>An exposed cybercrime server linked to WP SHELLSTORM has revealed the compromise of thousands of WordPress sites through outdated plugins and injected…</description><pubDate>Sat, 11 Jul 2026 18:14:17 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>wpshellstorm</category><author>Samit Hota</author></item><item><title>[Critical] Malicious JScrambler npm Package Release Drops Rust Infostealer During Install</title><link>https://samithota.com/security-advisories/jscrambler-npm-infostealer/</link><guid isPermaLink="true">https://samithota.com/security-advisories/jscrambler-npm-infostealer/</guid><description>Version 8.14.0 of the JScrambler npm package was compromised to silently deploy a native Rust-based infostealer during installation across Windows, macOS, and…</description><pubDate>Sat, 11 Jul 2026 18:14:17 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>jscrambler</category><author>Samit Hota</author></item><item><title>[High] Sophos Flags New Vect-TeamPCP Cybercriminal Alliance for Ransomware Attacks</title><link>https://samithota.com/security-advisories/vect-teampcp-ransomware-alliance/</link><guid isPermaLink="true">https://samithota.com/security-advisories/vect-teampcp-ransomware-alliance/</guid><description>Sophos X-Ops has uncovered a new alliance between the ransomware group Vect and cybercriminal outfit TeamPCP, combining their expertise for efficient…</description><pubDate>Sat, 11 Jul 2026 18:14:17 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>vect</category><author>Samit Hota</author></item><item><title>[High] Exposed Hacker Server Reveals WP SHELLSTORM Backdooring Thousands of WordPress Sites</title><link>https://samithota.com/security-advisories/wp-shellstorm-backdoor/</link><guid isPermaLink="true">https://samithota.com/security-advisories/wp-shellstorm-backdoor/</guid><description>An exposed cybercrime server linked to WP SHELLSTORM has revealed the compromise of thousands of WordPress sites through outdated plugins and injected…</description><pubDate>Sat, 11 Jul 2026 18:14:17 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>wp</category><author>Samit Hota</author></item><item><title>[High] WeedHack Malware Offered as Service, Targets Minecraft Users with Info-Stealing…</title><link>https://samithota.com/security-advisories/weedhack-minecraft-malware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/weedhack-minecraft-malware/</guid><description>A new malware-as-a-service, &quot;WeedHack,&quot; is being distributed disguised as Minecraft clients or mods to steal system information, passwords, and other…</description><pubDate>Sat, 11 Jul 2026 18:14:17 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>weedhack</category><author>Samit Hota</author></item><item><title>[Critical] Critical Authentication Bypass Actively Exploited in Gitea Docker Image</title><link>https://samithota.com/security-advisories/gitea-docker-auth-bypass/</link><guid isPermaLink="true">https://samithota.com/security-advisories/gitea-docker-auth-bypass/</guid><description>Attackers are leveraging a critical authentication bypass vulnerability within the official Gitea Docker image to hijack instances and impersonate users.</description><pubDate>Sat, 11 Jul 2026 18:14:17 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>gitea</category><author>Samit Hota</author></item><item><title>[Critical] Critical Linux Kernel FUSE Page Cache Overflow (CVE-2026-31694) Enables Root Access</title><link>https://samithota.com/security-advisories/linux-fuse-page-cache-overflow/</link><guid isPermaLink="true">https://samithota.com/security-advisories/linux-fuse-page-cache-overflow/</guid><description>A critical local privilege escalation (LPE) vulnerability in the Linux kernel&apos;s FUSE subsystem allows unprivileged local attackers to gain root privileges.</description><pubDate>Sat, 11 Jul 2026 14:00:50 GMT</pubDate><category>Critical</category><category>Resolved</category><category>news</category><category>linux</category><author>Samit Hota</author></item><item><title>[High] Novo Nordisk Confirms Breach, AI/ML Asset Theft Claimed by FulcrumSec</title><link>https://samithota.com/security-advisories/novo-nordisk-ai-ml-asset-theft/</link><guid isPermaLink="true">https://samithota.com/security-advisories/novo-nordisk-ai-ml-asset-theft/</guid><description>Novo Nordisk confirmed a breach and data exfiltration, with FulcrumSec claiming theft of proprietary AI models and research assets.</description><pubDate>Sat, 11 Jul 2026 14:00:50 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>novo</category><author>Samit Hota</author></item><item><title>[Critical] Critical Unauthenticated RCE (CVE-2026-46817) in Oracle EBS Payments Actively Exploited</title><link>https://samithota.com/security-advisories/oracle-ebs-unauthenticated-rce/</link><guid isPermaLink="true">https://samithota.com/security-advisories/oracle-ebs-unauthenticated-rce/</guid><description>A critical unauthenticated Remote Code Execution (RCE) vulnerability in Oracle E-Business Suite Payments module is under active exploitation.</description><pubDate>Sat, 11 Jul 2026 14:00:50 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>oracle</category><author>Samit Hota</author></item><item><title>[High] U.S. DHS Homeland Security Information Network (HSIN) Compromised</title><link>https://samithota.com/security-advisories/dhs-hsin-compromise/</link><guid isPermaLink="true">https://samithota.com/security-advisories/dhs-hsin-compromise/</guid><description>The U.S. Department of Homeland Security&apos;s HSIN, a platform for interagency coordination, was compromised by an unidentified threat actor.</description><pubDate>Sat, 11 Jul 2026 14:00:50 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>dhs</category><author>Samit Hota</author></item><item><title>[High] Instructure Suffers Data Breach by ShinyHunters, Affecting Millions of Users</title><link>https://samithota.com/security-advisories/instructure-shinyhunters-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/instructure-shinyhunters-data-breach/</guid><description>Edtech giant Instructure, behind the Canvas LMS, experienced a data breach with ShinyHunters accessing user data and defacing pages.</description><pubDate>Sat, 11 Jul 2026 14:00:49 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>instructure</category><author>Samit Hota</author></item><item><title>[High] CISA Adds Actively Exploited iCagenda and Balbooa Forms Vulnerabilities to KEV Catalog</title><link>https://samithota.com/security-advisories/cisa-kev-icagenda-balbooa-forms/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cisa-kev-icagenda-balbooa-forms/</guid><description>CISA has added two new unrestricted file upload vulnerabilities in iCagenda and Balbooa Forms to its Known Exploited Vulnerabilities Catalog due to active…</description><pubDate>Sat, 11 Jul 2026 11:51:16 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>cisa</category><author>Samit Hota</author></item><item><title>[High] SR Bancorp Vendor Mercadien Suffers Data Breach Exposing Somerset Regal Bank Customer Data</title><link>https://samithota.com/security-advisories/sr-bancorp-mercadien-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/sr-bancorp-mercadien-data-breach/</guid><description>SR Bancorp&apos;s vendor, Mercadien, P.C. CPAs, experienced a data breach exposing sensitive Somerset Regal Bank customer information including SSNs and account…</description><pubDate>Sat, 11 Jul 2026 11:51:16 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>sr</category><author>Samit Hota</author></item><item><title>[High] Argentine Football Association Suffers Database Breach Triggered by Infostealer Malware</title><link>https://samithota.com/security-advisories/argentine-football-association-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/argentine-football-association-data-breach/</guid><description>The Argentine Football Association experienced a significant cyberattack leading to database leaks and unauthorized communications, likely due to infostealer…</description><pubDate>Sat, 11 Jul 2026 11:51:16 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>argentine</category><author>Samit Hota</author></item><item><title>[High] Frontier Airlines Discloses Data Breach Exposing Customer Social Security Numbers</title><link>https://samithota.com/security-advisories/frontier-airlines-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/frontier-airlines-data-breach/</guid><description>Frontier Airlines confirmed a data breach on or about July 9, 2026, affecting customers with potentially exposed Social Security numbers.</description><pubDate>Sat, 11 Jul 2026 11:51:16 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>frontier</category><author>Samit Hota</author></item><item><title>[Critical] Progress Software Urges ShareFile Customers to Shut Down Storage Zone Controllers Over…</title><link>https://samithota.com/security-advisories/progress-sharefile-shutdown-order/</link><guid isPermaLink="true">https://samithota.com/security-advisories/progress-sharefile-shutdown-order/</guid><description>Progress Software issued an urgent advisory for ShareFile customers to shut down on-premises Storage Zone Controllers due to a credible security threat.</description><pubDate>Sat, 11 Jul 2026 11:51:16 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>progress</category><author>Samit Hota</author></item><item><title>[High] CISA Discloses Internal AWS GovCloud Credential Leak and Lack of Incident Response Plan</title><link>https://samithota.com/security-advisories/cisa-aws-govcloud-credential-leak/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cisa-aws-govcloud-credential-leak/</guid><description>CISA revealed a contractor exposed AWS GovCloud credentials on GitHub, highlighting the agency&apos;s unpreparedness with its own incident response playbook.</description><pubDate>Sat, 11 Jul 2026 11:51:16 GMT</pubDate><category>High</category><category>Resolved</category><category>news</category><category>cisa</category><author>Samit Hota</author></item><item><title>[Critical] Six U-Boot Signature Verification Flaws Expose Embedded Devices to Stealthy Firmware…</title><link>https://samithota.com/security-advisories/u-boot-signature-verification-flaws/</link><guid isPermaLink="true">https://samithota.com/security-advisories/u-boot-signature-verification-flaws/</guid><description>Binarly researchers disclosed six vulnerabilities in the U-Boot bootloader, including arbitrary code execution flaws that could enable stealthy firmware…</description><pubDate>Sat, 11 Jul 2026 05:27:23 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>u</category><author>Samit Hota</author></item><item><title>[High] Django GeoDjango SQL Injection (CVE-2026-1207) Under Active Exploitation</title><link>https://samithota.com/security-advisories/django-geodjango-sql-injection-exploitation/</link><guid isPermaLink="true">https://samithota.com/security-advisories/django-geodjango-sql-injection-exploitation/</guid><description>A high-severity SQL injection vulnerability (CVE-2026-1207) in Django&apos;s GeoDjango GIS module is now actively exploited, affecting applications with a PostGIS…</description><pubDate>Sat, 11 Jul 2026 05:27:23 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>django</category><author>Samit Hota</author></item><item><title>[Critical] Oracle PeopleSoft Zero-Day (CVE-2026-35273) Actively Exploited, NAIC Affected</title><link>https://samithota.com/security-advisories/oracle-peoplesoft-zero-day-exploitation-naic/</link><guid isPermaLink="true">https://samithota.com/security-advisories/oracle-peoplesoft-zero-day-exploitation-naic/</guid><description>A new zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft is under active exploitation, affecting approximately 100 organizations, including NAIC.</description><pubDate>Sat, 11 Jul 2026 05:27:23 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>oracle</category><author>Samit Hota</author></item><item><title>[Critical] Nitrogen Ransomware Group Targets Foxconn North America, Exfiltrates 8TB of Data</title><link>https://samithota.com/security-advisories/foxconn-north-america-nitrogen-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/foxconn-north-america-nitrogen-ransomware/</guid><description>The Nitrogen ransomware group claims to have stolen 8 terabytes of sensitive engineering documents and client schematics from Foxconn&apos;s North America…</description><pubDate>Sat, 11 Jul 2026 05:27:23 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>foxconn</category><author>Samit Hota</author></item><item><title>[High] Medtronic Notifies Millions of Individuals Impacted by ShinyHunters Data Breach</title><link>https://samithota.com/security-advisories/medtronic-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/medtronic-data-breach/</guid><description>Medical device giant Medtronic confirms a data breach impacting nearly 4 million individuals, with personal and health information exposed.</description><pubDate>Sat, 11 Jul 2026 05:27:23 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>medtronic</category><author>Samit Hota</author></item><item><title>[Critical] Critical RCE in iCagenda Joomla Extension Under Active Exploitation</title><link>https://samithota.com/security-advisories/cve-2026-48939-icagenda/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-48939-icagenda/</guid><description>An unrestricted file upload vulnerability (CVE-2026-48939) in iCagenda for Joomla allows unauthenticated remote code execution and is actively exploited.</description><pubDate>Sat, 11 Jul 2026 05:26:03 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>icagenda</category><author>Samit Hota</author></item><item><title>[Critical] Critical Balbooa Forms RCE: Unrestricted File Upload Vulnerability</title><link>https://samithota.com/security-advisories/cve-2026-56291-forms/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-56291-forms/</guid><description>A critical unrestricted file upload vulnerability in Balbooa Forms (CVE-2026-56291) allows unauthenticated RCE, demanding urgent remediation.</description><pubDate>Sat, 11 Jul 2026 05:25:41 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>balbooa</category><author>Samit Hota</author></item><item><title>[Critical] AI Agents Exploit Langflow RCE Vulnerability for Automated Database Ransomware Attacks</title><link>https://samithota.com/security-advisories/langflow-rce-ai-agent-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/langflow-rce-ai-agent-ransomware/</guid><description>An AI agent has been observed exploiting a Remote Code Execution (RCE) vulnerability in Langflow to automate database ransomware attacks, highlighting…</description><pubDate>Fri, 10 Jul 2026 15:11:22 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>langflow</category><author>Samit Hota</author></item><item><title>[High] Microsoft Patches RoguePlanet (CVE-2026-50656) Local Privilege Escalation in Defender</title><link>https://samithota.com/security-advisories/microsoft-defender-rogueplanet-cve-2026-50656/</link><guid isPermaLink="true">https://samithota.com/security-advisories/microsoft-defender-rogueplanet-cve-2026-50656/</guid><description>Microsoft has released a security update to address CVE-2026-50656, a local privilege escalation vulnerability dubbed &apos;RoguePlanet&apos; in its Malware Protection…</description><pubDate>Fri, 10 Jul 2026 15:11:22 GMT</pubDate><category>High</category><category>Resolved</category><category>news</category><category>microsoft</category><author>Samit Hota</author></item><item><title>[Critical] GodDamn Ransomware Uses Signed PoisonX Kernel Driver to Disable EDR Defenses</title><link>https://samithota.com/security-advisories/goddamn-ransomware-poisonx-driver/</link><guid isPermaLink="true">https://samithota.com/security-advisories/goddamn-ransomware-poisonx-driver/</guid><description>A new ransomware variant, GodDamn, a rebrand of Beast ransomware, employs the legitimately signed PoisonX kernel driver to bypass and neutralize endpoint…</description><pubDate>Fri, 10 Jul 2026 15:11:22 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>goddamn</category><author>Samit Hota</author></item><item><title>[Critical] Unpatched XRING Flaw in Alibaba&apos;s XQUIC Allows Remote HTTP/3 Server Crashes</title><link>https://samithota.com/security-advisories/xquic-xring-dos-vulnerability/</link><guid isPermaLink="true">https://samithota.com/security-advisories/xquic-xring-dos-vulnerability/</guid><description>A critical and unpatched vulnerability, named XRING, in Alibaba&apos;s XQUIC library enables remote denial-of-service against HTTP/3 servers.</description><pubDate>Fri, 10 Jul 2026 15:11:22 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>xquic</category><author>Samit Hota</author></item><item><title>[Critical] Ill Bloom Vulnerability Compromises Crypto Wallets Through Weak Randomness</title><link>https://samithota.com/security-advisories/ill-bloom-crypto-wallet-vulnerability/</link><guid isPermaLink="true">https://samithota.com/security-advisories/ill-bloom-crypto-wallet-vulnerability/</guid><description>A newly disclosed vulnerability, dubbed &quot;Ill Bloom,&quot; in certain crypto wallet software allows attackers to drain funds due to weak recovery phrase generation.</description><pubDate>Fri, 10 Jul 2026 15:11:22 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>ill</category><author>Samit Hota</author></item><item><title>[High] Cisco Talos Discloses Multiple Vulnerabilities in WolfSSL, GeoVision, and VTK-DICOM</title><link>https://samithota.com/security-advisories/wolfssl-geovision-vtk-vulnerabilities/</link><guid isPermaLink="true">https://samithota.com/security-advisories/wolfssl-geovision-vtk-vulnerabilities/</guid><description>Cisco Talos has identified and reported numerous vulnerabilities in WolfSSL, GeoVision security products, and the VTK-DICOM API.</description><pubDate>Fri, 10 Jul 2026 10:32:03 GMT</pubDate><category>High</category><category>Resolved</category><category>news</category><category>wolfssl</category><author>Samit Hota</author></item><item><title>[High] Nextcloud Hosting Misconfiguration Exposes Sensitive Employee and Client Data</title><link>https://samithota.com/security-advisories/nextcloud-data-exposure/</link><guid isPermaLink="true">https://samithota.com/security-advisories/nextcloud-data-exposure/</guid><description>A misconfiguration in a Nextcloud hosting environment led to the exposure of sensitive employee emails, client details, contracts, and scripts.</description><pubDate>Fri, 10 Jul 2026 10:32:03 GMT</pubDate><category>High</category><category>Mitigated</category><category>news</category><category>nextcloud</category><author>Samit Hota</author></item><item><title>[Critical] CitrixBleed 2 Exploitation Leads to DragonForce Ransomware Attacks</title><link>https://samithota.com/security-advisories/citrixbleed2-dragonforce-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/citrixbleed2-dragonforce-ransomware/</guid><description>Threat actors leverage the CitrixBleed 2 vulnerability (CVE-2025-5777) in NetScaler appliances for initial access, culminating in DragonForce ransomware…</description><pubDate>Fri, 10 Jul 2026 10:32:03 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>citrixbleed2</category><author>Samit Hota</author></item><item><title>[High] All About Women&apos;s Care Reports Network Server Data Breach</title><link>https://samithota.com/security-advisories/all-about-womens-care-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/all-about-womens-care-breach/</guid><description>Healthcare provider All About Women&apos;s Care discloses a data breach affecting approximately 12,000 patients with sensitive medical information.</description><pubDate>Fri, 10 Jul 2026 10:32:03 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>all</category><author>Samit Hota</author></item><item><title>[High] Aitkin County HHS Data Breach Exposes Health and Personal Information</title><link>https://samithota.com/security-advisories/aitkin-county-hhs-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/aitkin-county-hhs-breach/</guid><description>Aitkin County Health and Human Services reports a data breach affecting 83,114 individuals with exposed PII and PHI from email accounts.</description><pubDate>Fri, 10 Jul 2026 10:32:03 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>aitkin</category><author>Samit Hota</author></item><item><title>[Critical] LLM-Driven Agentic Ransomware &quot;JADEPUFFER&quot; Marks New Threat Landscape</title><link>https://samithota.com/security-advisories/agentic-ransomware-jadepuffer/</link><guid isPermaLink="true">https://samithota.com/security-advisories/agentic-ransomware-jadepuffer/</guid><description>Researchers uncover JADEPUFFER, the first fully autonomous LLM-driven ransomware operation exploiting Langflow vulnerability.</description><pubDate>Fri, 10 Jul 2026 10:32:03 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>agentic</category><author>Samit Hota</author></item><item><title>[Low] US Army Websites Defaced with Pro-Kurdish Messages</title><link>https://samithota.com/security-advisories/us-army-websites-defaced/</link><guid isPermaLink="true">https://samithota.com/security-advisories/us-army-websites-defaced/</guid><description>Two U.S. Army websites were temporarily defaced on error pages with pro-Kurdish messages and criticism of former President Donald Trump.</description><pubDate>Fri, 10 Jul 2026 06:26:05 GMT</pubDate><category>Low</category><category>Resolved</category><category>news</category><category>us</category><author>Samit Hota</author></item><item><title>[High] Finance Yorkshire Hit by Cmdorganization Ransomware Group</title><link>https://samithota.com/security-advisories/finance-yorkshire-ransomware/</link><guid isPermaLink="true">https://samithota.com/security-advisories/finance-yorkshire-ransomware/</guid><description>UK-based funding provider Finance Yorkshire suffered a ransomware attack by the Cmdorganization group, potentially impacting SME data.</description><pubDate>Fri, 10 Jul 2026 06:26:05 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>finance</category><author>Samit Hota</author></item><item><title>[High] Deutsche Bank Implicated in Ransomware Incident via External Service Provider</title><link>https://samithota.com/security-advisories/deutsche-bank-third-party-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/deutsche-bank-third-party-breach/</guid><description>The &quot;Unsafe&quot; ransomware group claims to have breached Deutsche Bank, though the bank states a third-party service provider was the actual target.</description><pubDate>Fri, 10 Jul 2026 06:26:05 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>deutsche</category><author>Samit Hota</author></item><item><title>[High] Mercado Libre Reportedly Hit by &quot;The Gentleman&quot; Ransomware Group</title><link>https://samithota.com/security-advisories/mercado-libre-ransomware-attack/</link><guid isPermaLink="true">https://samithota.com/security-advisories/mercado-libre-ransomware-attack/</guid><description>Latin American e-commerce giant Mercado Libre is reportedly targeted by &quot;The Gentleman&quot; ransomware group, with claims of data exfiltration.</description><pubDate>Fri, 10 Jul 2026 06:26:05 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>mercado</category><author>Samit Hota</author></item><item><title>[Critical] CISA Warns of Active Exploitation in Adobe ColdFusion and Joomla Page Builders</title><link>https://samithota.com/security-advisories/cisa-kev-multiple-critical-vulnerabilities/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cisa-kev-multiple-critical-vulnerabilities/</guid><description>CISA added critical vulnerabilities in Adobe ColdFusion, Joomlack Page Builder, and JoomShaper SP Page Builder to its KEV Catalog, citing active exploitation.</description><pubDate>Fri, 10 Jul 2026 06:26:05 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>cisa</category><author>Samit Hota</author></item><item><title>[Medium] United HealthCare Data Breach Affects Over 34,000 Individuals</title><link>https://samithota.com/security-advisories/unitedhealthcare-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/unitedhealthcare-data-breach/</guid><description>United HealthCare Services Inc. disclosed a data breach affecting 34,574 individuals, with details of the exposed information publicly undisclosed.</description><pubDate>Thu, 09 Jul 2026 18:08:25 GMT</pubDate><category>Medium</category><category>Open</category><category>news</category><category>unitedhealthcare</category><author>Samit Hota</author></item><item><title>[Critical] Critical Vulnerabilities Patched in Ubiquiti UniFi OS Ecosystem</title><link>https://samithota.com/security-advisories/ubiquiti-unifi-critical-vulnerabilities/</link><guid isPermaLink="true">https://samithota.com/security-advisories/ubiquiti-unifi-critical-vulnerabilities/</guid><description>Ubiquiti has released critical security updates addressing seven severe vulnerabilities in its UniFi OS, including a maximum-severity command injection flaw…</description><pubDate>Thu, 09 Jul 2026 18:08:25 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>news</category><category>ubiquiti</category><author>Samit Hota</author></item><item><title>[High] AssuranceAmerica Data Breach Exposes 6.9 Million Driver&apos;s Licenses</title><link>https://samithota.com/security-advisories/assuranceamerica-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/assuranceamerica-data-breach/</guid><description>A cyberattack on AssuranceAmerica compromised data for 6.9 million individuals, including driver&apos;s license numbers and other sensitive information.</description><pubDate>Thu, 09 Jul 2026 18:08:25 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>assuranceamerica</category><author>Samit Hota</author></item><item><title>[High] CISA Warns of Active Exploitation of Langflow IDOR for Credential Harvesting</title><link>https://samithota.com/security-advisories/langflow-idor-credential-harvesting/</link><guid isPermaLink="true">https://samithota.com/security-advisories/langflow-idor-credential-harvesting/</guid><description>CISA has added an Insecure Direct Object Reference (IDOR) vulnerability in Langflow (CVE-2026-55255) to its KEV catalog due to active exploitation.</description><pubDate>Thu, 09 Jul 2026 18:08:25 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>langflow</category><author>Samit Hota</author></item><item><title>[High] China-Aligned Hackers Exploit Roundcube Vulnerabilities in University Attacks</title><link>https://samithota.com/security-advisories/china-apt-exploits-roundcube/</link><guid isPermaLink="true">https://samithota.com/security-advisories/china-apt-exploits-roundcube/</guid><description>A suspected China-aligned APT group is actively exploiting patched Roundcube flaws (e.g., CVE-2024-42009) targeting U.S. and Canadian universities.</description><pubDate>Thu, 09 Jul 2026 18:08:25 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>china</category><author>Samit Hota</author></item><item><title>[Critical] Critical Gitea Authentication Bypass Under Active Exploitation</title><link>https://samithota.com/security-advisories/gitea-auth-bypass-exploited/</link><guid isPermaLink="true">https://samithota.com/security-advisories/gitea-auth-bypass-exploited/</guid><description>A critical vulnerability in Gitea (CVE-2026-20896) allows authentication bypass and is being actively exploited in the wild.</description><pubDate>Thu, 09 Jul 2026 18:08:25 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>gitea</category><author>Samit Hota</author></item><item><title>[High] KDDI Email Platform Breach Exposes 12 Million User Credentials</title><link>https://samithota.com/security-advisories/kddi-email-platform-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/kddi-email-platform-breach/</guid><description>A zero-day vulnerability in a third-party email platform led to the exposure of 12 million email addresses and passwords from Japanese ISPs, including KDDI.</description><pubDate>Thu, 09 Jul 2026 16:08:57 GMT</pubDate><category>High</category><category>Open</category><category>news</category><category>kddi</category><author>Samit Hota</author></item><item><title>[Critical] BeyondTrust Fixes Multiple Critical Vulnerabilities in Remote Access Products</title><link>https://samithota.com/security-advisories/beyondtrust-multiple-vulnerabilities/</link><guid isPermaLink="true">https://samithota.com/security-advisories/beyondtrust-multiple-vulnerabilities/</guid><description>BeyondTrust has released security updates addressing critical vulnerabilities in its Remote Support and Privileged Remote Access products.</description><pubDate>Thu, 09 Jul 2026 16:08:57 GMT</pubDate><category>Critical</category><category>Resolved</category><category>news</category><category>beyondtrust</category><author>Samit Hota</author></item><item><title>[High] Microsoft Patches &quot;RoguePlanet&quot; Local Privilege Escalation in Defender</title><link>https://samithota.com/security-advisories/microsoft-defender-rogueplanet-lpe/</link><guid isPermaLink="true">https://samithota.com/security-advisories/microsoft-defender-rogueplanet-lpe/</guid><description>Microsoft has released a patch for CVE-2026-50656, a privilege escalation vulnerability in Microsoft Defender&apos;s Malware Protection Engine.</description><pubDate>Thu, 09 Jul 2026 16:08:57 GMT</pubDate><category>High</category><category>Resolved</category><category>news</category><category>microsoft</category><author>Samit Hota</author></item><item><title>[Critical] Critical 15-Year-Old Linux Kernel Vulnerability &quot;GhostLock&quot; Grants Root Access</title><link>https://samithota.com/security-advisories/ghostlock-linux-privesc/</link><guid isPermaLink="true">https://samithota.com/security-advisories/ghostlock-linux-privesc/</guid><description>A newly disclosed 15-year-old Linux kernel flaw (CVE-2026-43499) allows local users to achieve root privileges and escape containers.</description><pubDate>Thu, 09 Jul 2026 16:08:57 GMT</pubDate><category>Critical</category><category>Open</category><category>news</category><category>ghostlock</category><author>Samit Hota</author></item><item><title>[High] Accenture Confirms Data Breach After Source Code and Credentials Stolen</title><link>https://samithota.com/security-advisories/accenture-data-breach/</link><guid isPermaLink="true">https://samithota.com/security-advisories/accenture-data-breach/</guid><description>A hacker claims to have stolen 35GB of sensitive data, including source code and access keys, from consulting giant Accenture.</description><pubDate>Thu, 09 Jul 2026 16:08:57 GMT</pubDate><category>High</category><category>Mitigated</category><category>news</category><category>accenture</category><author>Samit Hota</author></item><item><title>[Critical] CRITICAL ADOBE COLDFUSION RCE (CVE-2026-48282) ACTIVELY EXPLOITED</title><link>https://samithota.com/security-advisories/cve-2026-48282-coldfusion/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-48282-coldfusion/</guid><description>A critical path traversal vulnerability in Adobe ColdFusion (CVE-2026-48282) is under active exploitation, enabling unauthenticated remote code execution.</description><pubDate>Thu, 09 Jul 2026 16:08:01 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>adobe</category><author>Samit Hota</author></item><item><title>[Critical] Critical Joomlack Page Builder RCE via Improper Access Control</title><link>https://samithota.com/security-advisories/cve-2026-56290-page-builder/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-56290-page-builder/</guid><description>A critical improper access control vulnerability in Joomlack Page Builder (CVE-2026-56290) allows for unauthenticated remote code execution via arbitrary file…</description><pubDate>Thu, 09 Jul 2026 16:07:30 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>joomlack</category><author>Samit Hota</author></item><item><title>[Critical] JoomShaper SP Page Builder RCE: Critical Unauthenticated File Upload Actively Exploited</title><link>https://samithota.com/security-advisories/cve-2026-48908-sp-page-builder/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-48908-sp-page-builder/</guid><description>Critical CVE-2026-48908 in JoomShaper SP Page Builder allows unauthenticated RCE via unrestricted file upload, actively exploited in the wild.</description><pubDate>Thu, 09 Jul 2026 00:00:00 GMT</pubDate><category>Critical</category><category>Open</category><category>kev</category><category>joomshaper</category><author>Samit Hota</author></item><item><title>[High] Advisory: Langflow Authorization Bypass (CVE-2026-55255)</title><link>https://samithota.com/security-advisories/cve-2026-55255-langflow/</link><guid isPermaLink="true">https://samithota.com/security-advisories/cve-2026-55255-langflow/</guid><description>A critical authorization bypass vulnerability in Langflow (CVE-2026-55255) allows authenticated attackers to execute arbitrary flows belonging to other users.</description><pubDate>Thu, 09 Jul 2026 00:00:00 GMT</pubDate><category>High</category><category>Open</category><category>kev</category><category>langflow</category><author>Samit Hota</author></item><item><title>[Critical] Authentication Bypass via JWT alg=none in Solandra Commerce API</title><link>https://samithota.com/security-advisories/jwt-alg-none-auth-bypass/</link><guid isPermaLink="true">https://samithota.com/security-advisories/jwt-alg-none-auth-bypass/</guid><description>Solandra Commerce API versions up to 3.4.2 accept unsigned JWTs by honoring an attacker-controlled alg header, allowing full authentication bypass.</description><pubDate>Thu, 18 Jun 2026 00:00:00 GMT</pubDate><category>Critical</category><category>Mitigated</category><category>authentication</category><category>jwt</category><category>api-security</category><author>Samit Hota</author></item><item><title>[High] IDOR in Parcelhive File-Sharing Endpoint Exposes Private Documents</title><link>https://samithota.com/security-advisories/parcelhive-idor-file-sharing/</link><guid isPermaLink="true">https://samithota.com/security-advisories/parcelhive-idor-file-sharing/</guid><description>A predictable share-link identifier in Parcelhive&apos;s file-sharing API allowed enumeration of other tenants&apos; private documents.</description><pubDate>Tue, 04 Nov 2025 00:00:00 GMT</pubDate><category>High</category><category>Resolved</category><category>idor</category><category>access-control</category><category>saas</category><author>Samit Hota</author></item><item><title>[Medium] SSRF in Metadata Proxy Endpoint Allows Cloud Credential Theft</title><link>https://samithota.com/security-advisories/metadata-proxy-ssrf/</link><guid isPermaLink="true">https://samithota.com/security-advisories/metadata-proxy-ssrf/</guid><description>An unvalidated URL-fetch feature could be redirected at the cloud instance metadata service, exposing temporary IAM credentials.</description><pubDate>Fri, 22 Aug 2025 00:00:00 GMT</pubDate><category>Medium</category><category>Mitigated</category><category>ssrf</category><category>cloud-security</category><category>iam</category><author>Samit Hota</author></item></channel></rss>