3 Articles Today
150 This Month
6 Categories
150 Total Articles

Latest News

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure Vulnerabilities The Hacker News
The Hacker News Jul 10, 2026 1 min read

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from the DevOps platform trusting the "X-WEBAUTH-USER" header from any source IP address, effectively allowing an unauthenticated internet client to get elevated

'Djinn' Stealer Targets Cloud, AI Credentials Vulnerabilities Dark Reading
Dark Reading Jul 10, 2026 1 min read

'Djinn' Stealer Targets Cloud, AI Credentials

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and admin environments to wider enterprise systems.

Injective SDK on npm infected with cryptocurrency wallet stealer Data Breaches Bleeping Computer
Bleeping Computer Jul 10, 2026 1 min read

Injective SDK on npm infected with cryptocurrency wallet stealer

Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node Package Manager (npm) that stole cryptocurrency wallet private keys and mnemonic seed phrases. [...]

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems Vulnerabilities The Hacker News
The Hacker News Jul 10, 2026 1 min read

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the researcher claims that a separate, unreleased exploit

GigaWiper Combines Multiple Malware for System-Level Sabotage Malware SecurityWeek
SecurityWeek Jul 10, 2026 1 min read

GigaWiper Combines Multiple Malware for System-Level Sabotage

The backdoor’s destructive capabilities include a standalone wiper, ransomware encryption, and a multi-pass wiping command. The post GigaWiper Combines Multiple Malware for System-Level Sabotage appeared first on SecurityWeek.

From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale Research The Hacker News
The Hacker News Jul 10, 2026 1 min read

From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale

Most enterprises assume their asset inventory is close enough to accurate. The evidence suggests otherwise. According to a survey of over 600 security leaders in the 2026 Axonius Actionability Report, only 45% of organizations consolidate their asset and exposure data into a single view, and every downstream security program inherits whatever the inventory gets wrong. Lumen Technologies, a

Showing 131–140 of 149 articles