Aggregator

A vulnerability, which was classified as critical, has been found in Trend Micro TrendAI Apex One and TrendAI Apex One as a Service. Affected is an unknown function. This manipulation causes origin validation error. This vulnerability appears as CVE-2026-34928. The attack requires local access. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in Trend Micro TrendAI Apex One and TrendAI Apex One as a Service. This impacts an unknown function. The manipulation results in origin validation error. This vulnerability is reported as CVE-2026-34927. The attack requires a local approach. No exploit exists. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Trend Micro TrendAI Apex One and TrendAI Apex One as a Service. This affects an unknown function. The manipulation leads to relative path traversal. This vulnerability is documented as CVE-2026-34926. The attack needs to be performed locally. Additionally, an exploit exists. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in PosCube QR Menu up to 21052026. The impacted element is an unknown function. Executing a manipulation can lead to authorization bypass. This vulnerability is registered as CVE-2025-13479. It is possible to launch the attack remotely. No exploit is available.

A vulnerability marked as critical has been reported in Digital Operations Services WifiBurada up to 21052026. The affected element is an unknown function. Performing a manipulation results in exposure of private personal information to an unauthorized actor. This vulnerability is cataloged as CVE-2025-13477. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as critical has been found in Zoho ManageEngine ADSelfService Plus, DataSecurity Plus and RecoveryManager Plus. Impacted is an unknown function. Such manipulation leads to command injection. This vulnerability is listed as CVE-2026-2740. The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.

Запуск платы за международный трафик могут отложить до выборов в Госдуму 18–20 сентября.

Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw. There is a particular kind of security failure that is harder to catch than an unpatched system: a patched system where the patch did not actually work because nobody followed all the steps. That is […]

Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022. "Showboat is a modular post-exploitation framework designed for Linux systems, capable of spawning a remote shell, transferring files, and functioning as a SOCKS5 proxy," Lumen

First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Operation Saffron. During the operation, French and Dutch authorities, with support from Europol and Eurojust, dismantled 33 servers linked to the service and interviewed the operator in Ukraine. The targeted domain names were shut down through international cooperation between law enforcement and judicial authorities. The seized domains included 1vpns.com, … More →

The post Authorities dismantle First VPN, used by ransomware actors appeared first on Help Net Security.

Хитрый вирус притворяется мёртвым в руках безопасников и моментально оживает у простых пользователей.

Modern crypto drainers don't hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. [...]

"Showboat" doesn't show off, but clearly it doesn't need to, as it's long helped China spy on small market communications providers.

A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]

Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to gain Site Admin privileges. [...]

GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer tool with 2.2 million installs. A malicious version of the otherwise benign extension was used to steal secrets and developer credentials, which were then used to move through CI/CD pipelines and exfiltrate around 3,800 of GitHub’s private code repositories. One missed token, many victims The company … More →

The post GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise appeared first on Help Net Security.

Разработчики Verus экстренно отключили серверы для предотвращения дальнейших краж.

本文围绕 TeamPCP 发起的 Shai-Hulud 供应链攻击事件，梳理攻击者如何从 TanStack CI/CD 突破，经 Nx Console 扩散至 @antv npm、PyPI，并疑似关联 GitHub 内部仓库泄露的跨生态攻击链。

Google 本周二宣布搜索框将变成 AI 聊天机器人的对话框，那么它久经时间考虑的商业模式——搜索广告——自然也会跟着进入 AI 模式。Google 周三宣布将在 AI 模式中引入更多“富有帮助的广告（helpful ads）”。搜索巨人表示在测试两类新广告，提供相关产品的细节和有用的指导。作为广告的一部分，它们都会包含一个独立的 AI 解释器。广告也都会标明“赞助”字样。两类新广告其一称之为“对话式发现广告”——广告即答案；其二称之为“高亮答案”（Highlighted Answers）——将高度相关的广告作为推荐列表的一部分提供给用户。