Aggregator

A vulnerability, which was classified as problematic, was found in International Datacasting Corporation SFX SuperFlex SatelliteReceiver Web Management Interface 101. Affected by this vulnerability is an unknown functionality of the file /IDC_Logging/index.cgi. Executing a manipulation of the argument submitType can lead to cross site scripting. This vulnerability is registered as CVE-2026-28772. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as critical, has been found in SEPPmail Secure Email Gateway up to 15.0.0. Affected is an unknown function of the component Email Address Handler. Performing a manipulation results in interpretation conflict. This vulnerability is cataloged as CVE-2026-27444. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in International Datacasting IDC SFX2100 SuperFlex Satellite Receiver SFX2100. This impacts an unknown function of the file /root/anaconda-ks.cfg. Such manipulation leads to hard-coded credentials. This vulnerability is listed as CVE-2026-29120. The attack must be carried out locally. There is no available exploit.

A vulnerability classified as critical has been found in Delta Electronics CNCSoft-G2 up to 2.1.0.34. This affects an unknown function of the component File Handler. This manipulation causes out-of-bounds write. This vulnerability is tracked as CVE-2026-3094. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in SEPPmail Secure Email Gateway up to 15.0.0. The impacted element is an unknown function of the component PGP Message Handler. The manipulation results in information disclosure. This vulnerability is identified as CVE-2026-2747. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in SEPPmail Secure Email Gateway up to 15.0.0. The affected element is an unknown function of the component GINA Web Interface. The manipulation leads to path traversal. This vulnerability is referenced as CVE-2026-27442. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

Cybercriminals are now increasingly using Telegram to sell corporate access, malware subscriptions, and stealer logs, turning the messaging app into a fast cybercrime hub.

周鸿祎两会AI三策

Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious content embedded in routine workflows, enabling unauthorized actions without user awareness. The disclosure includes PerplexedBrowser, a subfamily of vulnerabilities in the Perplexity Comet browser that consists of two distinct exploit paths. Both stem from indirect prompt … More →

The post The vulnerability that turns your AI agent against you appeared first on Help Net Security.

本次活动汇聚行业权威力量与政企各界代表，通过搭建专业化、高标准的赛事平台，进一步激活网络安全领域的创新活力，助力产业高质量发展。

在洋葱网络的深处，一切都有明码标价

Зачем КНР внедряет нейросети во все виды войск.

MICCIS 2026 组委会热忱地邀请您参与第四届移动互联网、云计算与信息安全国际会议（MICCIS 2026）。

The education sector is notoriously short on cash, but rich in assets for threat actors to target. How can managed detection and response (MDR) help learning institutions regain the initiative?

HumanBug15 年实战经验，手把手教落地

谷歌曝光iOS攻击链，窃取加密货币威胁升级

看雪论坛作者ID：易之生生

《Highguard》开发商 Wildlight Entertainment 宣布游戏将于 3 月 12 日永久关闭。《Highguard》是一款以突袭为主题的英雄射击游戏，于 1 月 26 日上线，一度吸引了 9.7 万玩家同时在线，但这一热度并没有持续太长时间，根据 Steamdb 的统计，过去二十四小时游戏同时在线人数最高仅为 460 人，对一款需要长期运营的免费 PvP 游戏而言，结局已经注定了。在关闭前《Highguard》共运营 45 天，是索尼《Concord》的 3.75 倍长，《Concord》运营 12 天就永久关闭了。Wildlight 的主要投资者是腾讯，它已经在两周前撤回了投资。

February 2026 brought a surge of sophisticated cyber threats targeting businesses across industries. ANY.RUN’s analysts exposed and explored several major cyber threats this month, providing early visibility into emerging malware families and evolving attack techniques.  From new ransomware strains capable of encrypting entire environments in minutes, to fully undetected remote access trojans — the threat […]

The post Major Cyber Attacks in February 2026: BQTLock, Thread-Hijack Phishing, and MFA Bypass Evolution appeared first on ANY.RUN's Cybersecurity Blog.

A vulnerability labeled as critical has been found in International Datacasting Corporation SFX2100 SuperFlex SatelliteReceiver. Impacted is an unknown function of the component Telnet Service. Executing a manipulation can lead to hard-coded credentials. The identification of this vulnerability is CVE-2026-29119. The attack may be launched remotely. There is no exploit available.