Aggregator

CVE-2026-32131 | Zitadel up to 3.4.7/4.12.1 Organization project.app.read project_id/grant_id/app_id authorization (GHSA-wr6r-59xg-4pj2)

VulDB Recent Entries
1 week 6 days ago
A vulnerability described as problematic has been identified in Zitadel up to 3.4.7/4.12.1. This vulnerability affects the function project.app.read of the component Organization Handler. The manipulation of the argument project_id/grant_id/app_id results in authorization bypass. This vulnerability was named CVE-2026-32131. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-32128 | labring FastGPT up to 4.14.7 File Descriptor sys.stdout.write incomplete blacklist (GHSA-6hw6-mxrm-v6wj)

VulDB Recent Entries
1 week 6 days ago
A vulnerability marked as critical has been reported in labring FastGPT up to 4.14.7. This affects the function sys.stdout.write of the component File Descriptor Handler. The manipulation leads to incomplete blacklist. This vulnerability is uniquely identified as CVE-2026-32128. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

CVE-2026-32130 | Zitadel up to 3.4.7/4.12.1 path authentication bypass (GHSA-83pv-4xxp-rm2x)

VulDB Recent Entries
1 week 6 days ago
A vulnerability labeled as critical has been found in Zitadel up to 3.4.7/4.12.1. Affected by this issue is some unknown functionality. Executing a manipulation of the argument path can lead to authentication bypass using alternate channel. This vulnerability is handled as CVE-2026-32130. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2026-27591 | Winter CMS up to 1.0.476/1.1.11/1.2.11 Requests access control (GHSA-pgpf-m8m4-6cg6)

VulDB Recent Entries
1 week 6 days ago
A vulnerability identified as critical has been detected in Winter CMS up to 1.0.476/1.1.11/1.2.11. Affected by this vulnerability is an unknown functionality of the component Requests Handler. Performing a manipulation results in improper access controls. This vulnerability is known as CVE-2026-27591. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.
vuldb.com

CVE-2026-32132 | Zitadel up to 3.4.7/4.12.1 Endpoint session expiration (GHSA-2x66-r53r-9r86)

VulDB Recent Entries
1 week 6 days ago
A vulnerability categorized as problematic has been discovered in Zitadel up to 3.4.7/4.12.1. Affected is an unknown function of the component Endpoint. Such manipulation leads to session expiration. This vulnerability is traded as CVE-2026-32132. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

Stretching Cyber Resources in Rural Healthcare

Ransomware DataBreachToday.com
1 week 6 days ago
Rural hospitals and clinics continue to struggle with a lack of cyber resources but a federal grant program set to provide $50 billion worth of funding across all 50 states could hopefully help lessen some of the pain, said Jim Roeder, VP of IT at Lakewood Health System in Minnesota.

How US Ransomware Policy Aims to Break Global Crime Networks

Ransomware DataBreachToday.com
1 week 6 days ago
Ex-FBI Leader Cynthia Kaiser on Sanctions, Ecosystem Disruption, Stronger Policies
U.S. cyber policy now treats ransomware gangs and fraud networks as transnational criminal organizations. Former FBI cyber leader Cynthia Kaiser explains how sanctions, infrastructure takedowns, and international cooperation could weaken cybercrime ecosystems and reduce attacks.

'Plug-and-Play' AI Is a Myth for Enterprises

Ransomware DataBreachToday.com
1 week 6 days ago
CIOs Face Integration, Talent and ROI Hurdles Despite Rising AI Budgets
CIOs looking for quick wins from AI may be out of luck. The real value from AI won't come from plug-and-play tools that can be bought, but rather from the hard work of integrating AI into enterprise systems, workflows and operating models, according to new research from Cognizant.

Kai Launches Agentic AI Security Platform With $125M Funding

Ransomware DataBreachToday.com
1 week 6 days ago
Startup Platform Targets Autonomous Detection and Exposure Management
Cybersecurity startup Kai emerged from stealth with $125 million in funding led by Evolution Equity to develop an agentic AI platform that automates exposure management, threat intelligence, analysis and detection workflows while helping security teams remediate vulnerabilities faster.

Armadin Launches With $190M to Automate Red-Teaming With AI

Ransomware DataBreachToday.com
1 week 6 days ago
Vendor Combines AI Attack Agents, Human Experts to Simulate Real-World Cyberattacks
Offensive security startup Armadin secured nearly $190 million in funding to expand a platform that uses AI agents to automate red-team operations. The technology enables companies to continuously test defenses and uncover attack paths that traditional consulting engagements often miss.

LnkMeMaybe - A Review of CVE-2026-25185

TrustedSec
1 week 6 days ago
<p>A Windows shortcut (.lnk) seems very simple on the surface. It is a file that points somewhere and tells the system to open or execute a resource. A shortcut is relatively easy to overlook and can be spoofed to look…</p>
Christopher Paschen

微软:网络犯罪组织滥用人工智能进行网络攻击趋势显著上升

嘶吼
1 week 6 days ago

微软表示,网络犯罪组织正越来越多地在其行动中使用人工智能来加速攻击、扩大恶意活动规模,并降低网络攻击各个方面的技术门槛。

根据微软最新发布的威胁情报报告,攻击者正在使用生成式人工智能工具执行各种任务,包括侦察、钓鱼攻击、基础设施搭建、恶意软件制作以及入侵后活动等各类攻击场景。

在多数场景中,AI 被用于撰写钓鱼邮件、翻译内容、汇总窃取的数据、调试恶意软件,以及辅助编写脚本或配置攻击基础设施。

据观察,当前绝大多数 AI 恶意用途都集中在利用大语言模型生成文本、代码或多媒体内容。网络犯罪组织借助生成式 AI 撰写钓鱼诱饵、翻译内容、提炼被盗数据、生成或调试恶意软件,以及搭建脚本和攻击基础设施。

在这些用途中,AI 相当于“能力放大器”,能够降低技术难度、加快攻击执行速度,但攻击目标、攻击对象和部署决策仍由攻击者人工掌控。

黑客在网络攻击全生命周期中滥用人工智能

AI 正成为网络攻击的重要助力

微软已观测到多个网络攻击组织将 AI 融入攻击流程,其中包括被追踪为 Jasper Sleet(Storm-0287)和Coral Sleet(Storm-1877)的朝鲜相关攻击组织。这些组织将 AI 技术用于远程 IT 人员渗透计划。

在相关行动中,AI 工具可帮助生成高度逼真的虚假身份、简历和沟通话术,从而成功入职企业,并在入职后持续维持访问权限。

报告还介绍了 AI 如何被用于辅助恶意软件开发与攻击基础设施搭建:网络犯罪组织利用 AI 编程工具生成并优化恶意代码、排查错误,或将恶意软件组件移植到不同编程语言。

部分恶意软件实验已呈现出 AI 赋能特征,可在运行时动态生成脚本或调整行为逻辑。Coral Sleet组织利用 AI 快速搭建虚假企业网站、配置攻击基础设施,并对部署内容进行测试与故障排查。

当 AI 安全防护机制试图阻止此类恶意用途时,网络犯罪组织会使用模型越狱手段,诱导大语言模型生成恶意代码或内容。

除生成式 AI 外,研究人员还发现,网络犯罪组织已开始尝试使用智能体 AI,实现任务自主执行并根据结果动态调整策略。

不过微软强调,目前 AI 主要用于辅助决策,而非完全自主发起攻击。

由于许多针对 IT 人员的攻击活动依赖滥用合法权限,微软建议企业将此类攻击及类似行为视为内部风险进行防范。

此外,鉴于这类 AI 驱动的攻击与传统网络攻击模式相似,防御方应重点关注异常凭证使用检测、强化身份系统抵御钓鱼攻击,并保护可能在未来攻击中成为目标的 AI 系统安全。

并非只有微软观察到网络犯罪组织正加大 AI 滥用力度、降低攻击入门门槛。谷歌近期报告也显示,攻击者在网络攻击全流程中滥用 Gemini AI,且这一现象与亚马逊观测到的攻击活动高度一致。

胡金鱼

CVE-2026-3942 | Google Chrome up to 145.0.7632.159 PictureInPicture ui layer (ID 475238)

VulDB Recent Entries
1 week 6 days ago
A vulnerability was found in Google Chrome. It has been rated as problematic. This impacts an unknown function of the component PictureInPicture. This manipulation causes improper restriction of rendered ui layers. This vulnerability appears as CVE-2026-3942. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

CVE-2026-3930 | Google Chrome up to 145.0.7632.159 on iOS Navigation Remote Code Execution (ID 476898)

VulDB Recent Entries
1 week 6 days ago
A vulnerability was found in Google Chrome on iOS. It has been classified as critical. The impacted element is an unknown function of the component Navigation. The manipulation leads to Remote Code Execution. This vulnerability is documented as CVE-2026-3930. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-3935 | Google Chrome up to 145.0.7632.159 WebAppInstalls ui layer (ID 479326)

VulDB Recent Entries
1 week 6 days ago
A vulnerability was found in Google Chrome and classified as problematic. The affected element is an unknown function of the component WebAppInstalls. Executing a manipulation can lead to improper restriction of rendered ui layers. This vulnerability is registered as CVE-2026-3935. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.
vuldb.com

Managed ad