Aggregator

A vulnerability identified as critical has been detected in Oracle Banking Deposits and Lines of Credit Servicing 2.7. The affected element is an unknown function of the component Web UI. The manipulation leads to denial of service. This vulnerability is listed as CVE-2022-23437. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

A vulnerability marked as critical has been reported in Oracle Banking Party Management 2.7. This affects an unknown function of the component Web UI. This manipulation causes denial of service. This vulnerability is registered as CVE-2022-23437. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability classified as critical was found in Oracle Financial Services Crime and Compliance Management Studio 8.0.8.2.0/8.0.8.3.0. Affected by this vulnerability is an unknown functionality of the component Studio. Executing a manipulation can lead to denial of service. This vulnerability appears as CVE-2022-23437. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, was found in Oracle FLEXCUBE Universal Banking 12.4. This affects an unknown part of the component Infrastructure. The manipulation results in denial of service. This vulnerability is known as CVE-2022-23437. It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.

A vulnerability described as critical has been identified in Oracle Primavera Unifier up to 21.12. This affects an unknown function of the component Platform/User Interface. The manipulation results in denial of service. This vulnerability is known as CVE-2022-23437. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.

Rural hospitals and clinics continue to struggle with a lack of cyber resources but a federal grant program set to provide $50 billion worth of funding across all 50 states could hopefully help lessen some of the pain, said Jim Roeder, VP of IT at Lakewood Health System in Minnesota.

Long-life medical devices - products typically used for a decade or longer - are among the most post-quantum, cryptographically vulnerable technologies in healthcare, said Joern Lubadel, global head of product security at German-based medical device and healthcare products maker B. Braun.

CIOs Face Integration, Talent and ROI Hurdles Despite Rising AI Budgets
CIOs looking for quick wins from AI may be out of luck. The real value from AI won't come from plug-and-play tools that can be bought, but rather from the hard work of integrating AI into enterprise systems, workflows and operating models, according to new research from Cognizant.

Iran Expands Targeting, Including AWS, Google and Microsoft Infrastructure
Michigan-based medical technology giant Stryker appears to have been hacked by a pro-Iranian group called Handala, leading to global operations being disrupted, IT devices remotely wiped and terabytes of data being stolen. Experts said Handala appears to be a "faketivist" group run by Tehran.

Startup Platform Targets Autonomous Detection and Exposure Management
Cybersecurity startup Kai emerged from stealth with $125 million in funding led by Evolution Equity to develop an agentic AI platform that automates exposure management, threat intelligence, analysis and detection workflows while helping security teams remediate vulnerabilities faster.

Vendor Combines AI Attack Agents, Human Experts to Simulate Real-World Cyberattacks
Offensive security startup Armadin secured nearly $190 million in funding to expand a platform that uses AI agents to automate red-team operations. The technology enables companies to continuously test defenses and uncover attack paths that traditional consulting engagements often miss.

腾讯董事会主席兼首席执行官马化腾今天凌晨 2 时许在朋友圈转发了腾讯推出全系「龙虾」产品矩阵的公众号文章，并配文「自研龙虾、本地虾、云端虾、企业虾、云桌面虾，安全隔离虾房、云保安、知识库…… 还有一批产品陆续赶来」。

A vulnerability described as problematic has been identified in swaldman mchange-commons-java up to 0.3.x. This affects an unknown part. Executing a manipulation can lead to injection. This vulnerability is registered as CVE-2026-27727. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.

A vulnerability labeled as problematic has been found in linode terraform-provider-linode up to 3.8.x. Affected by this vulnerability is an unknown functionality. The manipulation results in sensitive information in log files. This vulnerability is reported as CVE-2026-27900. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability categorized as critical has been discovered in zhongyu09 openchatbi up to 0.2.1. This issue affects some unknown processing of the file openchatbi/tool/save_report.py. Such manipulation of the argument file_format leads to path traversal. This vulnerability is traded as CVE-2026-28795. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in NatroTeam NatroMacro up to 1.0.x. The impacted element is an unknown function of the component Send Message Handler. This manipulation causes path traversal. This vulnerability is handled as CVE-2026-28800. The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.