Security News

Cybersecurity news aggregator

← Back to News Browse all tags

mitre-t1190

6260 articles with this tag

HIGH
The Axios npm compromise was visible in registry metadata before anyone ran npm install
Reddit r/netsec • Jun 13, 2026
 HIGH
AI brands as bait: How threat actors are using the AI hype in social engineering
Microsoft Security Blog • Jun 08, 2026
 CRITICAL
CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability
SC Media • Jun 12, 2026
 MEDIUM
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
CSO Online • Jun 12, 2026
 HIGH
Novo Nordisk discloses data breach affecting patient and healthcare professional information
SC Media • Jun 12, 2026
 CRITICAL
10-year-old phpBB vulnerability allows admin account takeover
SC Media • Jun 12, 2026
 HIGH
China-nexus group hid in Linux login system for nearly a decade
SC Media • Jun 12, 2026
 HIGH
Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE)
WatchTowr Labs • Jun 12, 2026
 CRITICAL
Palo Alto Networks PAN-OS GlobalProtect Authentication Bypass
FortiGuard Threat Signal • Jun 11, 2026
 CRITICAL
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
Dark Reading • Jun 12, 2026
 CRITICAL
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Ars Technica Security • Jun 12, 2026
 MEDIUM
Iran-linked group Handala claims to steal Cal Water customer info
SC Media • Jun 12, 2026
 CRITICAL
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
The Hacker News • Jun 12, 2026
 CRITICAL
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
The Hacker News • Jun 12, 2026
 HIGH
phpBB forum fixes auth bypass bug lurking for a decade
BleepingComputer • Jun 12, 2026
 CRITICAL
Palo Alto Networks PAN-OS GlobalProtect Auth Bypass
FortiGuard Outbreak Alerts • Jun 11, 2026
 CRITICAL
CISA Adds One Known Exploited Vulnerability to Catalog
CISA All Advisories • Jun 12, 2026
 HIGH
Over 400 Arch Linux packages compromised to push rootkit, infostealer
BleepingComputer • Jun 12, 2026
 CRITICAL
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
CyberScoop • Jun 12, 2026
 MEDIUM
Silent Ransom Group: what you need to know
Graham Cluley • Jun 11, 2026
 CRITICAL
Vulnérabilité dans Oracle PeopleSoft (12 juin 2026)
CERT-FR (ANSSI) • Jun 12, 2026
 CRITICAL
Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)
Rapid7 Research • Jun 12, 2026
 HIGH
Microsoft has mostly repaired a flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
The Register Security • Jun 12, 2026
 CRITICAL
Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)
Help Net Security • Jun 12, 2026
 HIGH
Iranian Cyber Group Handala Claims Cal Water Hack
SecurityWeek • Jun 12, 2026
 HIGH
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
The Register Security • Jun 12, 2026
 CRITICAL
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
The Hacker News • Jun 12, 2026
 HIGH
[NEU] [mittel] Synacor Zimbra: Schwachstelle ermöglicht nicht spezifizierten Angriff
BSI Germany • Jun 12, 2026
 HIGH
[NEU] [mittel] Sonatype Nexus Repository Manager: Schwachstelle ermöglicht Offenlegung von Informationen
BSI Germany • Jun 12, 2026
 HIGH
[NEU] [hoch] MongoDB: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen
BSI Germany • Jun 12, 2026
 HIGH
[NEU] [mittel] MISP: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 MEDIUM
[NEU] [mittel] QEMU: Schwachstelle ermöglicht Denial of Service
BSI Germany • Jun 12, 2026
 HIGH
[NEU] [hoch] VMware Tanzu Spring Cloud Gateway Server und Sleuth: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 HIGH
[NEU] [mittel] GeoServer: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 HIGH
[NEU] [hoch] IBM i: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten
BSI Germany • Jun 12, 2026
 HIGH
Pharma giant Novo Nordisk discloses breach of clinical trials data
BleepingComputer • Jun 12, 2026
 CRITICAL
Ivanti Sentry Exploitation Attempts Hitting Honeypots
SecurityWeek • Jun 12, 2026
 CRITICAL
INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
The Hacker News • Jun 12, 2026
 CRITICAL
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
The Hacker News • Jun 12, 2026
 HIGH
[NEU] [hoch] Langflow: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 HIGH
[NEU] [mittel] IBM Langflow Desktop und OSS: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 CRITICAL
Oracle PeopleSoft zero‑day fuels ShinyHunters extortion spree
CSO Online • Jun 12, 2026
 MEDIUM
[NEU] [mittel] Fleet: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
BSI Germany • Jun 12, 2026
 HIGH
[NEU] [mittel] vllm: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 CRITICAL
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
BleepingComputer • Jun 12, 2026
 HIGH
[NEU] [hoch] Google Chrome: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 MEDIUM
[NEU] [UNGEPATCHT] [mittel] Keycloak (admin-ui-ext): Schwachstelle ermöglicht Manipulation von Dateien
BSI Germany • Jun 12, 2026
 MEDIUM
[NEU] [mittel] Apache CXF: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 MEDIUM
NCSC-2026-0196 [1.00] [M/H] Kwetsbaarheden verholpen in GitLab Enterprise Edition
NCSC Netherlands • Jun 12, 2026
 HIGH
NCSC-2026-0197 [1.00] [M/H] Kwetsbaarheid verholpen in Fortinet FortiPortal
NCSC Netherlands • Jun 12, 2026
 HIGH
[UPDATE] [mittel] Apache Commons Beanutils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
BSI Germany • Jun 12, 2026
 HIGH
[UPDATE] [hoch] git: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 HIGH
NCSC-2026-0195 [1.00] [M/H] Kwetsbaarheid verholpen in Oracle PeopleSoft Enterprise PeopleTools
NCSC Netherlands • Jun 12, 2026
 CRITICAL
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters
SecurityWeek • Jun 12, 2026
 HIGH
[UPDATE] [hoch] Apple macOS: Mehrere Schwachstellen
BSI Germany • Jun 12, 2026
 CRITICAL
Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751)
WatchTowr Labs • Jun 12, 2026
 HIGH
Splunk Products Multiple Vulnerabilities
HKCERT • Jun 12, 2026
 HIGH
GitLab Multiple Vulnerabilities
HKCERT • Jun 12, 2026
 MEDIUM
Maine breach portal abused to publish fake data breach disclosures
BleepingComputer • Jun 11, 2026
 HIGH
USN-8421-1: Ironic vulnerabilities
Ubuntu Security • Jun 11, 2026
 CRITICAL
USN-8426-1: Linux kernel (Azure) vulnerabilities
Ubuntu Security • Jun 11, 2026
 CRITICAL
Trolling Microsoft With Vulnerabilities - PSW #930
SC Media • Jun 11, 2026
 HIGH
USN-8423-1: lwIP vulnerabilities
Ubuntu Security • Jun 11, 2026
 HIGH
OnyxC2 stealer sold as a service targets over 210 applications
SC Media • Jun 11, 2026
 HIGH
Russian national charged in connection with Void Blizzard cyberespionage campaign
SC Media • Jun 11, 2026
 HIGH
OceanLotus targets stock investors and construction firm with SPECTRALVIPER backdoor
SC Media • Jun 11, 2026
 CRITICAL
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The Hacker News • Jun 11, 2026
 CRITICAL
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Dark Reading • Jun 11, 2026
 CRITICAL
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
BleepingComputer • Jun 11, 2026
 CRITICAL
CISA Adds One Known Exploited Vulnerability to Catalog
CISA All Advisories • Jun 11, 2026
 CRITICAL
ShinyHunters claims it hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day
The Register Security • Jun 11, 2026
 CRITICAL
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
Google Threat Intelligence • Jun 11, 2026
 HIGH
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
The Register Security • Jun 11, 2026
 CRITICAL
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
The Hacker News • Jun 11, 2026
 CRITICAL
New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
The Hacker News • Jun 11, 2026
 HIGH
Russian national charged in connection with Void Blizzard espionage campaign
CyberScoop • Jun 11, 2026
 CRITICAL
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
The Hacker News • Jun 11, 2026
 MEDIUM
USN-8424-1: Ubuntu Kylin Software Center vulnerability
Ubuntu Security • Jun 11, 2026
 MEDIUM
2.4M+ VRChat users’ data accessed following cloud breach
The Register Security • Jun 11, 2026
 CRITICAL
Naxclow IoT Platform
CISA ICS Advisories • Jun 11, 2026
 CRITICAL
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
CISA ICS Advisories • Jun 11, 2026
 HIGH
Brickcom Cameras
CISA ICS Advisories • Jun 11, 2026
 HIGH
Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware
Infosecurity Magazine • Jun 11, 2026
 CRITICAL
Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks
SecurityWeek • Jun 11, 2026
 HIGH
From SQLi to RCE – Exploiting LangGraph’s Checkpointer
Check Point Research • Jun 11, 2026
 HIGH
VU#862559: crypton-x509-validation Haskell libraries do not enforce X.509 NameConstraints
CERT/CC • Jun 11, 2026
 CRITICAL
Multiples vulnérabilités dans LibreNMS (11 juin 2026)
CERT-FR (ANSSI) • Jun 11, 2026
 HIGH
Multiples vulnérabilités dans les produits Splunk (11 juin 2026)
CERT-FR (ANSSI) • Jun 11, 2026
 CRITICAL
Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert
Help Net Security • Jun 11, 2026
 HIGH
ServiceNow fixes API issue after reports of suspicious tenant activity
CSO Online • Jun 11, 2026
 HIGH
OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month
SecurityWeek • Jun 11, 2026
 HIGH
Data of 2.4 million VRChat users stolen
Malwarebytes Labs • Jun 11, 2026
 HIGH
Hackers Exploit Langflow Vulnerability for Remote Code Execution
SecurityWeek • Jun 11, 2026
 HIGH
[NEU] [hoch] Jenkins: Mehrere Schwachstellen
BSI Germany • Jun 11, 2026
 HIGH
[NEU] [hoch] GitLab: Mehrere Schwachstellen
BSI Germany • Jun 11, 2026
 HIGH
[NEU] [mittel] Erlang/OTP: Mehrere Schwachstellen
BSI Germany • Jun 11, 2026
 HIGH
[NEU] [hoch] Apache OFBiz: Mehrere Schwachstellen
BSI Germany • Jun 11, 2026
 MEDIUM
[NEU] [mittel] vllm: Schwachstelle ermöglicht Manipulation von Daten
BSI Germany • Jun 11, 2026
 MEDIUM
[NEU] [mittel] ConnectWise ScreenConnect: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
BSI Germany • Jun 11, 2026
 HIGH
[NEU] [mittel] NoMachine: Schwachstelle ermöglicht Codeausführung
BSI Germany • Jun 11, 2026