Aggregator

CVE-2026-32696 | NanoMQ MQTT Broker up to 0.24.6 set_data null pointer dereference (GHSA-77f4-wvq8-mp3p)

2 days 21 hours ago

A vulnerability classified as problematic has been found in NanoMQ MQTT Broker up to 0.24.6. This vulnerability affects the function set_data. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2026-32696. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Healthcare tech firm CareCloud says hackers stole patient data

Bleeping Computer.

2 days 22 hours ago

Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours. [...]

Bill Toulas

AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection

darkreading

2 days 22 hours ago

The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, researchers say.

Jai Vijayan

Daily Dose of Dark Web Informer - March 30th, 2026

Dark Web Informer - Cyber Threat Intelligence

2 days 22 hours ago

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Dark Web Informer

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

Hack Read

2 days 22 hours ago

OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw.

Deeba Ahmed

New RoadK1ll WebSocket implant used to pivot on breached networks

Bleeping Computer.

2 days 22 hours ago

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network. [...]

Bill Toulas

INC

Dark Feed IO

2 days 23 hours ago

You must login to view this content

cohenido

Citrix security advisory (AV26-267) – Update 1

CCCS - Alerts and advisories

2 days 23 hours ago

Canadian Centre for Cyber Security

CVE-2025-12548

CVE Trends

2 days 23 hours ago

Currently trending CVE - Hype Score: 1 - A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API ...

CVE-2023-2868

CVE Trends

2 days 23 hours ago

Currently trending CVE - Hype Score: 1 - A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape ...