Aggregator

Researchers Say Nation-State Actors Are Evolving Persistence Techniques
An apparent Chinese nation-state hacking group gussied up its tooling with new modular functionality, say security researchers who observed a cyberespionage campaign affecting Asia-Pacific governments. The activity resembles attack patterns of the threat actor tracked as Mustang Panda

Reports: Trump Administration Approval of Nvidia H200 Sales Poses Frontier AI Risks
Trump administration discussions on AI governance with China are colliding with reports that Washington may permit expanded Nvidia H200 chip sales to Chinese firms, fueling concerns that U.S. technology access could accelerate Beijing's frontier AI and military-linked ambitions.

В данной статье мы рассмотрим основные принципы DFIR и подробно расскажем о практических методах реагирования на инциденты.

Хакеры два месяца возвращались в сеть нефтяной компании через незакрытый сервер — и каждый раз их пускали.

Слабое место срабатывало только при особых условиях, но последствия могли быть жёсткими.

Currently trending CVE - Hype Score: 28 - NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) ...

Currently trending CVE - Hype Score: 36 - An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evo_priv.c from the DD+ bitstream, the decoder writes that data into a buffer. The length ...

Currently trending CVE - Hype Score: 46 - In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix user_ref race between scrub and refill paths The io_zcrx_put_niov_uref() function uses a non-atomic check-then-decrement pattern (atomic_read followed by separate atomic_dec) to manipulate ...

Currently trending CVE - Hype Score: 46 - io_uring UAF, Unix SCM garbage collection

Currently trending CVE - Hype Score: 46 - Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Currently trending CVE - Hype Score: 46 - A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to ...

Currently trending CVE - Hype Score: 49

Currently trending CVE - Hype Score: 49 - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one ...

Currently trending CVE - Hype Score: 49 - In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths ...

Currently trending CVE - Hype Score: 49 - In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since ...

Two employee devices at OpenAI were compromised in a sweeping software supply chain attack targeting TanStack npm, but the AI company confirmed no user data, production systems, or intellectual property were affected. On May 11, 2026 UTC, threat actors launched a campaign dubbed “Mini Shai-Hulud” a coordinated supply chain offensive orchestrated by the TeamPCP extortion […]

The post OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack appeared first on Cyber Security News.

Солнечные протоны убивают — а мы ищем их следы в кольцах 800-летних деревьев.

История началась с тихой публикации трёх версий, но быстро превратилась в тревожный сигнал для всей экосистемы.

A maximum-severity zero-day vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited in the wild, allowing unauthenticated remote attackers to fully bypass authentication and seize administrative control of enterprise network infrastructure. Tracked as CVE-2026-20182 with a CVSS score of 10.0, the flaw puts SD-WAN deployments across on-premises, cloud, and government environments at critical risk. […]

The post Cisco Catalyst SD-WAN Controller 0-Day Actively Exploited to Gain Admin Access appeared first on Cyber Security News.