Aggregator

New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

The Hackers News
14 hours 31 minutes ago
A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone, with the activities aligning with Kremlin state interests, specifically when it comes to
The Hacker News

Hackers Use Fake Adobe Document Cloud Pages to Deliver ScreenConnect Malware

Cyber Security News
14 hours 34 minutes ago

A sophisticated phishing campaign is actively targeting financial organizations by using fake Adobe Document Cloud pages to silently install ScreenConnect remote access malware on victim machines. The operation is well-structured, deceptive, and difficult to detect because it blends into everyday enterprise software activity. The campaign works by sending phishing emails that look like legitimate Adobe […]

The post Hackers Use Fake Adobe Document Cloud Pages to Deliver ScreenConnect Malware appeared first on Cyber Security News.

Tushar Subhra Dutta

Legitimate-Looking Codex Remote UI Steals OpenAI Codex Authentication Tokens

Cyber Security News
14 hours 36 minutes ago

A polished, fully functional npm package has been caught secretly stealing OpenAI Codex authentication tokens from developers who trusted it. The package, named codexui-android, presented itself as a remote web UI for OpenAI Codex with no obvious signs of being malicious. It built a genuine user base, amassed 27,000 weekly downloads, and maintained an active […]

The post Legitimate-Looking Codex Remote UI Steals OpenAI Codex Authentication Tokens appeared first on Cyber Security News.

Tushar Subhra Dutta

DIL Observatory: when the World Escalates, the Underground Responds

Security Affairs
14 hours 43 minutes ago
Digital Intelligence Lab (DIL) launches an observatory for reading cyber events as what they actually are: signals of a broader social and geopolitical reality. The timing rarely lies, and the connection between real-world events and cyber activity is no longer a theoretical framework. It is a documented pattern, traceable across months and geographies. This new […]
Pierluigi Paganini

CVE-2026-48095 | 7-Zip up to 26.00 NTFS Archive NtfsHandler.cpp CInStream::GetCuSize out-of-bounds write (GHSL-2026-140)

VulDB Recent Entries
14 hours 49 minutes ago
A vulnerability, which was classified as critical, has been found in 7-Zip up to 26.00. Affected is the function CInStream::GetCuSize of the file CPP/7zip/Archive/NtfsHandler.cpp of the component NTFS Archive Handler. Performing a manipulation results in out-of-bounds write. This vulnerability is cataloged as CVE-2026-48095. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-48800 | Notepad++ up to 8.9.6 NppXml::value Parameters.cpp UserCommand os command injection (GHSA-3x3f-3j39-pj3v)

VulDB Recent Entries
14 hours 51 minutes ago
A vulnerability classified as critical was found in Notepad++ up to 8.9.6. This impacts the function UserCommand of the file Parameters.cpp of the component NppXml::value. Such manipulation leads to os command injection. This vulnerability is listed as CVE-2026-48800. The attack must be carried out locally. In addition, an exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-48770 | Notepad++ up to 8.9.6 COPYDATA_FULL_CMDLINE out-of-bounds (GHSA-r39g-3mcw-xcg2)

VulDB Recent Entries
14 hours 51 minutes ago
A vulnerability described as problematic has been identified in Notepad++ up to 8.9.6. The impacted element is an unknown function. The manipulation of the argument COPYDATA_FULL_CMDLINE results in out-of-bounds read. This vulnerability is identified as CVE-2026-48770. The attack can be executed remotely. Additionally, an exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-49197 | Acer Predator Connect W6x up to W6x_GBL_2.00.000005 Web Endpoint improper authentication

VulDB Recent Entries
14 hours 56 minutes ago
A vulnerability marked as critical has been reported in Acer Predator Connect W6x up to W6x_GBL_2.00.000005. The affected element is an unknown function of the component Web Endpoint. The manipulation leads to improper authentication. This vulnerability is referenced as CVE-2026-49197. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

CVE-2026-49196 | Acer Predator Connect W6x up to W6x_GBL_2.00.000005 Wi-Fi Device Blocking Feature command injection

VulDB Recent Entries
14 hours 56 minutes ago
A vulnerability labeled as critical has been found in Acer Predator Connect W6x up to W6x_GBL_2.00.000005. Impacted is an unknown function of the component Wi-Fi Device Blocking Feature. Executing a manipulation can lead to command injection. The identification of this vulnerability is CVE-2026-49196. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2026-49195 | Acer Predator Connect W6x up to W6x_GBL_2.00.000005 Debug Service /sbin/mtk_dut missing authentication

VulDB Recent Entries
14 hours 57 minutes ago
A vulnerability identified as critical has been detected in Acer Predator Connect W6x up to W6x_GBL_2.00.000005. This issue affects some unknown processing of the file /sbin/mtk_dut of the component Debug Service. Performing a manipulation results in missing authentication. This vulnerability was named CVE-2026-49195. The attack needs to be approached within the local network. There is no available exploit.
vuldb.com

CVE-2026-49198 | Acer Predator Connect W6x up to W6x_GBL_2.00.000005 Subscription access control (EUVD-2026-33266)

VulDB Recent Entries
14 hours 57 minutes ago
A vulnerability categorized as critical has been discovered in Acer Predator Connect W6x up to W6x_GBL_2.00.000005. This vulnerability affects unknown code of the component Subscription Handler. Such manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2026-49198. The attack can be launched remotely. No exploit exists.
vuldb.com

CVE-2026-49199 | Acer Predator Connect W6x up to W6x_GBL_2.00.000005 MQTT command injection (EUVD-2026-33269)

VulDB Recent Entries
14 hours 57 minutes ago
A vulnerability was found in Acer Predator Connect W6x up to W6x_GBL_2.00.000005. It has been rated as critical. This affects an unknown part of the component MQTT Handler. This manipulation causes command injection. This vulnerability is handled as CVE-2026-49199. The attack can be initiated remotely. There is not any exploit available.
vuldb.com

CVE-2026-9557 | Mautic up to 4.4.19/5.2.10/6.0.8/7.1.1 Focus server-side request forgery

VulDB Recent Entries
14 hours 58 minutes ago
A vulnerability was found in Mautic up to 4.4.19/5.2.10/6.0.8/7.1.1. It has been declared as critical. Affected by this issue is some unknown functionality of the component Focus. The manipulation results in server-side request forgery. This vulnerability is known as CVE-2026-9557. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad