Dissecting UAT-8099: New persistence mechanisms and regional focus

Cisco Talos has identified a new campaign by UAT-8099, active from late 2025 to early 2026, that is targeting vulnerable Internet Information Services IIS servers across Asia with a specific focus on victims in Thailand and Vietnam. Analysis confirms significant operational overlaps between this...

[SECURITY] [DLA 4458-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4458-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 28, 2026 https://wiki.debian.org/LTS -...

CVE-2025-8405 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-workhorse-ce-fips, gitlab-workhorse-ce...

GHSA-W2J6-R4XJ-RJCJ vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-workhorse-ce-fips, gitlab-workhorse-ce...

EUVD-2025-206450

Discourse is an open source discussion platform. Versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 have a content-security-policy-mitigated cross-site scriptinv vulnerability on the Discourse Math plugin when using its KaTeX variant. This issue is patched in versions 3.5.4, 2025.11.2,...

Astra Linux - уязвимость в zabbix

There was discovered a use after free bug in browser.c in the esbrowsergetvariant function...

EUVD-2026-3999

Missing Authorization vulnerability in Icegram Icegram icegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram: from n/a through = 3.1.35...

EUVD-2026-4113

Deserialization of Untrusted Data vulnerability in artbees JupiterX Core jupiterx-core allows Object Injection.This issue affects JupiterX Core: from n/a through = 4.10.1...

EUVD-2026-4127

The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified o...

EUVD-2026-3489

The Newsletter – Send awesome emails from WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.1.0. This is due to missing or incorrect nonce validation on the hooknewsletteraction function. This makes it possible for unauthenticated...

MiracleLinux 8 : nodejs:18 (AXSA:2024-7654:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7654:01 advisory. nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 nodejs: vulnerable to timing variant of th...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001337 advisory. arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001227)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001227 advisory. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003617 advisory. An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the...

MiracleLinux 7 : nspr-4.21.0-1.el7, nss-util-3.44.0-3.el7, nss-softokn-3.44.0-5.el7, nss-3.44.0-4.el7 (AXSA:2019-4268:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4268:01 advisory. ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries CVE-2018-0495 nss: Cache side-channel variant of the Bleichenbacher attack...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003761 advisory. An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the...

New CastleLoader Variant Linked to 469 Infections Across Critical Sectors

ANY.RUN report reveals how the new CastleLoader malware targets US government agencies using stealthy ClickFix tricks and memory-based attacks to bypass security...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003564 advisory. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003534)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003534 advisory. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may...

EUVD-2026-2308

In the Linux kernel, the following vulnerability has been resolved: iomap: adjust read range correctly for non-block-aligned positions iomapadjustreadrange assumes that the position and length passed in are block-aligned. This is not always the case however, as shown in the syzbot generated case...