PT-2026-23027

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software affected versions not specified Description A flaw exists in the VPN web services component that may allow a remote attacker t...

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

The threat actor behind the recently disclosed artificial intelligence AI-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its...

Blockchain Communication Vulnerabilities

Blockchains are diverse in the way they handle communications between their nodes to disseminate information, mitigate attacks, and agree on the next block. While security vulnerabilities have been identified, they rely on an attack custom-made for a specific blockchain communication protocol. To...

Multi-Agent Honeypot-Based Request-Response Context Dataset for Improved SQL Injection Detection Performance

SQL injection remains a major threat to web applications, as existing defenses often fail against obfuscation and evolving attacks because of neglecting the request-response context. This paper presents a context-enriched SQL injection detection framework, focusing on constructing a high-quality...

Dataease SQLBot 数据伪造问题漏洞

Dataease SQLBot is a robot plugin developed by Dataease as open source. Versions of Dataease SQLBot 1.5.1 and earlier contained a data manipulation vulnerability. This vulnerability stemmed from improper verification of the encrypted signature for the validateEmbedded function in the JWT Token...

LLM-Claw 安全漏洞

LLM-Claw is an open-source AI agent framework developed by CLAW LLM. Versions 0.1.0, 0.1.1, 0.1.1a, and 0.1.1a-p1 of LLM-Claw contain security vulnerabilities. These vulnerabilities stem from a buffer overflow in the agentdeployinit function within the Agent Deployment component, which may lead t...

GHSA-JMM5-FVH5-GF4P OpenClaw has non-constant-time token comparison in hooks authentication

Summary OpenClaw hooks previously compared the provided hook token using a regular string comparison. Because this comparison is not constant-time, an attacker with network access to the hooks endpoint could potentially use timing measurements across many requests to gradually infer the token. In...

Attacks on GPS Spike Amid US and Israeli War on Iran

New analysis shows that attacks on satellite navigation systems have impacted some 1,100 ships in the Middle East since the US and Israel attacked Iran on February 28...

How to Protect Your SaaS from Bot Attacks with SafeLine WAF

Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions, more API calls. But in reality, something feels off: Sign-ups increase, but users aren’t activating. Server cos...

Chamilo 代码问题漏洞

Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.30 had code vulnerabilities. These vulnerabilities stemmed from improper handling of the POST parameter openidurl in the file/index.php file, which could lead to blind SRFI attacks...

yosys 安全漏洞

Yosys is an open-source Synthesis suite developed by Yosys Headquarters. Versions of yosys prior to 0.62 contain security vulnerabilities. These vulnerabilities stem from a heap buffer overflow in the Yosys::RTLIL::Const::set function found in the kernel/rtlil.h file, which could lead to local...

openbabel 代码问题漏洞

OpenBabel is an open-source chemistry toolkit software developed by Open Babel. Versions of OpenBabel 3.1.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from a null pointer dereferencing in the OBAtom::GetExplicitValence function in the isrc/atom.cpp file, which could...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from clickjacking or overlay attacks, potentially leading to local privilege escalation...

PT-2026-22504

Name of the Vulnerable Software and Affected Versions MaxSite CMS versions up to 109.1 Description A code injection issue exists in MaxSite CMS due to a flaw in the eval function within the file application/maxsite/admin/plugins/editor markitup/preview-ajax.php of the MarkItUp Preview AJAX Endpoi...

RedTeam-MCP

🔴 RedTeam-MCP AI-Powered Autonomous Red Team Framework vi...

Who is the Kimwolf Botmaster “Dort”?

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf , the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort " -- has coordinated a barrage of...

CVE-2026-25114

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025. Of these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in...

EUVD-2026-8949

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

EUVD-2026-8938

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...