Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions. "The attacks range in severity from integrity violations to the complete compromise of all vaults in an...

EUVD-2026-6091

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

CVE-2026-2555

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

CVE-2026-2555

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

CVE-2026-2555 JeecgBoot Retrieval-Augmented Generation AiragKnowledgeController.java importDocumentFromZip deserialization

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

CVE-2026-2555

CVE-2026-2555 affects JeecgBoot 3.9.1 in the Retrieval-Augmented Generation component, specifically the importDocumentFromZip function in AiragKnowledgeController.java. The issue is a deserialization vulnerability triggered by manipulating input, allowing a remote attacker to exploit the flaw. Th...

PT-2026-8339

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

Verifiable Provenance of Software Artifacts with Zero-Knowledge Compilation

Verifying that a compiled binary originates from its claimed source code is a fundamental security requirement, called source code provenance. Achieving verifiable source code provenance in practice remains challenging. The most popular technique, called reproducible builds, requires difficult...

LoRA-Based Parameter-Efficient LLMs for Continuous Learning in Edge-Based Malware Detection

The proliferation of edge devices has created an urgent need for security solutions capable of detecting malware in real time while operating under strict computational and memory constraints. Recently, Large Language Models LLMs have demonstrated remarkable capabilities in recognizing complex...

@cognigy/cognigy-cli (>=1.9.7 <=2.1.0), @meta-1/nest-ai (>=0.0.1 <=0.0.5) +10 more potentially affected by CVE-2026-26019 via @langchain/community (>=1.0.0 <=1.1.12)

@langchain/community NPM version =1.0.0, =1.9.7, =0.0.1, =0.2.0, =0.0.16, =1.4.13, =1.0.0, =3.1.0, =0.3.0, =0.0.210, =0.1.1, =0.1.2 Source cves: CVE-2026-26019 Source advisory: SNYK:JS-LANGCHAINCOMMUNITY-15268428...

VulReaD: Knowledge-Graph-Guided Software Vulnerability Reasoning and Detection

Software vulnerability detection SVD is a critical challenge in modern systems. Large language models LLMs offer natural-language explanations alongside predictions, but most work focuses on binary evaluation, and explanations often lack semantic consistency with Common Weakness Enumeration CWE...

Agentic Knowledge Distillation: Autonomous Training of Small Language Models for SMS Threat Detection

SMS-based phishing smishing attacks have surged, yet training effective on-device detectors requires labelled threat data that quickly becomes outdated. To deal with this issue, we present Agentic Knowledge Distillation, which consists of a powerful LLM acts as an autonomous teacher that fine-tun...

TRACE: Timely Retrieval and Alignment for Cybersecurity Knowledge Graph Construction and Expansion

The rapid evolution of cyber threats has highlighted significant gaps in security knowledge integration. Cybersecurity Knowledge Graphs CKGs relying on structured data inherently exhibit hysteresis, as the timely incorporation of rapidly evolving unstructured data remains limited, potentially...

2026-02 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5075912)

2026-02 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems KB5075912...

2026-02 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5075912)

2026-02 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems KB5075912...

2026-02 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5075904)

2026-02 Cumulative Update for Windows Server 2019 for x64-based Systems KB5075904...

2026-02 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5075906)

2026-02 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems KB5075906...

2026-02 Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5075912)

2026-02 Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems KB5075912...

2026-02 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5075912)

2026-02 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems KB5075912...

2026-02 .NET 8.0.24 Security Update for ARM64 Client (KB5077863)

2026-02 .NET 8.0.24 Security Update for ARM64 Client KB5077863...