Ubuntu: Security Advisory (USN-8161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

A Synthetic Conversational Smishing Dataset for Social Engineering Detection

Smishing SMS phishing has become a serious cybersecurity threat, especially for elderly and cyber-unaware individuals, causing financial loss and undermining user trust. Although prior work has focused on detecting smishing at the level of individual messages, real-world attackers often rely on...

Identity Protection in the AI Era

Enterprises aiming to predict and mitigate human, machine, and AI‑agent risks at scale demand AI‑powered identity‑first security without compromise...

MAL-2026-2620 Malicious code in upstartportal (npm)

Collects system info, reads sensitive files, and exfiltrates data to a suspicious host. Multiple YARA matches confirm malicious intent. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 932dee0dcf84fc1044efb1ec35950d6102fcbb5122f26cca5e2b1f13eb599729 The package...

Machine Learning-Based Detection of MCP Attacks

The Model Context Protocol MCP is a new and emerging technology that extends the functionality of large language models, improving workflows but also exposing users to a new attack surface. Several studies have highlighted related security flaws, but MCP attack detection remains underexplored. To...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: trivy, kapp, datadog-agent, caddy, crossplane-provider-azure-managedidentity, http-echo, kube-bench, ingress-nginx-controller, docker-machine-driver-harvester, terraform-provider-azuread, rabbitmq-messaging-topology-operator, kube-state-metrics, git-lfs,...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, minio-object-browser, trivy, cert-manager-csi-driver, datadog-agent, contour, nuclei, caddy, cert-manager-cmctl, crossplane-provider-azure-managedidentity, ko, newrelic-infrastructure-agent, docker-credential-gcr, sftpgo-plugin-eventsearch,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: dragonfly-operator-fips, nodetaint, cluster-api, prometheus-pushgateway, cri-tools, caddy, cadvisor-fips, prometheus-statsd-exporter-fips, kubescape-server, kubernetes-dashboard-auth, azure-service-operator-fips, gomplate, virt-api, neuvector-sigstore-interface-fips,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: dragonfly-operator-fips, prometheus-pushgateway, cadvisor-fips, kubescape-server, gomplate, rancher-security-scan-fips, pdfcpu, db-operator-fips, aws-sigv4-proxy-fips, knative-eventing, zabbix-agent2, kserve-modelmesh-serving, dcgm-exporter, nats-fips, falcoctl,...

GHSA-FM2X-C5QW-4H6F LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf

Summary The isVMLowLevelOptionForbidden function in lxd/project/limits/permissions.go is missing raw.apparmor and raw.qemu.conf from its hardcoded forbidden list. A user with canedit permission on a VM instance in a restricted project can combine these two omissions to bridge the LXD unix socket...

LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf

Summary The isVMLowLevelOptionForbidden function in lxd/project/limits/permissions.go is missing raw.apparmor and raw.qemu.conf from its hardcoded forbidden list. A user with canedit permission on a VM instance in a restricted project can combine these two omissions to bridge the LXD unix socket...

CVE-2025-64436 vulnerabilities

Vulnerabilities for packages: docker-machine-driver-harvester...

GHSA-7XGM-5PRM-V5GC vulnerabilities

Vulnerabilities for packages: docker-machine-driver-harvester...

GHSA-9M94-W2VQ-HCF9 vulnerabilities

Vulnerabilities for packages: docker-machine-driver-harvester...

CVE-2026-5194

A flaw was found in wolfSSL. Missing hash/digest size and Object Identifier OID checks allow the acceptance of smaller, less secure digests during the verification of Elliptic Curve Digital Signature Algorithm ECDSA certificates. This could enable a remote attacker, with knowledge of the public...

CVE-2026-5194

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...

The agentic SOC—Rethinking SecOps for the next decade

Every major shift in cyberattacker behavior over the past decade has followed a meaningful shift in how defenders operate. When security operation centers SOCs deployed endpoint detection and response EDR—and later extended detection and response XDR—security teams raised the bar, pushing...

Weak Authentication

Overview Affected versions of this package are vulnerable to Weak Authentication due to improper validation of oauthuserid in the TokenGuard::authenticateViaBearerToken function. An attacker can gain unauthorized access to unrelated user accounts by presenting a machine-to-machine token with a...

CVE-2026-39976

Laravel Passport provides OAuth2 server support to Laravel. From 13.0.0 to before 13.7.1, there is an Authentication Bypass for clientcredentials tokens. the league/oauth2-server library sets the JWT sub claim to the client identifier since there's no user. The token guard then passes this value ...

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-affiliated cyber actors are targeting internet-facing operational technology OT devices across critical infrastructures in the U.S., including programmable logic controllers PLCs, cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality,...