366229 matches found
CVE-2026-16118 Xdgmime: heap-based buffer overflow in _xdg_mime_magic_parse_magic_line() in xdgmimemagic.c
A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in xdgmimemagicparsemagicline in the xdgmimemagic.c file on little-endian systems when an attacker-controlled MIME magic file in a user-writable XDG data location e.g., in the $XDGDATAHOME/mime/magic path is parsed by an...
CVE-2026-16118 Xdgmime: heap-based buffer overflow in _xdg_mime_magic_parse_magic_line() in xdgmimemagic.c
A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in xdgmimemagicparsemagicline in the xdgmimemagic.c file on little-endian systems when an attacker-controlled MIME magic file in a user-writable XDG data location e.g., in the $XDGDATAHOME/mime/magic path is parsed by an...
Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT
Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack. The malicious package campaign, codenamed ViteVenom by Checkmarx, marks an expansion of ChainVeil , which was observed using...
Exploit for Server-Side Request Forgery in Sonicwall Sma6210_Firmware
...
New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens
A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator's own dashboard claims 3,811 unique AWS keys. A Shodan harvester keeps the scan queue stocked with ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio: the image generators, local model runners, an...
vLLM: Processing differential in multi-channel audio downmixing enables hidden-input/moderation bypass for audio models
Issue Description Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results in: - Inconsistency between audio heard by humans e.g., through headphones/regular speakers and...
GHSA-6C4R-FMH3-7RH8 vLLM: Processing differential in multi-channel audio downmixing enables hidden-input/moderation bypass for audio models
Issue Description Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results in: - Inconsistency between audio heard by humans e.g., through headphones/regular speakers and...
GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft
Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine. Expel, which shared technical details of the event, described the threat actor as a sub-group of GoldenEyeDog aka APT-Q-27, Dragon Breath, and Miuuti Group, a...
“TTF Trap” Phishing Emails Use Fake Font Files to Deliver Windows Malware
An email that appears to contain a shipping document, payment request, or business proposal can infect a Windows…...
Malicious code in govpkg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 736ef874636ee77d0a5007dea41ad6329e0d5523bfeb5254930985f451a6f6f6 When using the provided functionality, the package silently downloads a malicious executable and ensures its persistence disguised as a system service. The...
MAL-2026-10770 Malicious code in govpkg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 736ef874636ee77d0a5007dea41ad6329e0d5523bfeb5254930985f451a6f6f6 When using the provided functionality, the package silently downloads a malicious executable and ensures its persistence disguised as a system service. The...
Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images
North Korean threat actors linked to the Contagious Interview campaign have been observed employing steganography in SVG image files to conceal malicious payloads as part of a campaign using fake job postings and coding challenges. "Any user who ran the project ended up with a four-stage payload...
E.U. Orders Google to Open Android Mic, Camera and Screen to Rival AI Assistants
The European Commission on Thursday ordered Google to give rival AI assistants the same reach into Android that Gemini already has: the camera, the microphone, whatever is on screen, a wake word that fires with the display off, and the ability to drive other apps in the background by imitating ta...
Armenia Detains Russian Tourist on U.S. Warrant for REvil Hacker, Lawyers Say Wrong Man
Armenia has held a Russian tourist named Aleksandr Ermakov in a detention center since June 28, on a U.S. extradition request for a REvil ransomware suspect named Aleksandr Ermakov. His wife, Maria Yurova, told REN TV that border officers pulled him out of the departure hall at Yerevan's Zvartnot...
How to use GitHub safely
GitHub is rapidly becoming the go-to platform for sharing software. Originally built for developers to collaborate on code, it now hosts millions of projects ranging from hobby scripts to widely used applications. That popularity, however, has also made it an attractive delivery platform for...
Security Bulletin: Multiple vulnerabilities in IBM Guardium Unified Discovery and Classification (GUDC) container images
Summary Security vulnerabilities have been addressed in the IBM Guardium Unified Discovery and Classification GUDC container images Vulnerability Details CVEID:CVE-2025-0167 DESCRIPTION: When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password use...
ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files
ACR Stealer, an infostealer in circulation since 2024, is walking out of enterprise networks with saved browser passwords, live session tokens, PDFs, Microsoft 365 documents, and files from synced OneDrive and SharePoint folders. It gets in because someone pasted a command into a Run box and...
New GoSerpent Malware Targets Southeast Asian Governments and Diplomats for Espionage
Cybersecurity researchers have discovered a previously undocumented malware called GoSerpent that has been put to use in cyber attacks targeting entities in Southeast Asia since late 2025 with a focus on long-term access and intelligence gathering. Russian cybersecurity company Kaspersky, which...
CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a newly patched security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities KEV catalog, requiring Federal Civilian Executive Branch FCEB agencies to apply the fixes by July 19, 2026. T...
OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect
OpenText Documentum Administrator 7.2.0180.0055 is susceptible to multiple open redirect vulnerabilities. An attacker can redirect a user to a malicious site and potentially obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2017-14524 info: name: OpenText...