AI brands as bait: How threat actors are using the AI hype in social engineering

In this article 1. ChatGPT-themed lure leads to phishing kit collecting credit card data 2. Claude-themed phishing campaign collected credentials and access tokens 3. "Awesome AI Windows Plugin” malvertising deploys Vidar stealer 4. Fake DeepSeek V4 installers on GitHub delivered Vidar Stealer 5...

CVE-2026-35565

Stored Cross-Site Scripting XSS via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interpolates topology metadata including component IDs, stream names, and grouping values directly into HTML via innerHTML in...

Hitachi Energy ITT600 Explorer

SUMMARY Hitachi Energy is aware of vulnerabilities that affect ITT600 Explorer product versions listed in this document. These vulnerabilities can be exploited to carry out Denial of Service DoS attack on the product. The vulnerabilities only affect Hitachi Energy Integrated Testing Tool ITT600...

CVE-2026-43001

A flaw was found in OpenStack Keystone. An attacker holding an unrestricted application credential could exploit a vulnerability in the POST /v3/credentials endpoint where the caller-supplied projectid for an EC2-type credential was not validated against the project of the authenticating...

CVE-2026-45585

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...

EUVD-2026-31006

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...

CVE-2026-45585

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...

CVE-2026-45585

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...

Windows BitLocker Security Feature Bypass Vulnerability

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...

Vaadin Build Plugins is Affected by a Possible Information Disclosure Vulnerability

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

Kazuar: Anatomy of a nation-state botnet

In this article 1. Delivery 2. Module types 3. Botnet operations 4. Who is Secret Blizzard? 5. Mitigation and protection guidance 6. Microsoft Defender detections Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for...

CVE-2026-33376 Auth Proxy IPv6 whitelist bypass

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

PT-2026-42025

Name of the Vulnerable Software and Affected Versions Windows 11 Windows Server 2022 Windows Server 2025 Description A security feature bypass known as YellowKey affects the BitLocker component in Windows. This issue allows an attacker with physical access to a device to bypass full-disk encrypti...

CVE-2026-5081

A flaw was found in Apache::Session::Generate::ModUniqueId, a Perl module designed to generate session identifiers. This module uses the Apache moduniqueid plugin's UNIQUEID environment variable directly as a session ID. The UNIQUEID is constructed from easily guessable information, such as the...

CVE-2026-34354: Guardicore Local Privilege Escalation Vulnerability

Read the technical details of a security vulnerability CVE-2026-34354 in Akamai Guardicore Platform Agent for Windows — and get clear guidance on mitigation...

Exploit for CVE-2026-31431

Copy-Fail---CVE-2026-31431 CVE-2026-31431 "Copy Fail" - Analys...

n8n has SQL Injection in SeaTable Node

Impact A flaw in the SeaTable node's row:search and row:get operations allowed user-controlled input to be concatenated directly into SQL query strings without escaping or parameterization. In workflows where external user input is passed via expressions into the SeaTable node's search or row...

Exploit for CVE-2026-31431

Copy Fail CVE-2026-31431 – Exploit Usage Guide ⚠️ Discla...

CVE-2026-41059

A flaw was found in OAuth2 Proxy. An unauthenticated attacker can exploit a configuration-dependent authentication bypass by sending a crafted request containing a number sign in the path. This allows the OAuth2 Proxy to incorrectly match a public allowlist rule, leading to the exposure of...

Floating Point Value Injection (FPVI) Variant in AMD CPUs

Summary Researchers shared with AMD a report titled “TREVEX: A Black-Box Detection Framework For Data-Flow Transient Execution Vulnerabilities.” The researchers' paper introduced a Floating-Point Value Injection FPVI variant, which could allow an attacker with a deep understanding of...