Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code VS Code extension ecosystem. "The malware is designed to exfiltrate sensitive informatio...

CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615 CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615 CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615

The Librarian (TheLibrarian.io) vulnerability CVE-2026-0615 concerns the supervisord status page exposed via the web_fetch tool, enabling retrieval of running processes in TheLibrarian backend. According to the sources, this could allow an attacker to enumerate backend processes and exposed state...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004464)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004464 advisory. A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001641)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001641 advisory. The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue...

PT-2026-3249

Name of the Vulnerable Software and Affected Versions TheLibrarian versions prior to the fixed version Description The supervisord status page within TheLibrarian can be accessed via the web fetch tool, potentially exposing running processes in the backend. This allows for the retrieval of...

The Librarian security vulnerability

The Librarian is a personal AI assistant software developed by The Librarian Company in Singapore. The Librarian has a security vulnerability, which stems from the webFetch tool’s ability to retrieve Supervisory Server status pages, potentially leading to the exposure of backend running processes...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003653 advisory. In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003868)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003868 advisory. A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004209)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004209 advisory. A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001460)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001460 advisory. A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while...

EUVD-2026-2693

A Use After Free vulnerability in the chassis daemon chassisd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker authenticated with low privileges to cause a Denial-of-Service DoS. When telemetry collectors are frequently subscribing and unsubscribing to sensors...

EUVD-2025-206286

NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001674)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001674 advisory. The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system...

CVE-2025-68947

NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver...

CVE-2025-68947 NSecsoft NSecKrnl process termination privilege escalation

NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver...

NSecKrnl driver terminates system processes with crafted IOCTL requests

RISK EVALUATION NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver. 2. RECOMMENDED PRACTICES Enable the Windows Vulnerable Driver...