Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005058)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005058 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller Generic sdhci code registers LED device an...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005017)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005017 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffermutex and mmaplock syzbot caught a potential...

ALSA-2026:0932 Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

openSUSE 16 Security Update : go1.24 (openSUSE-SU-2026:20077-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20077-1 advisory. Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the...

Malicious Package

Overview ansi-universal-ui is a malicious package. This package contains malicious code, and it has been removed from the official package manager. The package sets up a standalone Python runtime and downloads an obfuscated payload from an Appwrite storage bucket that, upon execution, performs an...

From runtime risk to real‑time defense: Securing AI agents

AI agents, whether developed in Microsoft Copilot Studio or on alternative platforms, are becoming a powerful means for organizations to create custom solutions designed to enhance productivity and automate organizational processes by seamlessly integrating with internal data and systems. From a...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004925)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004925 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004852)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004852 advisory. In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork failure The pointers for guarded storage and runti...

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to multiple issues due to IBM Runtime Environment Java Technology Edition Version 8

Summary There are vulnerabilities in IBM Runtime Environment Java Technology Edition Version 8 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An...

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues in IBM Semeru Runtime version 17

Summary There are vulnerabilities in IBM Semeru Runtime version 17 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability i...

How Public Container Registries Have Become a Silent Risk Multiplier in a Modern Supply Chain

Key Takeaways Pulling container images from public registries is a trust decision, not a neutral operational step. The impact extends to infrastructure stability, cloud spend, and security risk. Cryptomining is the most common form of malicious abuse in public container images, driven by the ease...

SUSE-SU-2026:20132-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

OPENSUSE-SU-2026:20085-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

SUSE-SU-2026:20122-1 Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

CVE-2026-23956

A flaw was found in seroval, a JavaScript JS value stringification library. A remote attacker could exploit this vulnerability by providing specially crafted regular expressions during deserialization. This could lead to the exhaustion of JavaScript runtime memory or trigger a Regular Expression...

CAFE-GB: Scalable and Stable Feature Selection for Malware Detection Via Chunk-Wise Aggregated Gradient Boosting

High-dimensional malware datasets often exhibit feature redundancy, instability, and scalability limitations, which hinder the effectiveness and interpretability of machine learning-based malware detection systems. Although feature selection is commonly employed to mitigate these issues, many...

Beam security vulnerabilities

Beam is an open-source artificial intelligence runtime environment developed by Beam. Version beam beta9 0.1.552 contains a security vulnerability. This vulnerability stems from the directory traversal vulnerability in the joinCleanPath function, which could allow remote attackers to obtain...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27003)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27003 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walki...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38004)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38004 advisory. - In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46846)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46846 advisory. - In the Linux kernel, the following vulnerability has been resolved: spi: rockchip: Resolve unbalanced runtim...