Security Bulletin: Due to use of IBM Storage Scale , IBM Cloud Pak System is affected by multiple vulnerabilities

Summary Multiple vulnerabilities in IBM Storage Scale which could provide weaker than expected security were addressed in IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp wi...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Container Storage Interface (CSI) are now fixed in Storage Scale Container Native 5.2.3.8 / CSI 2.14.7 and Storage Scale Container Native 6.0.1.0 / CSI 3.1.0 or higher

Summary The following vulnerabilities, which can affect IBM Storage Scale Container Storage Interface CSI CVE-2026-9167 are now fixed in Storage Scale Container Native 5.2.3.8 / CSI 2.14.7 or higher and Storage Scale Container Native 6.0.1.0 / CSI 3.1.0 or higher. Vulnerability Details...

FreeType Automated Font Corpus Scanner

This Python framework implements a structured font-analysis pipeline for large-scale robustness testing of FreeType font parsing behavior...

Making secret scanning more trustworthy: Reducing false positives at scale

Secret scanning plays a critical role in protecting developers and organizations. It helps catch exposed credentials early and prevents small mistakes from turning into real incidents. At GitHub's scale, even small inefficiencies create real friction. Too many false positives make alerts harder t...

Smarter Saboteurs, Better Fixers: Scaling and Security in Linear Multi-Agent Workflows

As LLM-based multi-agent systems MAS are deployed in the wild, the resilience of their collaboration structures against adversarial compromise becomes a critical safety concern. Attackers may leverage prompt-injection or jailbreaking to sabotage individual agents within MAS workflows, but the...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Management GUI, Cluster Export Services (CES) S3 or HDFS layer are now fixed in 5.2.3.8 and 6.0.1.0 or higher

Summary The following vulnerabilities, which can affect IBM Storage Scale Management GUI jackson-core-2.17.2.jar, CVE-2026-2950, CVE-2026-4800, Cluster Export Service CES S3 CVE-2026-33186 or HDFS layer for Hadoop deployments CVE-2026-24281, CVE-2026-24308 are now fixed in 5.2.3.8 and 6.0.1.0 or...

ScaleDisturb: Exploiting Temporal Asymmetry to Amplify Read Disturbance in Modern DRAM Chips

DRAM suffers from read disturbance phenomena e.g., RowHammer and RowPress, where repeatedly accessing or continuously keeping open a DRAM row aggressor row induces bitflips in other physically nearby unaccessed rows victim rows. The disturbance mechanism is practically exploitable from the softwa...

CVE-2026-8037 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints...

Refusal Before Decoding: Detecting and Exploiting Refusal Signals in Intermediate LLM Activations

In this paper, we investigate whether refusal behavior can be predicted from LLM intermediate activations before decoding using linear probes trained on residual stream activations at each transformer block. We find that refusal is linearly decodable well before the final layer, indicating that...

The Fault in Our Drafts: Vulnerabilities in RPKI Specification and Software

The Resource Public Key Infrastructure RPKI secures the Internet's routing system by defining a complex trust and validation framework for certificates, Route Origin Authorizations ROAs, manifests, and Certificate Revocation Lists CRLs. These mechanisms are specified across dozens of RFCs. This...

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 CVSS score: 9.4, an SQL injection vulnerability in...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations...

EUVD-2026-31133

InfoScale CmdServer before 7.4.2 mishandles access control...

CVE-2026-44924

InfoScale VIOM 9.1.3 allows XSS...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rcu/rcuscale: The kfreescalethread threads is stopped after unloading the rcuscale module. Running the ‘kfreercutest’ test case results in a fatal error. The root cause is that the kfreescalethread threads continues to run after...

Malicious code in @antv/word-scale-chart (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-4083 Malicious code in @antv/scale (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

@antv/narrative-text-vis (>=0.1.6 <=0.2.5), antv-site-demo-rc (>=0.1.0-alpha.16 <=0.1.0-alpha.22) potentially affected by unknown CVE via @antv/word-scale-chart (>=0.1.1 <=0.3.4)

@antv/word-scale-chart NPM version =0.1.1, =0.1.6, =0.1.0-alpha.16, =0.1.0-alpha.22 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVWORDSCALECHART-16754866...

@antv/narrative-text-vis (>=0.1.6 <=0.2.5), antv-site-demo-rc (>=0.1.0-alpha.16 <=0.1.0-alpha.22) potentially affected by unknown CVE via @antv/word-scale-chart (>=0.1.1 <=0.3.4)

@antv/word-scale-chart NPM version =0.1.1, =0.1.6, =0.1.0-alpha.16, =0.1.0-alpha.22 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVWORDSCALECHART-16755036...

1byte-react-design (>=1.7.1 <=1.14.0), 1g6table (=0.1.0) +2694 more potentially affected by unknown CVE via @antv/scale (>=0.0.1 <=0.5.2)

@antv/scale NPM version =0.0.1, =1.7.1, =1.1.0, =1.0.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.0.1-beta, =0.1.2, =1.1.43, =5.0.48, =5.0.480 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVSCALE-16754399...