Signed malware impersonating workplace apps deploys RMM backdoors

In February 2026, Microsoft Defender Experts identified multiple phishing campaigns attributed to an unknown threat actor. The campaigns used workplace meeting lures, PDF attachments, and abuse of legitimate binaries to deliver signed malware. Phishing emails directed users to download malicious...

CVE-2025-14456

IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1...

CVE-2026-26889

Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/managecategory.php...

CVE-2026-20777

A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch db9a9a63. A specially crafted .wft file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-2637

iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks. This issue affects iBoysoft NTFS: 8.0.0...

CVE-2026-2637

iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks. This issue affects iBoysoft NTFS: 8.0.0...

Malicious code in whop-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 943bd287cb6375798fdee15ba33f85737201ea9934952ee5d1f2a2336e8cd65c The package whop-sdk was found to contain malicious code. Source: ghsa-malware 4c3e9ca78194532c222b978afd00f7bb4be1ca1ba6cd442e1892d17ee6e67ccc Any...

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

RCE Vulnerability in Mirth Connect CVE-2023-37679 & CVE-2023-...

CVE-2024-55022

CVE-2024-55022 affects Weintek cMT-3072XH2 easyweb v2.1.53 on OS v20231011. An authenticated command injection vulnerability exists in the HMI Name parameter, allowing an attacker with valid credentials to inject commands. Public details indicate a high-severity impact (CVE metrics show high conf...

Cohesity TranZman 安全漏洞

Cohesity TranZman is a data migration and recovery software developed by Cohesity Corporation. Cohesity TranZman 4.0 Build 14614 contains security vulnerabilities. These vulnerabilities stem from multiple authenticated OS command injection vulnerabilities, which may allow authenticated...

PT-2026-22838

Name of the Vulnerable Software and Affected Versions GLPI Inventory Plugin versions prior to 1.6.6 Description The GLPI Inventory Plugin manages network discovery, inventory, software deployment, and data collection for GLPI agents. A reflected cross-site scripting XSS issue exists in task jobs...

Cohesity TranZman 安全漏洞

Cohesity TranZman is a data migration and recovery software developed by Cohesity Corporation. Version 4.0 Build 14614 of Cohesity TranZman contains a security vulnerability. This vulnerability stems from the use of weak encryption algorithms for data encryption, which may allow attackers to easi...

Tuya App和Tuya SDK 安全漏洞

Both the Tuya App and Tuya SDK are products of the Chinese company Tuya. The Tuya App is a smart home control terminal. The Tuya SDK is a developer toolkit. There are security vulnerabilities in the 24.07.11 version of both the Tuya App and Tuya SDK. These vulnerabilities stem from incorrect...

PT-2026-22949

Name of the Vulnerable Software and Affected Versions Craft versions prior to 4.17.0-beta.1 and 5.9.0-beta.1 Description A security issue exists that allows an authenticated administrator to execute arbitrary code. This is possible by injecting a Server-Side Template Injection SSTI payload into...

PT-2026-22778

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...

PT-2026-22746

Name of the Vulnerable Software and Affected Versions Tuya App and SDK version 24.07.11 Description A denial of service condition exists in Tuya App and SDK. The issue affects an unknown functionality within the JSON Data Point Handler component. Manipulation of the cruise time argument can lead ...

PT-2026-22720

Name of the Vulnerable Software and Affected Versions mailparser versions prior to 3.9.3 Description The package mailparser is susceptible to Cross-site Scripting XSS due to insufficient sanitization of URLs within email content. Specifically, the textToHtml function does not properly handle URLs...

Cohesity TranZman 安全漏洞

Cohesity TranZman is a data migration and recovery software developed by Cohesity Corporation. Version Cohesity TranZman 4.0 Build 14614 contains a security vulnerability. This vulnerability stems from improper access control in the component /opt/SRLtzm/bin/TapeDumper, which could allow attacker...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005463)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005463 advisory. In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in softwarenodegetreferenceargs softwarenodegetreferenceargs...

Cohesity TranZman 安全漏洞

Cohesity TranZman is a data migration and recovery software developed by Cohesity Corporation. Version 4.0 Build 14614 of Cohesity TranZman contains a security vulnerability. This vulnerability arises from the upload of any file with authenticated access, potentially allowing attackers with...