admin

admin

CVE-2026-12196 – HestiaCP Admin Takeover

​CVE ID :CVE-2026-12196 Published : July 4, 2026, 12:16 p.m. | 6 hours, 26 minutes ago Description :HestiaCP panel cronjob feature is affected by a broken access control vulnerability. Low privilege users can modify the panel cronjob to execute scripts HestiaCP management…

New Avalon Malware Framework Packs CrownX Ransomware Capabilities

​Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution,…

CVE-2026-14459 – Argument Injection in TUBITAK BILGEM’s pardus-software

​CVE ID :CVE-2026-14459 Published : July 3, 2026, 2:09 p.m. | 4 hours, 26 minutes ago Description :Improper neutralization of argument delimiters in a command (‘argument injection’) vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects…

FBI Seizes NetNut Proxy Platform, Popa Botnet

​The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly…