Automated cyber signal feeds.
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi). According to a report published by Proofpoint, the threat actor has…
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely deployed open-source AI gateway that brokers calls to…
CVE ID :CVE-2026-9862 Published : June 15, 2026, 4:16 p.m. | 2 hours, 12 minutes ago Description :Fortra’s Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may…
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search. Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path…
CVE ID :CVE-2026-5242 Published : June 15, 2026, 2:16 p.m. | 4 hours, 12 minutes ago Description :Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue affects Pizzy Library: from…
CVE ID :CVE-2026-54413 Published : June 14, 2026, 5:38 p.m. | 43 minutes ago Description :driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle_0x27_SecurityAccess() function in iso14229.c that allows a remote unauthenticated attacker to crash…
CVE ID :CVE-2026-54412 Published : June 14, 2026, 5:26 p.m. | 54 minutes ago Description :LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqtt_unpack_publish_response() function in src that allows a remote unauthenticated attacker controlling…
CVE ID :CVE-2026-54410 Published : June 14, 2026, 5:10 p.m. | 1 hour, 11 minutes ago Description :nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled…
CVE ID :CVE-2026-54420 Published : June 14, 2026, 4:16 a.m. | 14 hours, 4 minutes ago Description :LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access…
CVE ID :CVE-2026-12174 Published : June 13, 2026, 9:16 p.m. | 21 hours, 5 minutes ago Description :A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler.…