Windmill Developer Platform Flaws Expose Users to RCE Attacks, Proof-of-Concept Published

Cybersecurity researchers have discovered critical vulnerabilities in the Windmill developer platform and Nextcloud Flow, an integration embedding the Windmill engine. These severe flaws allow remote attackers to take full control of affected systems without requiring any passwords. System administrators must…

BlueHammer Windows Zero-Day Leaked

Exploit code has been released for an unpatched Windows vulnerability dubbed BlueHammer, which allows attackers to gain SYSTEM or elevated administrator permissions. This article has been indexed from CyberMaterial Read the original article: BlueHammer Windows Zero-Day Leaked

Microsoft Links Medusa to Zero-Day Attacks

Microsoft reports that the China-based cybercrime group Storm-1175 is launching high-speed attacks using both known and zero-day vulnerabilities to deploy Medusa ransomware. This article has been indexed from CyberMaterial Read the original article: Microsoft Links Medusa to Zero-Day Attacks

White House Slashes CISA Funding by $707M

The Trump administration has proposed a $707 million budget reduction for the Cybersecurity and Infrastructure Security Agency for fiscal year 2027 to refocus the agency on its core mission of protecting federal networks. This article has been indexed from CyberMaterial…

Kubernetes Flaws Let Hackers Jump From Containers to Cloud Accounts

Hackers are increasingly abusing Kubernetes misconfigurations to jump from containers into high‑value cloud accounts, turning a single compromised pod into full cloud‑level access. This trend is accelerating rapidly, with Kubernetes‑related identity abuse and token-theft operations growing sharply across enterprise environments.…