JetBrains has released security updates for a cluster of critical vulnerabilities that enable authentication bypass, account takeover, and remote code execution (RCE) across its on‑premise ecosystem, including Hub, YouTrack, IntelliJ‑based IDEs, Kotlin, GoLand, and TeamCity. These flaws put development and…
Tag: Cyber Security News
WinRAR 7.23 Fixes Heap Overflow Vulnerability that Leads to Application Crashes
WinRAR 7.23 addresses a newly disclosed heap overflow vulnerability in the RAR5 recovery volume processing code, tracked as CVE-2026-14191. Closing a memory-corruption flaw that could be triggered by malicious recovery volume (.rev) data and potentially lead to application crashes or…
Medtronic Confirms Data Breach – Hackers Gained Access to Corporate IT Systems
Medical technology giant Medtronic Inc. has disclosed a cybersecurity incident involving unauthorized access to its corporate IT systems, potentially affecting sensitive personal and health-related information of patients using Medtronic medical devices. Medtronic detected unusual activity in certain corporate IT systems…
Multiple ClamAV Vulnerabilities Allow Remote Attacker to Cause a DoS Condition
Multiple high-severity vulnerabilities in Cisco’s ClamAV engine allow remote attackers to crash the antivirus scanning process, causing a denial-of-service (DoS) on affected Cisco Secure Endpoint Connector deployments. The flaws affect Windows, Linux, and macOS, with the highest impact on Windows,…
Browser-Only Ransomware Abuses Chrome File System Access API to Encrypt Android Photos
A new ransomware technique can now run entirely inside a web browser, with no app installation or root access required. It targets Android photo directories by abusing a legitimate Chrome feature meant for photo editing. The attack begins with something…
CISA Warns of Microsoft SharePoint Server Code Execution Vulnerability Exploited in Attacks
CISA has added a newly disclosed Microsoft SharePoint Server vulnerability, tracked as CVE-2026-45659, to its Known Exploited Vulnerabilities (KEV) Catalog, warning that the flaw is actively being exploited in real-world attacks. The vulnerability is a deserialization of untrusted data issue…
Critical Flaws Double as Elevation of Privilege Dominates the Cyber Threats – Analysis of Microsoft Vulnerabilities Report 2026
Microsoft’s vulnerability landscape just sent a mixed signal that every security team needs to understand. According to the newly released Microsoft Vulnerabilities Report 2026 — the 13th annual edition published by BeyondTrust — the total number of disclosed Microsoft vulnerabilities…
CISA Warns of SimpleHelp Authentication Bypass Vulnerability Exploited in Attacks
CISA has issued a warning about a critical authentication bypass vulnerability in SimpleHelp that is actively being exploited in the wild, raising concerns among organizations relying on the remote support software. The vulnerability, tracked as CVE-2026-48558, affects SimpleHelp deployments configured…
WhatsApp Username Reservations Go Live – What Are the Security Concerns for 2 Billion Users
WhatsApp has begun allowing users to reserve usernames ahead of a broader feature launch planned for later this year, prompting a wave of questions about security, impersonation risk, and account linkage that security researchers should be tracking closely. According to…
Alleged Scattered Spider Member Extradited to the US for His Role in Hacking 100+ Networks
A dual U.S.-Estonian citizen accused of belonging to the notorious Scattered Spider hacking collective has been extradited from Finland to face federal charges in the Northern District of Illinois, the Department of Justice announced Tuesday. Peter Stokes, 19, was arrested…
FortiBleed Password Stealing Attack Linked to INC and Lynx Ransomware Operations
FortiBleed credential-harvesting campaign, which has compromised more than 430,000 FortiGate firewalls worldwide, is directly feeding two active ransomware-as-a-service operations, INC Ransom and Lynx. SOCRadar’s Threat Research Unit identified an operator with access to FortiBleed infrastructure actively logged into negotiation panels…
Indian Govt Halts Meta’s WhatsApp Usernames Rollout Over Fraud Concerns
The Indian government has issued a formal notice to WhatsApp LLC (Meta), directing the platform to justify why regulatory action should not be taken against its newly announced “usernames” feature and instructing the company not to roll it out in…
Critical Cursor IDE RCE Vulnerabilities Enable Prompt Injection in Zero-Click
Two critical remote code execution (RCE) vulnerabilities in Cursor IDE, the AI-powered development environment used by more than half of Fortune 500 companies. Cato AI Labs has disclosed two flaws, dubbed ” DuneSlide, ” both of which carry a 9.8…
Apple ‘Hide My Email’ Vulnerability Exposes Users’ Real Email Addresses
Apple’s “Hide My Email” feature is currently affected by an unpatched vulnerability that allows attackers to discover the real email address behind an anonymized alias, according to researcher Tyler Murphy and independent tests by 404 Media. Apple’s Hide My Email,…
Anthropic’s Buffa Rust Library 0-Day Vulnerability Enables DoS Attack
Anthropic’s Rust-based protobuf implementation, buffa, has been found vulnerable to a zero-day denial-of-service (DoS) condition caused by unbounded heap allocation on attacker-controlled input. The flaw, now tracked as CVE-2026-55407 and GHSA-f9qc-qg88-7pq5, affects buffa and connectrpc versions before 0.8.0 and has…
Critical Multiple Adobe ColdFusion Vulnerabilities Enables Arbitrary Code Execution Attacks
Adobe has released an urgent security update for ColdFusion 2025 and 2023 to fix multiple critical vulnerabilities that could allow arbitrary code execution, privilege escalation, arbitrary file read, and security feature bypass. The issues are rated Priority 1, meaning administrators…
A Weaponized Google Ad Install Malicious Claude Code to Hijack Entire macOS
A sponsored Google ad impersonating Anthropic’s Claude Code CLI has been caught delivering “MacSync Stealer,” a macOS credential harvester that also silently trojans Ledger Live and Ledger Wallet apps to steal crypto seed phrases. The campaign was discovered and fully…
Attackers Weaponizing Trusted Windows Drivers to Kill AV and EDR Processes
Attackers are increasingly abusing trusted Windows drivers to turn off antivirus (AV) and endpoint detection and response (EDR) tools, using a technique known as Bring Your Own Vulnerable Driver (BYOVD). Once considered niche, BYOVD has rapidly become a standard component…
Multiple Citrix NetScaler ADC and Gateway Vulnerabilities Enables DoS and Memory Overflow Attacks
Multiple high-severity vulnerabilities have been identified in Citrix NetScaler ADC and NetScaler Gateway, exposing affected systems to denial-of-service (DoS) and memory overflow attacks. The issues, tracked under CVE-2026-8451, CVE-2026-8452, CVE-2026-8655, CVE-2026-10816, CVE-2026-10817, and CVE-2026-13474, were disclosed in a security bulletin…
How a US Automotive Manufacturer Closed Its Supplier Security Gap and Doubled SOC Triage Speed
For a US automotive manufacturer that depends on more than 200 active vendors, the steady stream of supplier files coming into its environment had turned into both a security exposure and a rising operational cost. The strain is felt acutely…