Explore

Trendline Trendline
cPanel WHM Vulnerability Exposes Internet Infrastructure to Authentication Bypass

cPanel WHM Vulnerability Exposes Internet Infrastructure to Authentication Bypass

cPanel WHM Vulnerability Exposes Internet Infrastructure to Authentication Bypass
Rapid Read Rapid Read
OpenSSH Vulnerability CVE-2026-35414 Poses Significant Security Risk

OpenSSH Vulnerability CVE-2026-35414 Poses Significant Security Risk

A critical vulnerability has been identified in OpenSSH, affecting nearly all versions released over the past 15 years. This vulnerability, CVE-2026-35414, allows attackers to gain root access to affected servers, potentially leading to data theft, system tampering, and significant operational disruptions. The Centre for Cybersecurity Belgium has issued a warning, urging organizations to update to OpenSSH version 10.3 or later. The vulnerability involves an authentication bypass related to the authorized_keys principals option. Notably, attacks exploiting this vulnerability do not leave traces in logs, making detection challenging without advanced monitoring tools.
Trendline Trendline
SAP npm Package Attack Exposes Vulnerabilities in Developer Tools

SAP npm Package Attack Exposes Vulnerabilities in Developer Tools

SAP npm Package Attack Exposes Vulnerabilities in Developer Tools
Rapid Read Rapid Read
LiteLLM Vulnerability Exploited Shortly After Disclosure

LiteLLM Vulnerability Exploited Shortly After Disclosure

A critical vulnerability in the LiteLLM open source AI gateway was exploited shortly after its disclosure, allowing attackers to access sensitive database information. The flaw, identified as CVE-2026-42208, involves an SQL injection during the proxy API key verification process. Attackers targeted database tables containing API keys and credentials, although no further exploitation was observed. The vulnerability was addressed in LiteLLM version 1.83.7, which users are advised to update to. The incident underscores the importance of timely patching and vulnerability management in software development.
Trendline Trendline
Incomplete Windows Patch Exposes Users to Zero-Click Attacks

Incomplete Windows Patch Exposes Users to Zero-Click Attacks

Incomplete Windows Patch Exposes Users to Zero-Click Attacks
Rapid Read Rapid Read
OpenSSH Vulnerability Exposes Servers to Root Access for 15 Years

OpenSSH Vulnerability Exposes Servers to Root Access for 15 Years

A critical vulnerability in OpenSSH, identified as CVE-2026-35414, has been discovered, affecting versions released over the past 15 years. This flaw allows attackers to gain full root shell access to servers by exploiting a mishandling of the authorized_keys principals option. The issue arises when a comma in an SSH certificate principal name is misinterpreted, enabling users with a valid certificate from a trusted CA to authenticate as root. The vulnerability, which has a CVSS score of 8.1, was identified by the cybersecurity firm Cyera. The flaw does not register authentication failures in logs, making detection through log-based methods unreliable. The vulnerability was patched in OpenSSH version 10.3, released in early April 2026.
Trendline Trendline
OpenSSH Vulnerability Exposes Servers to Root Access for 15 Years

OpenSSH Vulnerability Exposes Servers to Root Access for 15 Years

OpenSSH Vulnerability Exposes Servers to Root Access for 15 Years
Rapid Read Rapid Read
Nessus Agent Vulnerability on Windows Allows System-Level Code Execution

Nessus Agent Vulnerability on Windows Allows System-Level Code Execution

A critical security vulnerability has been identified in Tenable's Nessus Agent for Windows, which could allow attackers to execute arbitrary code with SYSTEM privileges. This flaw involves a symlink attack, where attackers can manipulate file operations to delete critical system files, leading to full control over the affected machine. The vulnerability poses a significant threat to organizations using Nessus Agents for vulnerability assessments, especially those installed on high-value or internet-adjacent systems. Tenable has released a patch in version 11.1.3 to address this issue and urges immediate updates to mitigate risks.
Rapid Read Rapid Read
Incomplete Windows Patch Leaves Systems Vulnerable to Zero-Click Attacks

Incomplete Windows Patch Leaves Systems Vulnerable to Zero-Click Attacks

Akamai has reported that an incomplete patch for a Windows vulnerability has led to a new security flaw, enabling zero-click attacks. The original vulnerability, CVE-2026-21510, was patched in February but left a gap that attackers could exploit without user interaction. This flaw allows attackers to steal credentials via auto-parsed LNK files. The Russian-linked group APT28 has been identified as exploiting this vulnerability, targeting entities in Ukraine and the European Union. Microsoft has since released a fix for the new vulnerability, CVE-2026-32202, as part of its April 2026 security updates.
Rapid Read Rapid Read
Open Source Software Compromised, User Credentials Stolen

Open Source Software Compromised, User Credentials Stolen

An open-source software package with over 1 million monthly downloads was compromised after attackers exploited a vulnerability in the developers' account workflow. This breach allowed access to signing keys and sensitive information. The attackers published a malicious version of the element-data package, which scoured systems for sensitive data such as user profiles, warehouse credentials, cloud provider keys, API tokens, and SSH keys. The malicious version, tagged as 0.23.3, was removed within 12 hours of its release. Developers have since rotated all affected credentials and audited their GitHub actions to prevent future vulnerabilities.
Rapid Read Rapid Read
Firestarter Malware Persists Despite Cisco Firewall Patches

Firestarter Malware Persists Despite Cisco Firewall Patches

The Firestarter malware, associated with the ArcaneDoor threat actor, has been found to persist in Cisco's Firepower and Secure Firewall devices despite security patches released in September last year. This malware, identified as a Linux binary, embeds itself in the Firepower eXtensible Operating System (FXOS) base layer, surviving device reboots and evading detection. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) have issued alerts, advising organizations to follow emergency directives, including physically disconnecting affected firewalls to disrupt the malware's persistence.
Trendline Trendline
Nessus Agent Vulnerability on Windows Allows Critical System Privilege Exploitation

Nessus Agent Vulnerability on Windows Allows Critical System Privilege Exploitation

Nessus Agent Vulnerability on Windows Allows Critical System Privilege Exploitation