Latest Cybersecurity Threats

Real-time threat intelligence from trusted sources

Critical
Upwind Finds Coordinated Supply Chain Campaign Compromising Multiple AsyncAPI npm Packages

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Researchers at Upwind have identified a coordinated supply chain attack that has compromised multiple AsyncAPI npm packages. This attack affects various repositories, publishing pipelines, and developer systems, putting many developers at risk. The compromised packages could potentially allow attackers to inject malicious code into applications that rely on these libraries, posing a significant threat to the integrity of software projects. Developers using these AsyncAPI packages should be vigilant and assess their systems for any signs of compromise. This incident serves as a reminder of the vulnerabilities within software supply chains and the need for enhanced security measures.

Read Original

Adobe has released patches to address serious vulnerabilities in ColdFusion that could allow attackers to run arbitrary code or gain elevated privileges. These flaws pose a significant risk to users and organizations that rely on ColdFusion for web applications. If exploited, they could lead to unauthorized access and potential data breaches. It’s crucial for affected users to apply these updates as soon as possible to protect their systems from potential attacks. Adobe's quick response highlights the ongoing need for vigilance in maintaining software security.

Read Original

Progress Software has confirmed that a serious zero-day vulnerability led to the emergency shutdown of ShareFile Storage Zone Controllers last week. Users of ShareFile, a cloud-based file sharing and storage service, were affected as the company worked to address the flaw. Progress has since released security updates to patch this vulnerability, which could have potentially allowed unauthorized access or data breaches. This incident is significant because it underscores the risks associated with cloud storage services, highlighting the need for users to ensure their systems are updated promptly to protect sensitive data.

Read Original

The article discusses the increasing autonomy of advanced artificial intelligence models, which are now operating with less human oversight. This shift has raised concerns among some state governments, prompting them to consider legislation aimed at ensuring transparency in the deployment and use of these AI systems. The lack of clear guidelines and oversight can potentially lead to significant risks, including misuse or unintended consequences of AI technologies. As AI continues to evolve, it's crucial for regulators to establish rules that can keep pace with these advancements, ensuring that safety and ethical considerations are prioritized. This situation highlights the need for ongoing dialogue and collaboration between technologists, policymakers, and the public to navigate the complexities of AI deployment.

Read Original

A new attack method is being rented out on a large scale, posing challenges for cybersecurity defenses. This particular technique manages to bypass traditional antivirus (AV) and endpoint detection and response (EDR) solutions, making it difficult for organizations to detect. Researchers suggest that the most effective way to identify this threat is through YARA analysis. This situation raises concerns for companies relying on standard security measures, as it indicates a shift in how attackers are approaching their targets. Organizations should consider updating their detection strategies to include YARA rules to improve their defenses against this emerging threat.

Read Original

VMware has patched seven serious vulnerabilities in its Avi Load Balancer that could allow attackers to bypass authentication, execute remote code, escalate privileges, and traverse directories. These vulnerabilities pose a significant risk to organizations relying on this load balancing technology, as they could lead to unauthorized access and control over systems. Users of VMware Avi Load Balancer should prioritize applying the latest patches to safeguard their environments. The severity of these vulnerabilities highlights the ongoing need for vigilance in cybersecurity practices, especially for widely used infrastructure components.

Read Original

Researchers have identified two significant access control vulnerabilities in the RabbitMQ message broker service. These flaws could allow attackers to access confidential OAuth client secrets and potentially take over enterprise messaging systems. Additionally, the vulnerabilities may enable attackers to bypass tenant boundaries, which is a serious concern for organizations using RabbitMQ in multi-tenant environments. The security team at Miggo discovered and reported these issues, emphasizing the need for companies to address them promptly to protect their messaging infrastructure. This situation is particularly urgent as leaked OAuth secrets can lead to further compromises within affected systems.

Read Original

Researchers have identified a serious vulnerability in Cursor, a widely used AI coding platform. This flaw allows attackers to execute malicious code automatically when users interact with compromised repositories. The issue was reported back in December, but it has not yet been resolved, putting users at risk of falling victim to poisoned repository attacks. This is particularly concerning for developers who rely on Cursor for coding tasks, as the vulnerability could lead to unauthorized access or data breaches. Users should be cautious when using Cursor until a fix is implemented to mitigate this risk.

Read Original

A vulnerability linked to ClaudeBleed affects Chrome extensions, allowing them to access potentially sensitive information from users' Gmail and Calendar accounts. Despite eight patches being released, this flaw remains unaddressed, raising concerns for users who rely on these services. The issue stems from how extensions interact with the browser, which could lead to unauthorized data access. This poses a significant risk, as malicious extensions could exploit this vulnerability to harvest private data without user consent. Users of Chrome should be cautious about the extensions they install and regularly check for updates to ensure their security.

Read Original

Recent research indicates that passwords generated by AI chatbots may not be as secure as users expect. While these chatbots can create seemingly random strings of characters, studies show that they often produce passwords that are more predictable than traditional methods. This raises concerns for users who rely on AI for password generation, as it could leave them vulnerable to cyberattacks. Security experts advise against using AI-generated passwords and recommend sticking to established password management practices. This issue is particularly relevant as more individuals and businesses turn to AI tools for everyday tasks, highlighting the need for caution in their use.

Read Original
Telegram’s t.me Links Go Offline After Registry Places Domain on serverHold

Hackread – Cybersecurity News, Data Breaches, AI and More

Telegram's t.me links have stopped working due to the .ME registry placing the domain on serverHold. While users can still access the app itself, the disruption of these links raises questions about the reliability of the service. The exact reason for this action by the registry is unclear at this time. This incident could impact users who rely on t.me links for sharing content and connecting with others on the platform. It's important for Telegram users to stay informed about the situation as it develops, especially if the outage continues or expands.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA), alongside the NSA, FBI, and international partners, has issued a warning about increased Russian cyber activity targeting essential sectors such as communications, energy, and government. This alert comes as tensions rise globally, and officials are concerned about potential disruptions to critical infrastructure. The advisory emphasizes the need for organizations in these sectors to bolster their cybersecurity measures to defend against possible attacks. The warning serves as a reminder of the ongoing threat posed by state-sponsored cyber actors. Companies and government agencies are urged to remain vigilant and proactive in safeguarding their systems against these risks.

Read Original
Critical
ABB T-MAC Plus

All CISA Advisories

ABB has identified multiple vulnerabilities in its T-MAC Plus version 4.0-24 software, which could allow attackers to exploit the system in various ways. These vulnerabilities include issues like file disclosure, broken access controls, cross-site scripting (XSS), and an insecure network protocol that could lead to denial-of-service attacks. Affected users are urged to update to version 4.0-25, which contains fixes for these issues. The vulnerabilities are considered serious, with CVSS scores ranging from 7.4 to 9.9, indicating that they pose significant risks to security. Companies using this software should prioritize applying the update to protect their systems from potential exploitation.

Read Original

Rockwell Automation's 1715-AENTR EtherNet/IP Adapter has a serious vulnerability (CVE-2026-10577) affecting versions up to 3.003. This flaw exposes a debug port that lacks proper authentication controls, allowing attackers to gain unauthorized access to critical functions. If exploited, they could read or delete files, halt tasks, modify memory, and alter I/O states, threatening the device's confidentiality, integrity, and availability. This vulnerability is particularly concerning as it impacts sectors like energy and manufacturing, where security is crucial. Users are advised to upgrade to version 3.011 or later to mitigate the risks associated with this vulnerability.

Read Original
High
ABB Ability Edgenius

All CISA Advisories

ABB has identified a vulnerability, CVE-2026-31431, in its ABB Ability Edgenius platform, which affects versions 3.2.0.0 to 3.2.4.0. This vulnerability is linked to a flaw in the Linux kernel's cryptographic interface that could allow a locally authenticated user to gain elevated privileges, potentially leading to full control of the system. While there have been no reports of this vulnerability being exploited in the wild, ABB recommends that users update to version 3.2.4.1 to mitigate the risk. Users should also limit access to their systems to enhance security. This incident underscores the importance of timely software updates and access controls in protecting against potential exploits.

Read Original
Page 1 of 263Next