cve-2026-42897
56 articles with this tag
✨
AI summary
Loading…
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
When Identity is the Attack Path
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Agent AI is Coming. Are You Ready?
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
The New Phishing Click: How OAuth Consent Bypasses MFA
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
Microsoft Exchange Zero-Day Under Attack, No Patch Available
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
How to Reduce Phishing Exposure Before It Turns into Business Disruption
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Developer Workstations Are Now Part of the Software Supply Chain
Bulletin d'actualité CERTFR-2026-ACT-022 (18 mai 2026)
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
Microsoft warns of active exploitation of new Exchange Server zero-day vulnerability
Cisco, Canvas, Microsoft, Exchange 0-Days, NPM Backdoors, GPT-5.5 and more... - SWN #581
Exchange Server zero-day vulnerability can be triggered by opening a malicious email
CISA Adds One Known Exploited Vulnerability to Catalog
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
Vulnérabilité dans Microsoft Exchange Server (15 mai 2026)
Vulnérabilité dans Microsoft Exchange Server (15 mai 2026)
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild
Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
Microsoft warns of Exchange zero-day flaw exploited in attacks
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
CVE-2026-42897 Microsoft Exchange Server Spoofing Vulnerability