Intelligence Feed
showing 100 items
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
Unknown · Unknown · src 0 · Fri, 24 Apr 2026 12:54:00 +0530 · HIGH 100
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving large language models (LLMs), has come under active exploitation in the wild less than 13 hours after its public disclosure.
The vulnerability, tracked as CVE-2026-33626 (CVSS score: 7.5), relates to a Server-Side Request Forgery (SSRF) vulnerability that could be exploited to access
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 16:48:00 +0530 · HIGH 100
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to achieve remote code execution.
The vulnerability in question is CVE-2026-25874 (CVSS score: 9.3), which has been described as a case of untrusted data deserialization stemming from the use of the
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 23:49:00 +0530 · HIGH 100
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single "git push" command.
The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access to a repository to achieve
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 17:07:23 -0400 · HIGH 100
Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. [...]
GitHub fixes RCE flaw that gave access to millions of private repos
Unknown · Unknown · src 0 · Wed, 29 Apr 2026 08:41:17 -0400 · HIGH 100
In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories. [...]
Patch Tuesday, April 2026 Edition
Unknown · Unknown · src 0 · Tue, 14 Apr 2026 21:47:59 +0000 · HIGH 100
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote cod
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
Unknown · Unknown · src 0 · Tue, 21 Apr 2026 17:00:00 +0530 · HIGH 95
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn't changed: stolen credentials.
Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 11:20:00 +0530 · HIGH 90
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild.
The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday update for this
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
Unknown · Unknown · src 0 · Wed, 29 Apr 2026 14:16:00 +0530 · HIGH 90
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities are listed below -
CVE-2024-1708 (CVSS score: 8.4) - A path traversal vulnerability in ConnectWise ScreenConnect
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
Unknown · Unknown · src 0 · Wed, 22 Apr 2026 12:46:00 +0530 · HIGH 85
A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution.
The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system.
"Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal," according to
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
Unknown · Unknown · src 0 · Wed, 29 Apr 2026 11:04:00 +0530 · HIGH 85
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge.
The vulnerability, tracked as CVE-2026-42208 (CVSS score: 9.3), is an SQL injection that could be exploited to modify the underlying
Kubernetes v1.36: Fine-Grained Kubelet API Authorization Graduates to GA
Unknown · Unknown · src 0 · Fri, 24 Apr 2026 10:35:00 -0800 · HIGH 80
<p>On behalf of Kubernetes SIG Auth and SIG Node, we are pleased to announce the
graduation of fine-grained <code>kubelet</code> API authorization to General Availability
(GA) in Kubernetes v1.36!</p>
<p>The <code>KubeletFineGrainedAuthz</code> feature gate was introduced as an opt-in alpha
feature in Kubernetes v1.32, then graduated to beta (enabled by default) in
v1.33. Now, the feature is generally available and t
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Unknown · Unknown · src 0 · Wed, 22 Apr 2026 14:59:00 +0530 · HIGH 80
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges.
The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw.
"Improper verification of cryptographic
CISA orders feds to patch Windows flaw exploited as zero-day
Unknown · Unknown · src 0 · Wed, 29 Apr 2026 06:29:31 -0400 · HIGH 75
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems against a vulnerability exploited in zero-day attacks. [...]
Announcing Changed Block Tracking API support (alpha)
Unknown · Unknown · src 0 · Thu, 25 Sep 2025 05:00:00 -0800 · HIGH 70
<p>We're excited to announce the alpha support for a <em>changed block tracking</em> mechanism. This enhances
the Kubernetes storage ecosystem by providing an efficient way for
<a href="https://kubernetes.io/docs/concepts/storage/volumes/#csi">CSI</a> storage drivers to identify changed
blocks in PersistentVolume snapshots. With a driver that can use the feature, you could benefit
from faster and more resource-effici
7 Common Kubernetes Pitfalls (and How I Learned to Avoid Them)
Unknown · Unknown · src 0 · Mon, 20 Oct 2025 08:30:00 -0700 · HIGH 70
<p>It’s no secret that Kubernetes can be both powerful and frustrating at times. When I first started dabbling with container orchestration, I made more than my fair share of mistakes enough to compile a whole list of pitfalls. In this post, I want to walk through seven big gotchas I’ve encountered (or seen others run into) and share some tips on how to avoid them. Whether you’re just kicking the tires on Kubernetes
Kubernetes v1.36: User Namespaces in Kubernetes are finally GA
Unknown · Unknown · src 0 · Thu, 23 Apr 2026 10:35:00 -0800 · HIGH 70
<p>After several years of development, User Namespaces support in
Kubernetes reached General Availability (GA) with the v1.36 release.
This is a Linux-only feature.</p>
<p>For those of us working on low level container runtimes and rootless
technologies, this has been a long awaited milestone. We finally
reached the point where "rootless" security isolation can be used for
Kubernetes workloads.</p>
<p>This
Announcing the Checkpoint/Restore Working Group
Unknown · Unknown · src 0 · Wed, 21 Jan 2026 10:00:00 -0800 · HIGH 65
<p>The community around Kubernetes includes a number of Special Interest Groups (SIGs) and Working Groups (WGs) facilitating discussions on important topics between interested contributors. Today we would like to announce the new <a href="https://github.com/kubernetes/community/tree/master/wg-checkpoint-restore">Kubernetes Checkpoint Restore WG</a> focusing on the integration of Checkpoint/Restore functionality into
Fragments: March 26
Unknown · Unknown · src 0 · 2026-03-26T13:11:00-04:00 · HIGH 60
<p>Anthropic carried a study, done by getting its model to <a href="https://www.anthropic.com/features/81k-interviews">interview some 80,000 users</a> to understand their opinions about AI, what they hope from it, and what they fear. Two things stood out to me.</p>
<blockquote>
<p>It’s easy to assume there are AI optimists and AI pessimists, divided into separate camps. But what we actually found were people organ
Fragments: April 21
Unknown · Unknown · src 0 · 2026-04-21T16:34:00-04:00 · HIGH 60
<p>Last week Thoughtworks released the <a href="https://www.thoughtworks.com/radar">34th volume of our Technology Radar</a>. This radar is our biannual survey of our experience of the technology scene, highlighting tools, techniques, platforms, and languages that we’ve used or otherwise caught our eye. This edition contains 118 blips, each briefly describing our impressions of one of these elements.</p>
<p>As we wou
Kubernetes v1.34: Pod Level Resources Graduated to Beta
Unknown · Unknown · src 0 · Mon, 22 Sep 2025 10:30:00 -0800 · HIGH 60
<p>On behalf of the Kubernetes community, I am thrilled to announce that the Pod Level Resources feature has graduated to Beta in the Kubernetes v1.34 release and is enabled by default! This significant milestone introduces a new layer of flexibility for defining and managing resource allocation for your Pods. This flexibility stems from the ability to specify CPU and memory resources for the Pod as a whole. Pod leve
Introducing Node Readiness Controller
Unknown · Unknown · src 0 · Tue, 03 Feb 2026 10:00:00 +0800 · HIGH 60
<img alt="Logo for node readiness controller" src="https://kubernetes.io/node-readiness-controller-logo.svg" style="float: right; display: inline-block; margin-left: 2em;" />
<p>In the standard Kubernetes model, a node’s suitability for workloads hinges on a single binary "Ready" condition. However, in modern Kubernetes environments, nodes require complex infrastructure dependencies—such as network agents,
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 19:31:00 +0530 · HIGH 60
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors.
The fact that VECT's locker permanently destroys large files rather than encrypting them means even victims who opt to
Sovereign Tech Agency Launches New Initiative To Help Open Standards
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 09:35:46 -0400 · HIGH 55
Germany's Sovereign Tech Agency (Sovereign Tech Fund) has provided critical financial resources to open-source software projects and maintainers the past several years. This has proven to be an incredible effort and today they announced their newest initiative as the Sovereign Tech Standards...
From Ingress NGINX to Higress: migrating 60+ resources in 30 minutes with AI
Unknown · Unknown · src 0 · Thu, 23 Apr 2026 13:37:18 +0000 · HIGH 55
With the official retirement of Ingress NGINX that took place in March 2026, enterprise platform teams are facing an urgent security and compliance mandate. Remaining on a retired controller leaves critical infrastructure vulnerable to unpatched security...
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
Unknown · Unknown · src 0 · Thu, 23 Apr 2026 18:47:00 +0530 · HIGH 55
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes.
The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the systems behind apps is easier than breaking the apps themselves. The exploits are simple but still work
Microsoft Patch Tuesday, March 2026 Edition
Unknown · Unknown · src 0 · Wed, 11 Mar 2026 00:32:51 +0000 · HIGH 55
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month's Patch Tuesday.
Kubernetes v1.34: DRA Consumable Capacity
Unknown · Unknown · src 0 · Thu, 18 Sep 2025 10:30:00 -0800 · HIGH 50
<p>Dynamic Resource Allocation (DRA) is a Kubernetes API for managing scarce resources across Pods and containers.
It enables flexible resource requests, going beyond simply allocating <em>N</em> number of devices to support more granular usage scenarios.
With DRA, users can request specific types of devices based on their attributes, define custom configurations tailored to their workloads, and even share the same r
Introducing Headlamp Plugin for Karpenter - Scaling and Visibility
Unknown · Unknown · src 0 · Mon, 06 Oct 2025 00:00:00 +0000 · HIGH 50
<p>Headlamp is an open‑source, extensible Kubernetes SIG UI project designed to let you explore, manage, and debug cluster resources.</p>
<p>Karpenter is a Kubernetes Autoscaling SIG node provisioning project that helps clusters scale quickly and efficiently. It launches new nodes in seconds, selects appropriate instance types for workloads, and manages the full node lifecycle, including scale-down.</p>
<p>The new He
Gateway API 1.4: New Features
Unknown · Unknown · src 0 · Thu, 06 Nov 2025 09:00:00 -0800 · HIGH 50
<p><img alt="Gateway API logo" src="https://kubernetes.io/blog/2025/11/06/gateway-api-v1-4/gateway-api-logo.svg" /></p>
<p>Ready to rock your Kubernetes networking? The Kubernetes SIG Network community presented the General Availability (GA) release of Gateway API (v1.4.0)! Released on October 6, 2025, version 1.4.0 reinforces the path for modern, expressive, and extensible service networking in Kubernetes.</p>
<p>Ga
Kubernetes Configuration Good Practices
Unknown · Unknown · src 0 · Tue, 25 Nov 2025 00:00:00 +0000 · HIGH 50
<p>Configuration is one of those things in Kubernetes that seems small until it's not. Configuration is at the heart of every Kubernetes workload.
A missing quote, a wrong API version or a misplaced YAML indent can ruin your entire deploy.</p>
<p>This blog brings together tried-and-tested configuration best practices. The small habits that make your Kubernetes setup clean, consistent and easier to manage.
Whether you
Kubernetes v1.35 Sneak Peek
Unknown · Unknown · src 0 · Wed, 26 Nov 2025 00:00:00 +0000 · HIGH 50
<p>As the release of Kubernetes v1.35 approaches, the Kubernetes project continues to evolve. Features may be deprecated, removed, or replaced to improve the project's overall health. This blog post outlines planned changes for the v1.35 release that the release team believes you should be aware of to ensure the continued smooth operation of your Kubernetes cluster(s), and to keep you up to date with the latest devel
Kubernetes v1.35: Timbernetes (The World Tree Release)
Unknown · Unknown · src 0 · Wed, 17 Dec 2025 10:30:00 -0800 · HIGH 50
<p><strong>Editors</strong>: Aakanksha Bhende, Arujjwal Negi, Chad M. Crowell, Graziano Casto, Swathi Rao</p>
<p>Similar to previous releases, the release of Kubernetes v1.35 introduces new stable, beta, and alpha features. The consistent delivery of high-quality releases underscores the strength of our development cycle and the vibrant support from our community.</p>
<p>This release consists of 60 enhancements, incl
Kubernetes 1.35: In-Place Pod Resize Graduates to Stable
Unknown · Unknown · src 0 · Fri, 19 Dec 2025 10:30:00 -0800 · HIGH 50
<p>This release marks a major step: more than 6 years after its initial conception,
the <strong>In-Place Pod Resize</strong> feature (also known as In-Place Pod Vertical Scaling), first introduced as
alpha in Kubernetes v1.27, and graduated to beta in Kubernetes v1.33, is now <strong>stable (GA)</strong> in Kubernetes
1.35!</p>
<p>This graduation is a major milestone for improving resource efficiency and flexibility
Kubernetes v1.35: New level of efficiency with in-place Pod restart
Unknown · Unknown · src 0 · Fri, 02 Jan 2026 10:30:00 -0800 · HIGH 50
<p>The release of Kubernetes 1.35 introduces a powerful new feature that provides a much-requested capability: the ability to trigger a full, in-place restart of the Pod. This feature, <em>Restart All Containers</em> (alpha in 1.35), allows for an efficient way to reset a Pod's state compared to resource-intensive approach of deleting and recreating the entire Pod. This feature is especially useful for AI/ML workload
Kubernetes v1.35: Restricting executables invoked by kubeconfigs via exec plugin allowList added to kuberc
Unknown · Unknown · src 0 · Fri, 09 Jan 2026 10:30:00 -0800 · HIGH 50
<p>Did you know that <code>kubectl</code> can run arbitrary executables, including shell
scripts, with the full privileges of the invoking user, and without your
knowledge? Whenever you download or auto-generate a <code>kubeconfig</code>, the
<code>users[n].exec.command</code> field can specify an executable to fetch credentials on
your behalf. Don't get me wrong, this is an incredible feature that allows you
to auth
Headlamp in 2025: Project Highlights
Unknown · Unknown · src 0 · Thu, 22 Jan 2026 10:00:00 +0800 · HIGH 50
<p><em>This announcement is a recap from a post originally <a href="https://headlamp.dev/blog/2025/11/13/headlamp-in-2025">published</a> on the Headlamp blog.</em></p>
<p><a href="https://headlamp.dev/">Headlamp</a> has come a long way in 2025. The project has continued to grow – reaching more teams across platforms, powering new workflows and integrations through plugins, and seeing increased collaboration from the
Announcing the AI Gateway Working Group
Unknown · Unknown · src 0 · Mon, 09 Mar 2026 10:00:00 -0800 · HIGH 50
<p>The community around Kubernetes includes a number of Special Interest Groups (SIGs) and Working Groups (WGs) facilitating discussions on important topics between interested contributors. Today, we're excited to announce the formation of the <a href="https://github.com/kubernetes-sigs/wg-ai-gateway">AI Gateway Working Group</a>, a new initiative focused on developing standards and best practices for networking infr
Securing Production Debugging in Kubernetes
Unknown · Unknown · src 0 · Wed, 18 Mar 2026 10:00:00 -0800 · HIGH 50
<p>During production debugging, the fastest route is often broad access such as <code>cluster-admin</code> (a ClusterRole that grants administrator-level access), shared bastions/jump boxes, or long-lived SSH keys. It works in the moment, but it comes with two common problems: auditing becomes difficult, and temporary exceptions have a way of becoming routine.</p>
<p>This post offers my recommendations for good pract
Announcing Ingress2Gateway 1.0: Your Path to Gateway API
Unknown · Unknown · src 0 · Fri, 20 Mar 2026 11:00:00 -0800 · HIGH 50
<p>With the Ingress-NGINX <a href="https://kubernetes.io/blog/2025/11/11/ingress-nginx-retirement/">retirement</a> scheduled for March 2026, the Kubernetes networking landscape is at a turning point.
For most organizations, the question isn't whether to migrate to <a href="https://gateway-api.sigs.k8s.io/">Gateway API</a>, but how to do so safely.</p>
<p>Migrating from Ingress to Gateway API is a fundamental shift in
Kubernetes v1.36: Mutable Pod Resources for Suspended Jobs (beta)
Unknown · Unknown · src 0 · Mon, 27 Apr 2026 10:35:00 -0800 · HIGH 50
<p>Kubernetes v1.36 promotes the ability to modify container resource requests and limits
in the pod template of a suspended Job to beta. First introduced as alpha in v1.35, this
feature allows queue controllers and cluster administrators to adjust CPU, memory, GPU,
and extended resource specifications on a Job while it is suspended, before it starts
or resumes running.</p>
<h2 id="why-mutable-pod-resources-for-suspe
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Unknown · Unknown · src 0 · Thu, 23 Apr 2026 14:10:00 +0530 · HIGH 50
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems.
The company said it made the discovery after expanding its investigation to include an extra set of compromise indicators, alongside a review of requests to the Vercel network and environment
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
Unknown · Unknown · src 0 · Sat, 25 Apr 2026 10:38:00 +0530 · HIGH 50
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The list of vulnerabilities is below -
CVE-2024-57726 (CVSS score: 9.9) - A missing authorization vulnerability in
Learning from the Vercel breach: Shadow AI & OAuth sprawl
Unknown · Unknown · src 0 · Wed, 29 Apr 2026 09:05:14 -0400 · HIGH 50
A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach shows a compromised OAuth app can lead to widespread impact across downstream customers. [...]
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Unknown · Unknown · src 0 · Fri, 24 Apr 2026 14:59:00 +0530 · MEDIUM 45
Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access.
Zscaler ThreatLabz, which discovered the campaign last month, has attributed it with high confidence to Tropic Trooper (aka
OpenAI helps Hyatt advance AI among colleagues
Unknown · Unknown · src 0 · Mon, 20 Apr 2026 00:00:00 GMT · MEDIUM 45
Hyatt deploys ChatGPT Enterprise across its global workforce, using GPT-5.4 and Codex to improve productivity, operations, and guest experiences.
An open-source spec for orchestration: Symphony
Unknown · Unknown · src 0 · Mon, 27 Apr 2026 00:00:00 GMT · MEDIUM 45
Learn how Symphony, an open-source spec for Codex orchestration, turns issue trackers into always-on agent systems—boosting engineering output and reducing context switching.
Our commitment to community safety
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 00:00:00 GMT · MEDIUM 45
Learn how OpenAI protects community safety in ChatGPT through model safeguards, misuse detection, policy enforcement, and collaboration with safety experts.
CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
The Hacker News · Cybersecurity · src 8 · Wed, 10 Jun 2026 20:14:29 +0530 · MEDIUM 43
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation.
The list of vulnerabilities is as follows -
CVE-2026-20245 (CVSS score: 7.8) - An improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager that could allow an
Langflow Vulnerability CVE-2026-5027 Exploited for Unauthenticated RCE
The Hacker News · Cybersecurity · src 8 · Wed, 10 Jun 2026 20:30:59 +0530 · MEDIUM 43
A high-severity security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCheck.
The vulnerability in question is CVE-2026-5027 (CVSS score: 8.8), a case of path traversal that could allow an attacker to write files to arbitrary locations.
"The 'POST /api/v2/
Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
The Hacker News · Cybersecurity · src 8 · Wed, 10 Jun 2026 20:40:59 +0530 · MEDIUM 43
Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure.
The security flaw patched by Fortinet relates to a command injection vulnerability in FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI. It's tracked as CVE-2026-25089 (CVSS score: 9.1).
"An
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The Hacker News · Cybersecurity · src 8 · Fri, 12 Jun 2026 01:59:23 +0530 · MEDIUM 43
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hardest.
Google's Mandiant attributes it to the group it tracks as UNC6240, and dates the activity between May 27 and June 9. Oracle did not publish its advisory until June 10, so the bug was a
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
The Hacker News · Cybersecurity · src 8 · Sat, 13 Jun 2026 18:53:03 +0530 · MEDIUM 43
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution.
The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system.
"In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
The Hacker News · Cybersecurity · src 8 · Mon, 15 Jun 2026 11:47:32 +0530 · MEDIUM 43
Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals.
The vulnerability in question is CVE-2026-0257 (CVSS score: 7.8), an authentication bypass flaw affecting the portal and gateway components of PAN-OS software that could be exploited by bad
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
The Hacker News · Cybersecurity · src 8 · Tue, 16 Jun 2026 11:11:52 +0530 · MEDIUM 43
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 18, 2026.
The vulnerability in question is CVE-2026-54420 (CVSS score: 8.5), which has been described as a case of privilege
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
The Hacker News · Cybersecurity · src 8 · Tue, 16 Jun 2026 11:35:58 +0530 · MEDIUM 43
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.
"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
The Hacker News · Cybersecurity · src 8 · Tue, 16 Jun 2026 16:00:41 +0530 · MEDIUM 43
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber.
In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours.
CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal vulnerability in FortiSandbox JRPC API that could
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
The Hacker News · Cybersecurity · src 8 · Wed, 17 Jun 2026 11:20:46 +0530 · MEDIUM 43
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
The Hacker News · Cybersecurity · src 8 · Wed, 17 Jun 2026 23:06:28 +0530 · MEDIUM 43
Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet.
The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw.
"Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender
Don't pay Vect a ransom - your data's likely already wiped out
Unknown · Unknown · src 0 · 2026-04-28T18:36:31.00Z · MEDIUM 40
<h4>'Full recovery is impossible for anyone, including the attacker'</h4> <p>Organizations hit by the wave of Trivy and LiteLLM supply-chain compromises that paid Vect in hopes of recovering their data likely did not get much back, according to Check Point Research. That's because the ransomware Vect uses isn't actually ransomware at all, but a wiper that destroys any file larger than 128KB.…</p>
Running Agents on Kubernetes with Agent Sandbox
Unknown · Unknown · src 0 · Fri, 20 Mar 2026 10:00:00 -0800 · MEDIUM 40
<p>The landscape of artificial intelligence is undergoing a massive architectural shift. In the early days of generative AI, interacting with a model was often treated as a transient, stateless function call: a request that spun up, executed for perhaps 50 milliseconds, and terminated.</p>
<p>Today, the world is witnessing AI v2 eating AI v1. The ecosystem is moving from short-lived, isolated tasks to deploying multi
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 12:07:00 +0530 · MEDIUM 40
An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort.
Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agent identity platform to handle all aspects of an AI agent's identity lifecycle operations in a
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
The Hacker News · Cybersecurity · src 8 · Mon, 15 Jun 2026 22:09:01 +0530 · MEDIUM 35
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed
LiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one OpenAI-compatible interface.
A server takeover exposes every provider key it holds, the secrets that
Fragments: March 10
Unknown · Unknown · src 0 · 2026-03-10T13:50:00-04:00 · MEDIUM 35
<p><a href="https://www.theguardian.com/us-news/2026/mar/04/california-tech-gofan-fine">Tech firm fined $1.1m by California for selling high-school students’ data</a></p>
<p>I agree with <a href="https://mstdn.social/@marick/116173536550791837">Brian Marick’s response</a></p>
<blockquote>
<p>No such story should be published without a comparison of the fine to the company’s previous year revenue and profits, or v
Bliki: Architecture Decision Record
Unknown · Unknown · src 0 · 2026-03-24T09:50:00-04:00 · MEDIUM 35
<p>An Architecture Decision Record (ADR) is a short document that captures and
explains a single decision relevant to a product or ecosystem. Documents
should be short, just a couple of pages, and contain the decision, the context
for making it, and significant ramifications. They should not be modified if
the decision is changed, but linked to a superseding decision.</p>
<p>As with most written documents, w
Trump's Golden Dome gets $3.2B of contractors and an AI sprinkle
Unknown · Unknown · src 0 · 2026-04-27T13:03:09.00Z · MEDIUM 35
<h4>Space Force awards 11 firms prototype deals to build orbital interceptors</h4> <p>The United States Space Force (USSF) has awarded eleven companies contracts to develop space-based interceptors for President Trump's Golden Dome program, in agreements worth up to $3.2 billion.…</p>
South Africa yanks AI policy after AI-assisted drafting invents citations
Unknown · Unknown · src 0 · 2026-04-27T17:24:08.00Z · MEDIUM 35
<h4>Eish shame man! Maybe you shouldn't ask AI to set the rules for AI use?</h4> <p>South Africa has pulled its draft national AI policy after discovering that it was citing sources that exist only in the fertile imagination of a chatbot.…</p>
Ongoing supply-chain attack 'explicitly targeting' security, dev tools
Unknown · Unknown · src 0 · 2026-04-27T23:33:51.00Z · MEDIUM 35
<h4>Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump</h4> <p>Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and othe
Australia threatens tech companies with 2.25 percent tax if they don’t pay publishers
Unknown · Unknown · src 0 · 2026-04-28T07:20:24.00Z · MEDIUM 35
<h4>Last time an idea like this came up, Meta packed up its toys and went home</h4> <p>Australia has come up with a new way to ensure social media and search companies pay to support journalism: a 2.25 percent tax on revenue that’s avoidable if companies instead do deals with local media.…</p>
Brussels orders Google to share Android's AI sandbox with the other kids
Unknown · Unknown · src 0 · 2026-04-28T12:30:12.00Z · MEDIUM 35
<h4>DMA enforcers want rival assistants to get same deep device access as Gemini</h4> <p>Those pencil pushers at the European Commission are drawing up measures to ensure Google opens up its Android smartphone platform to something few users asked for – competing AI services.…</p>
GitHub says sorry and vows to do better as uptime slips and devs complain
Unknown · Unknown · src 0 · 2026-04-29T11:00:22.00Z · MEDIUM 35
<h4>After Hashicorp co-founder blasts the source shack and numbers slide</h4> <p>Microsoft's code hosting shack Github has published a lengthy mea culpa about its availability and reliability woes - one that includes the words "we are sorry."…</p>
EU waves through open source age-check tool to keep kids safe online
Unknown · Unknown · src 0 · 2026-04-29T12:03:22.00Z · MEDIUM 35
<h4>'Online platforms can rely on our app,' says Commish, 'there are no more excuses'</h4> <p>The European Commission has recommended EU member states adopt an age verification app designed to protect children from harmful online content.…</p>
Microsoft opens door to the past by releasing 86-DOS and PC-DOS 1.00
Unknown · Unknown · src 0 · 2026-04-29T12:13:55.00Z · MEDIUM 35
<h4>Back to a time when source repositories were printouts and commits were hand-written notes</h4> <p><strong>Antiques code show</strong> Microsoft has released the source for another of its relics. This time, it's 86-DOS 1.00 getting the open source treatment, and a whole lot more for retro enthusiasts.…</p>
The future of AI in Ubuntu
Unknown · Unknown · src 0 · Mon, 27 Apr 2026 13:50:36 +0000 · MEDIUM 35
<p>Jon Seager, VP engineering for Canonical, has <a href="https://discourse.ubuntu.com/t/the-future-of-ai-in-ubuntu/81130">posted</a>
an update on "<q>what Canonical and Ubuntu will do (or not) to
incorporate AI</q>" that explains what part AI will play in the future
of the company and its distribution.</p>
<blockquote class="bq">
<p>The bottom line is that Canonical is ramping up its use of AI tools
in a focused an
pgBackRest is no longer maintained
Unknown · Unknown · src 0 · Mon, 27 Apr 2026 14:06:38 +0000 · MEDIUM 35
<p>David Steele, maintainer of the popular <a href="https://pgbackrest.org/">pgBackRest</a> backup and restore project for
PostgreSQL, has <a href="https://github.com/pgbackrest/pgbackrest#notice-of-obsolescence">archived
the project</a> and announced that it is no longer being maintained.</p>
<blockquote class="bq">
<p>After a lot of thought, I have decided to stop working on pgBackRest. I did
not come to this deci
In Memoriam: Tomáš Kalibera
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 13:46:18 +0000 · MEDIUM 35
<p>We have received the sad news that Tomáš Kalibera, a member of the
<a href="https://www.r-project.org/">R Project</a> core team, has
<a href="https://prl-prg.github.io/tomas-kalibera.html">passed away
after a short illness</a>.</p>
<blockquote class="bq">
<p>A friend who knew him well wrote to me: <em>he was very happy, and
his work fulfilled him</em>. That is, perhaps, the best thing one can
say about a lif
Remembering Seth Nickell
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 18:50:44 +0000 · MEDIUM 35
<p>LWN has received the sad news that Seth Nickell passed away, on
April 16, from his father, Eric Nickell:</p>
<blockquote class="bq">
<p>Many of you knew Seth from his work in the GNOME Usability Project, but his
roots in that community trace back to his high school years. As a father of
a high school junior, I remember being terrified when he flashed the hard
drive of a computer he purchased for himself with this
Linux 7.1 Adds SoC Slider Support To x86_energy_perf_policy Utility
Unknown · Unknown · src 0 · Mon, 27 Apr 2026 06:27:26 -0400 · MEDIUM 35
One of the last feature pulls merged by Linus Torvalds prior to tagging Linux 7.1-rc1 this weekend were some power utility updates for those tools living within the kernel source tree...
GCC 16's Improved Error Messages, Experimental HTML Output
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 09:13:01 -0400 · MEDIUM 35
GCC 16.1 as the first stable version of the GCC 16 compiler is releasing as soon as later this week if all goes well. Among the many improvements in this year's open-source compiler update are continued enhancements to the error messages as well as having an experimental HTML output option for messages...
AMD's Lemonade SDK 10.3 Now 10x Smaller By Getting Rid Of Electron
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 10:35:15 -0400 · MEDIUM 35
Lemonade as the open-source local AI server backed by AMD and supported across AMD CPUs / GPUs / NPUs on Windows and Linux is out with a big update...
Valve Updates GameNetworkingSockets After Nearly Four Year Hiatus
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 20:22:50 -0400 · MEDIUM 35
Back in 2018, Valve open-sourced their Steam networking sockets library as a basic network transport layer for games. This library is used by games from Counter-Strike to Dota 2 and since its public open-source drop has been picked up elsewhere. Finally after going nearly four years without a new version, GameNetworkingSockets v1.5 dropped today...
Libcamera 0.7.1 Released With Improved Software ISP
Unknown · Unknown · src 0 · Wed, 29 Apr 2026 06:30:10 -0400 · MEDIUM 35
Libcamera 0.7.1 released on Tuesday as the newest feature release for this open-source library for camera image signal processors (ISPs) that has grown of importance for the likes of Raspberry Pi and Chrome OS and modern desktop Linux distributions with modern laptop hardware like recent Intel Core (Ultra) laptops...
What I Learned at My First KubeCon + CloudNativeCon as a High School Speaker
Unknown · Unknown · src 0 · Sat, 11 Apr 2026 12:00:00 +0000 · MEDIUM 35
KubeCon + CloudNativeCon Europe 2026 is one of the biggest open-source conferences in the world, organized by the Cloud Native Computing Foundation (part of the Linux Foundation, which manages major projects like Linux). It brings together...
The state of AI in CNCF projects: A first look at the data
Unknown · Unknown · src 0 · Wed, 29 Apr 2026 11:00:00 +0000 · MEDIUM 35
At CNCF TAG Developer Experience, we recently set out to understand how Artificial Intelligence is shaping open-source development. The response from the community has been impressive in its scale, with nearly half of our initial responses...
Spotlight on Policy Working Group
Unknown · Unknown · src 0 · Sat, 18 Oct 2025 00:00:00 +0000 · MEDIUM 35
<p><em>(Note: The Policy Working Group has completed its mission and is no longer active. This article reflects its work, accomplishments, and insights into how a working group operates.)</em></p>
<p>In the complex world of Kubernetes, policies play a crucial role in managing and securing clusters. But have you ever wondered how these policies are developed, implemented, and standardized across the Kubernetes ecosyst
Avoiding Zombie Cluster Members When Upgrading to etcd v3.6
Unknown · Unknown · src 0 · Sun, 21 Dec 2025 00:00:00 +0000 · MEDIUM 35
<p><em>This article is a mirror of an <a href="https://etcd.io/blog/2025/zombie_members_upgrade/">original</a> that was recently published to the official etcd blog</em>.
The <a href="https://etcd.io/blog/2025/zombie_members_upgrade/#key-takeaway">key takeaway</a>?
Always upgrade to etcd v3.5.26 or later before moving to v3.6. This ensures your cluster is automatically repaired, and avoids zombie members.</p>
<h2 id=
Kubernetes v1.35: Extended Toleration Operators to Support Numeric Comparisons (Alpha)
Unknown · Unknown · src 0 · Mon, 05 Jan 2026 10:30:00 -0800 · MEDIUM 35
<p>Many production Kubernetes clusters blend on-demand (higher-SLA) and spot/preemptible (lower-SLA) nodes to optimize costs while maintaining reliability for critical workloads. Platform teams need a safe default that keeps most workloads away from risky capacity, while allowing specific workloads to opt-in with explicit thresholds like "I can tolerate nodes with failure probability up to 5%".</p>
<p>Today
Ingress NGINX: Statement from the Kubernetes Steering and Security Response Committees
Unknown · Unknown · src 0 · Thu, 29 Jan 2026 00:00:00 +0000 · MEDIUM 35
<p><strong>In March 2026, Kubernetes will retire Ingress NGINX, a piece of critical infrastructure for about half of cloud native environments.</strong> The retirement of Ingress NGINX was <a href="https://kubernetes.io/blog/2025/11/11/ingress-nginx-retirement/">announced</a> for March 2026, after years of <a href="https://groups.google.com/a/kubernetes.io/g/dev/c/rxtrKvT_Q8E/m/6_ej0c1ZBAAJ">public warnings</a> that
New Conversion from cgroup v1 CPU Shares to v2 CPU Weight
Unknown · Unknown · src 0 · Fri, 30 Jan 2026 08:00:00 -0800 · MEDIUM 35
<p>I'm excited to announce the implementation of an improved conversion formula
from cgroup v1 CPU shares to cgroup v2 CPU weight. This enhancement addresses
critical issues with CPU priority allocation for Kubernetes workloads when
running on systems with cgroup v2.</p>
<h2 id="background">Background</h2>
<p>Kubernetes was originally designed with cgroup v1 in mind, where CPU shares
were defined simply by assigning
22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
Unknown · Unknown · src 0 · Tue, 21 Apr 2026 21:16:00 +0530 · MEDIUM 35
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them.
The vulnerabilities have been collectively codenamed BRIDGE:BREAK by Forescout Research Vedere Labs, which identified nearly 20,000 Serial-to-Ethernet converters exposed
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Unknown · Unknown · src 0 · Thu, 23 Apr 2026 17:33:00 +0530 · MEDIUM 35
Imagine a world where hackers don't sleep, don't take breaks, and find weak spots in your systems instantly.
Well, that world is already here.
Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerability before it gets attacked is shrinking to zero. We call this the Collapsing Exploit Window, and it means your
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
Unknown · Unknown · src 0 · Mon, 27 Apr 2026 17:24:00 +0530 · MEDIUM 35
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025.
That's according to a report published by Positive Technologies, which found the threat actors to be leveraging an exploit chain comprising three vulnerabilities to execute commands remotely on susceptible
After Mythos: New Playbooks For a Zero-Window Era
Unknown · Unknown · src 0 · Tue, 28 Apr 2026 16:00:00 +0530 · MEDIUM 35
When patching isn’t fast enough, NDR helps contain the next era of threats.
If you’ve been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to patch and protect after a vulnerability disclosure, is closing fast.
Anthropic’s new model, Claude Mythos, and its Project Glasswing, showed that finding exploitable vulnerabilities and subtle cracks
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
Unknown · Unknown · src 0 · Wed, 29 Apr 2026 15:07:00 +0530 · MEDIUM 35
cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software.
The problem affects all currently supported versions, according to an alert released by cPanel on Tuesday. The issue has been addressed in the following versions -
11.110.0.97
11.118.0.63
11.126.0.54
11.132.0.29
Robinhood account creation flaw abused to send phishing emails
Unknown · Unknown · src 0 · Mon, 27 Apr 2026 19:11:01 -0400 · MEDIUM 35
Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity. [...]
Keep the Tokens Flowing: Lessons from 16 Open-Source RL Libraries
Unknown · Unknown · src 0 · Tue, 10 Mar 2026 00:00:00 GMT · MEDIUM 35
State of Open Source on Hugging Face: Spring 2026
Unknown · Unknown · src 0 · Tue, 17 Mar 2026 16:37:55 GMT · MEDIUM 35