Overview
Description
Statistics
- 8 Posts
- 8 Interactions
Fediverse
Oh my
Zoom Workplace for Windows - Improper Input Validation
Bulletin: ZSB-26014
CVEID: CVE-2026-53412
CVSS Severity: Critical
CVSS Score: 9.8
Description:
Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access.
Zoom has warned of a critical security vulnerability that could allow an unauthenticated attacker to hijack user accounts.
The flaw, identified internally and tracked as CVE-2026-53412, has been assigned a CVSS severity score of 9.8 out of 10.
The video conferencing platform is used by millions of individuals and organizations worldwide, and users are urged to apply the latest updates.
Zoom Fixes CVE-2026-53412, a Critical Account Takeover Bug
https://securityaffairs.com/195454/security/zoom-fixes-cve-2026-53412-a-critical-account-takeover-bug.html
Bluesky
Overview
Description
Statistics
- 7 Posts
Fediverse
Oracle E-Business Suite flaw (CVE-2026-46817, CRITICAL) enables unauthenticated takeover of Oracle Payments via HTTP. Exploited in the wild — patches available since May 2026. CISA requires federal patching by 7/18/26. Details: https://radar.offseq.com/threat/cisa-orders-feds-to-patch-actively-exploited-oracl-9835f0a6d8af730f #OffSeq #Oracle #Infosec #CVE202646817
CISA has ordered federal agencies to patch a critical Oracle E-Business Suite vulnerability, CVE-2026-46817, by Saturday due to active exploitation. This security flaw allows unauthenticated attackers to gain system control via HTTP network access.
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-oracle-flaw-by-saturday/
⚠️ CRITICAL ALERT: CVE-2026-46817 allows unauthenticated takeover of Oracle E-Business Suite. With active exploitation verified, your perimeter is at risk. Get the forensic indicators, detection queries, and hardening playbooks you need to secure your infrastructure. https://thecybermind.co/k8ae
CISA KEV catalog now lists CVE-2026-46817, a critical Oracle E-Business Suite flaw, and CVE-2023-4346 in KNX devices. Both are exploited in the wild.
Bluesky
Overview
- Microsoft
- Age of Empires II: Definitive Edition Game
Description
Statistics
- 4 Posts
- 11 Interactions
Fediverse
Microsoft fixed an Age of Empires RCE from yesterday’s Patch Tuesday (CVE-2026-50663). Here is an example of how it was done.
Microsoft patched a severe Age of Empires CVE. Attackers exploited game lobbies for remote code execution. Update your game immediately to stay safe.
#AgeOfEmpires #CVE202650663 #Cybersecurity #Microsoft #GameSecurity
Age of Empires II : une faille permettait de prendre le contrôle d’un PC via une partie multijoueur https://www.it-connect.fr/age-of-empires-ii-faille-rce-cve-2026-50663/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Microsoft
Overview
Description
Statistics
- 7 Posts
- 27 Interactions
Fediverse
Regarding CVE-2026-56155, the in-the-wild ADFS vulnerability - the July patch just released does not fix the vulnerability.
Instead it adds an audit log. The changes to harden the service and enforce protection will only apply with October 2026’s update applied.
https://www.wacoca.com/news/2884403/ Microsoft、2026年7月定例パッチで史上最多569件の脆弱性を修正-AD FSとSharePointの2件がゼロデイ攻撃で悪用済み(CVE-2026-56155, CVE-2026-56164)|セキュリティニュースのセキュリティ対策Lab #Science&Technology #ScienceNews #TechnologyNews #u30bbu30adu30e5u30eau30c6u30a3u30cbu30e5u30fcu30b9 #u60c5u5831u30bbu30adu30e5u30eau30c6u30a3 #u8106u5f31u6027u306eu30cbu30e5u30fcu30b9 #テクノロジー #科学 #科学&テクノロジー
📰 Microsoft's July 2026 Patch Tuesday Fixes 570+ Flaws, Two Zero-Days
Microsoft's record-breaking July 2026 Patch Tuesday addresses 570+ vulnerabilities. Two zero-days are actively exploited: CVE-2026-56155 (AD FS) and CVE-2026-56164 (SharePoint). Both are in CISA's KEV catalog. Patch now. #PatchTuesday #ZeroDay
🌐 cyber[.]netsecops[.]io
Bluesky
Overview
Description
Statistics
- 7 Posts
- 2 Interactions
Fediverse
https://www.wacoca.com/news/2884403/ Microsoft、2026年7月定例パッチで史上最多569件の脆弱性を修正-AD FSとSharePointの2件がゼロデイ攻撃で悪用済み(CVE-2026-56155, CVE-2026-56164)|セキュリティニュースのセキュリティ対策Lab #Science&Technology #ScienceNews #TechnologyNews #u30bbu30adu30e5u30eau30c6u30a3u30cbu30e5u30fcu30b9 #u60c5u5831u30bbu30adu30e5u30eau30c6u30a3 #u8106u5f31u6027u306eu30cbu30e5u30fcu30b9 #テクノロジー #科学 #科学&テクノロジー
📰 Microsoft's July 2026 Patch Tuesday Fixes 570+ Flaws, Two Zero-Days
Microsoft's record-breaking July 2026 Patch Tuesday addresses 570+ vulnerabilities. Two zero-days are actively exploited: CVE-2026-56155 (AD FS) and CVE-2026-56164 (SharePoint). Both are in CISA's KEV catalog. Patch now. #PatchTuesday #ZeroDay
🌐 cyber[.]netsecops[.]io
Bluesky
Overview
Description
Statistics
- 3 Posts
Fediverse
A token exchange flaw in n8n (CVE-2026-59208) allowed attackers to log in as other users by incorrectly matching JWT claims based solely on the user ID while ignoring the token issuer. Users of the workflow automation platform are encouraged to patch to version 2.27.4 or later, or disable the vulnerable Enterprise feature to mitigate the risk of unauthorized access.
https://thehackernews.com/2026/07/n8n-token-exchange-flaw-could-let.html
Bluesky
Overview
Description
Statistics
- 6 Posts
Fediverse
SonicWall SMA1000 vulnerability CVE-2026-15409 (CVSS 10.0) is exploited in the wild. Public PoC enables remote code execution patch now.
#SonicWall #SMA1000 #CVE202615409 #RCE #ZeroDay #CyberSecurity
Threat actors are actively exploiting SonicWall SMA1000 appliances through a critical SSRF vulnerability (CVE-2026-15409) and a local privilege escalation flaw (CVE-2026-15410) to gain root access and compromise corporate networks. Organizations must urgently patch their systems to the latest firmware versions to mitigate this zero-day threat.
https://cybersecuritynews.com/sonicwall-sma1000-0-day-vulnerability-2/
📰 SonicWall Warns of Two Zero-Days in SMA 1000 Under Active Exploit
SonicWall urges immediate patching for two actively exploited zero-days (CVE-2026-15409, CVE-2026-15410) in SMA 1000 series appliances. Flaws are chained for unauthenticated RCE. Both added to CISA KEV. #ZeroDay #SonicWall #InfoSec
🌐 cyber[.]netsecops[.]io
Bluesky
Overview
- Microsoft
- Microsoft Malware Protection Engine
Description
Statistics
- 2 Posts
- 7 Interactions
Fediverse
RoguePlanet (CVE-2026-50656): la race condition in Microsoft Defender che regala privilegi SYSTEM
#tech
https://spcnet.it/rogueplanet-cve-2026-50656-la-race-condition-in-microsoft-defender-che-regala-privilegi-system/
@informatica
Overview
Description
Statistics
- 3 Posts
- 1 Interaction
Fediverse
F5 Patches High-Severity NGINX Vulnerabilities That Could Lead to Code Execution
F5 patches three high-severity NGINX vulnerabilities, including CVE-2026-42533, that could enable memory corruption, crashes, and code executionhttps://thecybersecguru.com/news/f5-nginx-vulnerabilities-code-execution/
F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.
Bluesky
Overview
- ASUS
- System Control Interface v3
Description
Statistics
- 3 Posts
- 2 Interactions