24h | 7d | 30d

Overview

  • Apple
  • macOS

11 Feb 2026
Published
13 Feb 2026
Updated

CVSS
Pending
EPSS
0.21%

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.

Statistics

  • 10 Posts
  • 2 Interactions

Last activity: 3 hours ago

Fediverse

Profile picture fallback

Here's a summary of recent global, technology, and cybersecurity news from the last 24 hours:

Globally, Canada mourned 10 lives lost in a mass shooting in British Columbia (February 12).

In technology, Samsung began mass production of HBM4 with ultimate performance for AI computing (February 12). Waymo also launched fully autonomous operations with its 6th-generation Driver (February 12).

For cybersecurity, Google reported state-backed hackers are using Gemini AI for reconnaissance and attack support (February 12). Apple patched an actively exploited zero-day vulnerability (CVE-2026-20700) affecting iOS, macOS, and other devices (February 12). Additionally, Palo Alto Networks reportedly chose not to publicly link a global cyberespionage campaign to China over fears of retaliation (February 13).

#News #Anonymous #AnonNews_irc

  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback

Global cybersecurity remains critical: Threat actors are actively exploiting Google's Gemini AI for varied attack stages, from reconnaissance to phishing. Apple has patched a critical zero-day vulnerability (CVE-2026-20700) exploited in sophisticated attacks. CISA updated its KEV Catalog with four new vulnerabilities, urging immediate remediation. Furthermore, the EU launched a new ICT Supply Chain Security Toolbox to enhance risk mitigation. (Feb 12-13, 2026)

#Cybersecurity #AnonNews_irc #News

  • 0
  • 0
  • 0
  • 6h ago

Bluesky

Profile picture fallback
ゼロデイ脆弱性「CVE-2026-20700」はmacOS / tvOS / watchOS / visionOSにも影響 - 窓の杜 https://forest.watch.impress.co.jp/docs/news/2085724.html
  • 1
  • 0
  • 0
  • 12h ago
Profile picture fallback
Apple、標的型攻撃で悪用されるゼロデイ脆弱性(CVE-2026-20700)を修正 Apple fixes zero-day flaw exploited in targeted attacks (CVE-2026-20700) #HelpNetSecurity (Feb 12) www.helpnetsecurity.com/2026/02/12/a...
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
Apple、iOS 26.3/iPadOS 26.3で複数の脆弱性を修正(CVE-2026-20700)、高度に標的化されたサイバー攻撃での悪用の可能性 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
🚨 Apple corrige sa 1ère faille Zero-Day de 2026 ! Une vulnérabilité (CVE-2026-20700) a été exploitée dans des attaques "extrêmement sophistiquées". Le récap par ici 👇 - www.it-connect.fr/cve-2026-207... #Apple #infosec #zeroday #cybersecurite
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
iOS 26.3 chiude una falla presente dal 2007 e sfruttata in attacchi zero-click Apple corregge CVE-2026-20700, una falla nel linker dyld presen... https://www.ilsoftware.it/ios-26-3-chiude-una-falla-presente-dal-2007-e-sfruttata-in-attacchi-zero-click/
  • 0
  • 0
  • 0
  • 9h ago
Profile picture fallback
ゼロデイ脆弱性「CVE-2026-20700」はmacOS / tvOS / watchOS / visionOSにも影響/Appleがセキュリティ更新を実施 https://forest.watch.impress.co.jp/docs/news/2085724.html
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
CVE-2024-43468 Microsoft Configuration Manager SQL Injection Vulnerability CVE-2025-15556 Notepad++ Download of Code Without Integrity Check Vulnerability CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability CVE-2026-20700 Apple Multiple Buffer Overflow Vulnerability
  • 0
  • 0
  • 0
  • 18h ago

Overview

  • BeyondTrust
  • Remote Support(RS) & Privileged Remote Access(PRA)

06 Feb 2026
Published
13 Feb 2026
Updated

CVSS v4.0
CRITICAL (9.9)
EPSS
4.22%

KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

  • 10 Posts
  • 13 Interactions

Last activity: 5 hours ago

Fediverse

Profile picture fallback

Had a case this week of a fairly secure deployment of BeyondTrust, but vulnerable to CVE-2026-1731. With basically zero egress, I implemented a timing oracle POC instead. Takes about 20 minutes to get the ls command output in this demo, but hey, it works! :D

  • 5
  • 7
  • 1
  • 11h ago
Profile picture fallback

Threat actors are actively exploiting CVE-2026-1731 (9.9) in BeyondTrust Remote Support & PRA.

Attackers extract portal data, then open WebSocket channels to trigger unauthenticated RCE.

🔗 Read → thehackernews.com/2026/02/rese

Patches are out, but exploitation started fast.

  • 0
  • 1
  • 0
  • 10h ago
Profile picture fallback

Here's a summary of the latest critical news in technology and cybersecurity:

State-backed hackers are reportedly leveraging Google's Gemini AI for reconnaissance and attack support. A critical BeyondTrust Remote Code Execution vulnerability (CVE-2026-1731) is being actively exploited in the wild. CISA has added four new exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog. In technology, Samsung commenced shipping of industry-first HBM4 memory for AI computing, and HKUST announced a major advance in calcium-ion battery technology.

#AnonNews_irc #Cybersecurity #Anonymous #News

  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback

Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support. securityweek.com/beyondtrust-v

  • 0
  • 0
  • 1
  • 5h ago
Profile picture fallback

Threat actors are actively exploiting a critical BeyondTrust vulnerability (CVE-2026-1731) within 24 hours of a proof-of-concept (PoC) exploit being released. This flaw, affecting BeyondTrust Remote Support and Privileged Remote Access, allows for unauthenticated remote code execution and has seen exploitation attempts from multiple IP addresses, some previously involved in other vulnerability exploits.
securityweek.com/beyondtrust-v

  • 0
  • 0
  • 0
  • 5h ago

Bluesky

Profile picture fallback
Critical BeyondTrust RCE CVE-2026-1731 is being actively exploited; apply provided RS and PRA patches immediately to prevent unauthorized access and data exfiltration.
  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731) 📖 Read more: www.helpnetsecurity.com/2026/02/13/b... #cybersecurity #cybersecuritynews #PoC #remoteaccess @beyondtrust1.bsky.social @rapid7.com @labs.watchtowr.com.web.brid.gy @greynoise.io
  • 0
  • 0
  • 0
  • 9h ago
Profile picture fallback
Threat actors began exploiting CVE-2026-1731 in BeyondTrust Remote Support and Privileged Remote Access soon after a public PoC, targeting thousands of exposed instances.
  • 0
  • 0
  • 0
  • 9h ago

Overview

  • Microsoft
  • Windows Notepad

10 Feb 2026
Published
12 Feb 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.13%

KEV

Description

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally.

Statistics

  • 5 Posts

Last activity: 5 hours ago

Fediverse

Profile picture fallback

Microsoft's #Notepad Got Pawned. The #vulnerability exploit #PoC code is public. Fork it while it's hot: github.com/BTtea/CVE-2026-2084

#cve2026_20841 #cyberSecurity

  • 0
  • 0
  • 0
  • 5h ago

Bluesky

Profile picture fallback
Windows のメモ帳の Markdown 機能が RCE の扉を開く (CVE-2026-20841) Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841) #HelpNetSecurity (Feb 12) www.helpnetsecurity.com/2026/02/12/w...
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
https://pc.watch.impress.co.jp/docs/news/2085270.html Windowsのメモ帳にリモートコード実行の脆弱性「CVE-2026-20841」が判明。 悪意あるマークダウンファイルを開かせ、リンクをクリックさせることでリモートファイルを読み込み実行可能です。 2月10日の月例セキュリティ更新プログラムで修正済みのストアアプリ版メモ帳が対象。
  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
【已復現】Microsoft Windows 記事本遠程代碼執行漏洞(CVE-2026-20841)
  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
Windows11のメモ帳に脆弱性。しかもリモートコード実行のヤバイやつ。原因はマークダウン | ニッチなPCゲーマーの環境構築Z https://www.nichepcgamer.com/archives/windows11-notepad-vulnerability-cve-2026-20841.html
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Ivanti
  • Endpoint Manager

10 Feb 2026
Published
10 Feb 2026
Updated

CVSS v3.1
HIGH (8.6)
EPSS
0.18%

KEV

Description

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

Statistics

  • 2 Posts
  • 43 Interactions

Last activity: 5 hours ago

Fediverse

Profile picture fallback

CVE-2026-1603

I refuse to believe that is a vulnerability over a purposeful backdoor, fuckin' yank products.

  • 14
  • 28
  • 0
  • 5h ago

Bluesky

Profile picture fallback
CVE-2026-1603: 認証されていないリモート攻撃者がIvanti EPMの秘密を盗む可能性があります CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets #DailyCyberSecurity (Feb 12) securityonline.info/cve-2026-160...
  • 1
  • 0
  • 0
  • 21h ago

Overview

  • goauthentik
  • authentik

12 Feb 2026
Published
12 Feb 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.03%

KEV

Description

authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view * Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server container through the test endpoint, which is intended to preview how a property mapping/policy works. authentik 2025.8.6, 2025.10.4, and 2025.12.4 fix this issue.

Statistics

  • 2 Posts

Last activity: 7 hours ago

Fediverse

Profile picture fallback

⚠️ CVE-2026-25227 (CRITICAL, CVSS 9.1): Code injection in goauthentik authentik via delegated permissions. Patch to 2025.8.6, 2025.10.4, or 2025.12.4 urgently. Audit permissions & monitor test endpoint usage. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback

🔐 CVE-2026-25227
CVE-2026-25227

📊 CVSS Score: 9.1
⚠️ Severity: Critical
📅 Published: 02/12/2026, 08:16 PM
🏷️ Aliases: CVE-2026-25227
🛡️ CWE: CWE-94
🔗 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H (security-advisories@github.com)
📚 References: github.com/goauthentik/authent github.com/goauthentik/authent

🔗 hecate.pw/vulnerability/CVE-20

#cve #vulnerability #hecate

  • 0
  • 0
  • 0
  • 7h ago

Overview

  • Palo Alto Networks
  • Cloud NGFW

11 Feb 2026
Published
11 Feb 2026
Updated

CVSS v4.0
MEDIUM (6.6)
EPSS
0.02%

KEV

Description

A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

Statistics

  • 2 Posts

Last activity: 19 hours ago

Bluesky

Profile picture fallback
認証されていない攻撃者が Palo Alto ファイアウォールをメンテナンスモードループに陥らせる可能性がある (CVE-2026-0229) Unauthenticated Attacker Can Trap Palo Alto Firewalls in Maintenance Mode Loop (CVE-2026-0229) #DailyCyberSecurity (Feb 12) securityonline.info/crash-loop-p...
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
パロアルトネットワークス、PAN-OSのAdvanced DNS SecurityにDoS脆弱性(CVE-2026-0229) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 19h ago

Overview

  • Fortinet
  • FortiClientEMS

06 Feb 2026
Published
11 Feb 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.17%

KEV

Description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Statistics

  • 2 Posts

Last activity: 1 hour ago

Fediverse

Profile picture fallback

🔐 CVE-2026-21643

📊 CVSS: 9.1 · Critical
📅 02/06/2026, 08:24 AM
🛡️ CWE: CWE-89
📦 Affected: Fortinet FortiClientEMS (7.4.4)
📚 fortiguard.fortinet.com/psirt/

🔗 hecate.pw/vulnerability/CVE-20

#cve #vulnerability #hecate

  • 0
  • 0
  • 0
  • 4h ago

Bluesky

Profile picture fallback
📢 Fortinet corrige une SQLi critique dans FortiClientEMS (CVE-2026-21643) 📝 Selon un avis PSIRT de Fortinet publié le 6 février 2026, une vulnérabilité critiqu… https://cyberveille.ch/posts/2026-02-11-fortinet-corrige-une-sqli-critique-dans-forticlientems-cve-2026-21643/ #CVE_2026_21643 #Cyberveille
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Ivanti
  • Endpoint Manager Mobile

29 Jan 2026
Published
30 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
54.26%

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

  • 2 Posts
  • 7 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture fallback

Das BSI hat seinen IT-Sicherheitshinweis zu Ivanti EPMM aktualisiert:
bsi.bund.de/SharedDocs/Cybersi

Es liegen Hinweise vor, dass die Schwachstellen CVE-2026-1281 und CVE-2026-1340 bereits seit Mitte 2025 ausgenutzt wurden. ALLE Betreiber von Ivanti EPMMs sollten daher bei der Prüfung ihrer Systeme auf Kompromittierungen den Untersuchungszeitraum bis Juli 2025 zurück ausweiten. Es muss davon ausgegangen werden, dass die Anzahl kompromittierter Systeme deutlich höher ist als ursprünglich angenommen.

  • 4
  • 3
  • 0
  • 11h ago

Bluesky

Profile picture fallback
📢 Ivanti EPMM : 83 % des exploits proviennent d’une seule IP « bulletproof » absente des IOC publiés 📝 Source : GreyNoise (Threat Signals), … https://cyberveille.ch/posts/2026-02-11-ivanti-epmm-83-des-exploits-proviennent-dune-seule-ip-bulletproof-absente-des-ioc-publies/ #CVE_2026_1281 #Cyberveille
  • 0
  • 0
  • 0
  • 2h ago

Overview

  • SolarWinds
  • Web Help Desk

28 Jan 2026
Published
13 Feb 2026
Updated

CVSS v3.1
HIGH (8.1)
EPSS
76.95%

Description

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality.

Statistics

  • 3 Posts
  • 2 Interactions

Last activity: 16 hours ago

Fediverse

Profile picture fallback

‼️ CISA added one more vulnerability to the KEV Catalog today...

CVE-2025-40536: SolarWinds Web Help Desk Security Control Bypass Vulnerability: SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality.

  • 0
  • 2
  • 0
  • 23h ago

Bluesky

Profile picture fallback
~Cisa~ CISA adds four actively exploited vulnerabilities affecting Microsoft, Notepad++, SolarWinds, and Apple to its KEV catalog, requiring remediation. - IOCs: CVE-2024-43468, CVE-2025-15556, CVE-2025-40536 - #CISA #KEV #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
CVE-2024-43468 Microsoft Configuration Manager SQL Injection Vulnerability CVE-2025-15556 Notepad++ Download of Code Without Integrity Check Vulnerability CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability CVE-2026-20700 Apple Multiple Buffer Overflow Vulnerability
  • 0
  • 0
  • 0
  • 18h ago

Overview

  • notepad-plus-plus
  • notepad-plus-plus

03 Feb 2026
Published
13 Feb 2026
Updated

CVSS v4.0
HIGH (7.7)
EPSS
11.09%

Description

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download and execute an attacker-controlled installer, resulting in arbitrary code execution with the privileges of the user.

Statistics

  • 3 Posts

Last activity: 10 hours ago

Fediverse

Profile picture fallback

CISA has added a critical code execution flaw in Notepad++ to its Known Exploited Vulnerabilities (KEV) catalog.

Notepad++ is a widely used open-source text editor popular among developers and IT teams.

The vulnerability (CVE-2025-15556) allows attackers to intercept or manipulate update traffic, tricking users into installing malicious payloads. The issue has been fixed in version 8.8.9 and all later releases.

  • 0
  • 0
  • 0
  • 10h ago

Bluesky

Profile picture fallback
~Cisa~ CISA adds four actively exploited vulnerabilities affecting Microsoft, Notepad++, SolarWinds, and Apple to its KEV catalog, requiring remediation. - IOCs: CVE-2024-43468, CVE-2025-15556, CVE-2025-40536 - #CISA #KEV #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
CVE-2024-43468 Microsoft Configuration Manager SQL Injection Vulnerability CVE-2025-15556 Notepad++ Download of Code Without Integrity Check Vulnerability CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability CVE-2026-20700 Apple Multiple Buffer Overflow Vulnerability
  • 0
  • 0
  • 0
  • 18h ago
Showing 1 to 10 of 51 CVEs