Overview
Description
Statistics
- 9 Posts
- 34 Interactions
Fediverse
I built FFmpeg 7.1.5 from source since Ubuntu is moving slowly on CVE-2026-8461, and leaving a Mastodon server that processes untrusted media all day long unpatched seems like a bad idea. So anyway, testing with a #Goose post.
So it appears that there's a new CVE for ffmpeg (https://nvd.nist.gov/vuln/detail/CVE-2026-8461), but bugger all information on the FFMPEG website about it.
https://security-tracker.debian.org/tracker/CVE-2026-8461
#PixelSmash #Debian #ffmpeg
Bluesky
Overview
- Xcitium (formerly Comodo Security Solutions)
- Comodo Internet Security
Description
Statistics
- 1 Post
- 220 Interactions
Overview
Description
Statistics
- 6 Posts
Fediverse
Cisco SD-WAN Zero-Day Exploited in Attacks
At a glance Actor: Unknown threat actor Activity Type: Privilege escalation and zero-day exploitation Targets: Service provider infrastructure Scale: Unknown victim count Jurisdiction: Active investigation; no arrests reported Source: Mandiant TL;DR Attackers breached a service provider using a Cisco SD-WAN zero-day flaw. They exploited CVE-2026-20245 to gain root-level control over network systems. Therefore, administrators must upgrade their software immediately to block further intrusions.
https://securityonline.info/cisco-sd-wan-zero-day/?utm_source=mastodon&utm_medium=jetpack_social
Cisco SD-WAN zero-day CVE-2026-20245 exploited for two months before disclosure. Mandiant found the traces. Attacker had netadmin access, escalated to root, cleaned up config files. Inside for months.
https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html
Bluesky
Overview
Description
Statistics
- 6 Posts
- 2 Interactions
Fediverse
CISA adds CVE-2026-12569 to the KEV catalog as adversaries actively exploit PTC Windchill & FlexPLM input validation vulnerabilities. Lock down your supply chain assets. Full forensic indicators, lateral movement tracking, and active endpoint hardening protocols are live: https://thecybermind.co/y7tn
📰 CISA Adds Actively Exploited PTC and Cisco Flaws to KEV Catalog, Mandates Federal Patching
📢 CISA adds two actively exploited vulnerabilities to its KEV catalog: CVE-2026-12569 in PTC products and CVE-2026-20230 in Cisco UCM. Federal agencies are mandated to patch. All orgs should prioritize these now! ⚠️ #CyberSecurity #Vulnerability #CI...
🌐 cyber[.]netsecops[.]io
🔗 https://cyber.netsecops.io/articles/cisa-adds-actively-exploited-ptc-and-cisco-flaws-to-kev-cata…
Bluesky
Overview
Description
Statistics
- 3 Posts
Bluesky
Overview
Description
Statistics
- 4 Posts
- 1 Interaction
Fediverse
📰 Attackers Actively Exploit Critical Cisco Unified CM Flaw to Deploy Webshells
⚠️ ACTIVE EXPLOITATION: A critical SSRF flaw in Cisco Unified CM (CVE-2026-20230) is being used to drop webshells. Attackers are scanning from Tor. Disable the WebDialer service or patch immediately! #Cisco #CyberAttack #Infosec #SSRF
🌐 cyber[.]netsecops[.]io
📰 CISA Adds Actively Exploited PTC and Cisco Flaws to KEV Catalog, Mandates Federal Patching
📢 CISA adds two actively exploited vulnerabilities to its KEV catalog: CVE-2026-12569 in PTC products and CVE-2026-20230 in Cisco UCM. Federal agencies are mandated to patch. All orgs should prioritize these now! ⚠️ #CyberSecurity #Vulnerability #CI...
🌐 cyber[.]netsecops[.]io
🔗 https://cyber.netsecops.io/articles/cisa-adds-actively-exploited-ptc-and-cisco-flaws-to-kev-cata…
Bluesky
Overview
Description
Statistics
- 2 Posts
- 1 Interaction
Fediverse
#Linux sometimes puts me on . Only here from Ubuntu for a real critical CVE vuln. an Update reached me for 43503 aka DirtyClone ( another DirtyFrag) . However 70% of my 100 Lx kernels (SLES only) have been patched. And tonight the rest follows . But the update forced me in this heat to check if the update today is from Suse provided already . But there is no new kernel. The 70 VMs had been patched for it in June 14 days ago. So the today’s update is useless.
Bluesky
Overview
Description
Statistics
- 2 Posts
Bluesky
Description
Statistics
- 2 Posts
Fediverse
📰 CISA Mandates Urgent Patching for Actively Exploited Flaws in Lantronix and Ubiquiti Devices
🚨 CISA KEV ALERT: Critical flaws in Lantronix EDS5000 (CVE-2025-67038) & Ubiquiti UniFi OS (CVE-2026-34908) are actively exploited. Unauthenticated RCE with root access possible. Patch immediately! #CyberSecurity #Vulnerability #PatchNow
🌐 cyber[.]netsecops[.]io
Bluesky
Overview
- GeoVision Inc.
- GV-LPCLPC2011/2211
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
GeoVision GV-LPC2011/2211 (≤v1.12) affected by CVE-2026-57879: CRITICAL stack-based buffer overflow in ssvr (CVSS 9.8). Remote, unauthenticated code execution possible via crafted RTSP. Restrict RTSP & monitor. https://radar.offseq.com/threat/cve-2026-57879-cwe-121-stack-based-buffer-overflow-92b9e3b3fdb94e2a #OffSeq #CVE202657879 #infosec #IoT