The activity, observed by the cybersecurity company in May 2026, involves the exploitation of CVE-2026-35616 (CVSS score: 9.1), a critical pre-authentication API access bypass leading to privilege escalation. https://thehackernews.com/2026/05/threat-actors-exploit-critical.html

Docker Engine v29.4.3 mitigates the critical Copy Fail (CVE-2026-31431) vulnerability. Update immediately if you cannot patch your Linux kernel yet.

More details here: https://ostechnix.com/docker-copy-fail-mitigation/

#Docker #Copyfail #CVE202631431 #Pagecache #Linuxkernel

Update immediately if you cannot patch your Linux kernel yet: Docker Releases Mitigation for Copy Fail (CVE-2026-31431) - OSTechNix https://ostechnix.com/docker-copy-fail-mitigation/

#Docker Releases Mitigation for Copy Fail (CVE-2026-31431)

https://ostechnix.com/docker-copy-fail-mitigation/

So here's one of the cool things you can do with Gentoo. You're not forced to stick to the latest version of a package, multiple stable versions might be available simultaneously. So in this case you can mask rsync-3.4.3 to avoid the slop-induced bugs and the package manager will automatically fall back to rsync-3.4.1-r2. See that '-r2' suffix? That's important, it means that it's the base 3.4.1 version plus a set of patches added by the Gentoo maintainers. In this particular case those patches address CVE-2025-10158, so you get the important security fix but avoid the slop issues introduced in the next stable release. Naturally, while the technical brilliance of this system is remarkable, what really shines it the will of Gentoo maintainers to go above and beyond to solve users' issues. Thanks (and donations) should go to them.

https://mastodon.gamedev.place/@JeremiahFieldhaven/116654345332213390

#Gentoo #rsync

CVE-2024-13745 in EDK II (likely, "WONTFIX"): "what you measure is not what you use".

The story about firmware measuring bytes different from ones being used. It affects PCR[5], so the severity is low (nobody cares about PCR[5] by default).

https://www.openwall.com/lists/oss-security/2026/05/29/2

3/3

This is a supply chain story dressed as a CVE. The ecosystem was built too fast. Security assumed it would catch up. It hasn't.

Digital sovereignty without perimeter defence is just security theatre. If you're running MCP servers and you skip the proxy because 'it adds complexity,' you've already lost.

https://haunted.lighthouse.co.im/articles/badhost-mcp-sovereignty/

#BadHost #CVE202648710 #Starlette #FastAPI #MCP #SupplyChain #CyberSecurity #DigitalSovereignty #ShadowIT #Architecture

1/3
BadHost (CVE-2026-48710) exposes MCP servers through a trivial HTTP header parsing flaw that hits 325 million weekly downloads across FastAPI, vLLM, LiteLLM, and the entire agentic AI stack.

But the vulnerability isn't the story. The story is why patches won't fix it.

https://haunted.lighthouse.co.im/articles/badhost-mcp-sovereignty/

CVE-2026-9999: HIGH severity flaw in Chrome (Mac, <148.0.7778.216) allows remote code execution in the sandbox via crafted HTML. No exploits in the wild. Patch to 148.0.7778.216+ now! https://radar.offseq.com/threat/cve-2026-9999-inappropriate-implementation-in-goog-790503e9 #OffSeq #Chrome #Mac #Vuln #Security

CVE-2025-0066 — Critical supply chain attack in SAP NetWeaver AS for ABAP. Weak access controls allow info disclosure, impacting confidentiality, integrity, and availability. CVSS 9.9. Unpatched. Act now to mitigate risk. #CVE #SAP #infosec

https://www.valtersit.com/cve/CVE-2025-0066/