sev:CRIT auth bypass in SNOW.

https://www.cve.org/CVERecord?id=CVE-2025-12420

A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a relevant security update to hosted instances in October 2025. Security updates have also been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Additionally, the vulnerability is addressed in the listed Store App versions. We recommend that customers promptly apply an appropriate security update or upgrade if they have not already done so.

ServiceNow has patched a critical vulnerability (CVE-2025-12420) in its AI Platform that allowed unauthenticated users to impersonate others and perform actions on their behalf.
https://thehackernews.com/2026/01/servicenow-patches-critical-ai-platform.html

The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0. https://thehackernews.com/2026/01/servicenow-patches-critical-ai-platform.html

ServiceNow patches critical AI platform flaw that could allow user impersonation https://cyberscoop.com/servicenow-fixes-critical-ai-vulnerability-cve-2025-12420/

📰 Urgent Patch: CISA Adds Actively Exploited Gogs RCE Flaw to KEV Catalog

🚨 URGENT: CISA adds a critical, actively exploited RCE vulnerability in Gogs Git service (CVE-2025-8110) to its KEV catalog. The flaw allows full server takeover. Federal agencies must patch by Feb 2. All orgs urged to act now! ⚠️ #CVE #Gogs #RCE

🔗 https://cyber.netsecops.io/articles/cisa-adds-actively-exploited-gogs-rce-vulnerability-to-kev-catalog/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

Latest global tech and cybersecurity news (Jan 12-13, 2026):

The World Economic Forum's 'Global Cybersecurity Outlook 2026' highlights AI, geopolitics, and cyber-fraud as key shapers of risk, with fraud now surpassing ransomware as a top concern. CISA added a Gogs Path Traversal vulnerability (CVE-2025-8110) to its Known Exploited Vulnerabilities Catalog due to active exploitation. A critical vulnerability (CVE-2026-21858) was found in the n8n workflow automation platform, affecting thousands of systems. In technology, Google removed some medical AI Overviews following "alarming" results.

#News #Anonymous #AnonNews_irc

RE: https://infosec.exchange/@cR0w/115888888335126115

Well would you look at that. Write-up now available. Go fuck up some FortiShit.

https://horizon3.ai/attack-research/disclosures/cve-2025-64155-three-years-of-remotely-rooting-the-fortinet-fortisiem/

🔴 CVE-2025-64155 - Critical (9.8)

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 t...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-64155/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

We've been working on a new AI-driven + human-in-the-loop threat signals detector and this morning it flagged this path that we have not seen before in the grid in the past 90d `/api/v1/licensing/about`. It turns out it's an unauth’d version check for SmarterTools SmarterMail.

If that name sounds familiar its b/c of CVE-2025-52691 (https://nvd.nist.gov/vuln/detail/CVE-2025-52691). (1/3)

Timeline of vulnerability (soon to be exploited...) (SmartMail):

2025-12-28: NVD CVE published. [1]
2026-01-08: Vulnerability deepdive and PoC published. [2]
2026-01-12: Reconnaissance for instances detected. [3]
2026-01-xx: Exploitation? ...

[1]: https://nvd.nist.gov/vuln/detail/CVE-2025-52691
[2]: https://labs.watchtowr.com/do-smart-people-ever-say-theyre-smart-smartertools-smartermail-pre-auth-rce-cve-2025-52691/
[3]: https://www.labs.greynoise.io/grimoire/2026-01-13-smartermail-version-enumeration/

Die erste Ausgabe von 60 Sekunden Cyber beschäftigt sich mit dem aktuellen ESA-Hack, der Situation Taiwans, CVE-2026-21858 und dem Schlag gegen Black Axe.

https://www.60-sekunden-cyber.de/kw2-2026/

#cyber #cybersicherheit #itsicherheit #news

Latest global tech and cybersecurity news (Jan 12-13, 2026):

The World Economic Forum's 'Global Cybersecurity Outlook 2026' highlights AI, geopolitics, and cyber-fraud as key shapers of risk, with fraud now surpassing ransomware as a top concern. CISA added a Gogs Path Traversal vulnerability (CVE-2025-8110) to its Known Exploited Vulnerabilities Catalog due to active exploitation. A critical vulnerability (CVE-2026-21858) was found in the n8n workflow automation platform, affecting thousands of systems. In technology, Google removed some medical AI Overviews following "alarming" results.

#News #Anonymous #AnonNews_irc

CERT-Bund benachrichtigt seit dem 09.01.2026 deutsche Netzbetreiber zu im Internet exponierten veraltete Instanzen der Open-Source Workflow-Automatisierungsplattform n8n, die noch für mindestens eine der kritischen Schwachstellen CVE-2025-68613, CVE-2025-68668, CVE-2026-21858 oder CVE-2026-21877 verwundbar sind.

Aktuell sind uns rund 24.000 n8n-Systeme bei deutschen Netzbetreibern bekannt, von denen ca. 13.800 (58%) noch verwundbar sind.

🟠 CVE-2025-13444 - High (8.4)

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13444/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

Go hack more Progress shit.

https://community.progress.com/s/article/LoadMaster-Vulnerabilities-CVE-2025-13444-CVE-2025-13447

Im Kemp Loadmaster sind im Dez. 2025 kritische Schwachstelle CVE-2025-13444 und CVE-2025-13447 gepatcht worden. Nun dürfen die Details öffentlich gemacht werden - mein Nachtrag:

https://borncity.com/blog/2025/12/21/progress-kemp-loadmaster-schwachstellen-patchen-17-dez-2025/

🟠 CVE-2025-13447 - High (8.4)

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13447/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

Go hack more Progress shit.

https://community.progress.com/s/article/LoadMaster-Vulnerabilities-CVE-2025-13444-CVE-2025-13447

Im Kemp Loadmaster sind im Dez. 2025 kritische Schwachstelle CVE-2025-13444 und CVE-2025-13447 gepatcht worden. Nun dürfen die Details öffentlich gemacht werden - mein Nachtrag:

https://borncity.com/blog/2025/12/21/progress-kemp-loadmaster-schwachstellen-patchen-17-dez-2025/

🟠 CVE-2026-22812 - High (8.8)

OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process (or any website via permissive CORS) to execute arbitrary shell commands with the user's privi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22812/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🔴 CVE-2026-0501 - Critical (9.9)

Due to insufficient input validation in SAP S/4HANA Private Cloud and On-Premise (Financials General Ledger), an authenticated user could execute crafted SQL queries to read, modify, and delete backend database data. This leads to a high impact on...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0501/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🟠 CVE-2025-41717 - High (8.8)

An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of confidentiality, availability and integrity d...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41717/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

#OT #Advisory VDE-2025-073
Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers

A code injection vulnerability at the upload-config endpoint in the firmware of TC ROUTER and CLOUD CLIENT Industrial Mobile network routers has been discovered that can be exploited by an high privileged attacker.
#CVE CVE-2025-41717

https://certvde.com/en/advisories/vde-2025-073/

#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-073.json