Overview
Description
Statistics
- 6 Posts
- 4 Interactions
Fediverse
Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
Bluesky
Overview
- OpenClaw
- OpenClaw
Description
Statistics
- 3 Posts
- 3 Interactions
Fediverse
depthfirst | 1-Click RCE To Steal Your Moltbot Data and Keys (CVE-2026-25253)
https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keys
Here's a summary of the latest global, technology, and cybersecurity news from the last 24-48 hours:
**Global:** US-Iran talks on a nuclear deal are progressing, though Iran warned of regional war if attacked (Feb 1-2). A Russian drone strike killed 15 mineworkers in Dnipro, Ukraine (Feb 1).
**Tech/Cybersecurity:** ETSI launched a new, globally applicable cybersecurity standard for AI models (ETSI EN 304 223, Feb 2). A critical remote code execution (RCE) flaw in the OpenClaw AI assistant (CVE-2026-25253) was disclosed (Feb 2). AI-driven cyber threats are escalating, and Microsoft's extensive AI infrastructure spending is raising Wall Street concerns (Jan 30 - Feb 2).
Overview
- Samsung Electronics
- MagicINFO 9 Server
Description
Statistics
- 2 Posts
Fediverse
🟠 CVE-2026-25201 - High (8.8)
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server.
This issue affects MagicINFO 9 Server: less than 21.1090.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25201/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- Qualcomm, Inc.
- Snapdragon
Description
Statistics
- 3 Posts
Fediverse
🟠 CVE-2025-47397 - High (7.8)
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47397/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Qualcomm released the security bulletin for February 2026: CVE-2025-47397 is the GPU IOMMU issue mentioned in 39c3’s Build a Fake Phone, Find Real Bugs session. (at the 28 minute mark) The presenter said that they’ll “update the presentation’s repository with the technical details once the CVE is shared publicly”, Looking forward to reading that…
Qualcomm’s CVE-2025-47397 patch doesn’t make sense on kernel 5.10: 5.10 isn’t vulnerable to the issue in the first place!
The bug was only introduced in kernel 5.15.
(Interestingly, some poor dev at MediaTek hit the exact same bug in 2022: searching for “iommu_map_sg cve” gives me this fix commit)
Overview
Description
Statistics
- 4 Posts
- 3 Interactions
Fediverse
Ivanti: Notfall-Update gegen Zero-Days
Wieder einmal fällt der US-Hersteller Ivanti mit gefährlichen (9,8 von 10) Sicherheitslücken auf, die zum Zeitpunkt der Updates bereits angegriffen werden. Sagte ich wieder einmal? Ja, einige vergangene Meldungen: hier, hier, hier oder hier. Die beiden Sicherheitslücken CVE-2026-1281 und CVE-2026-1340 wurden mit Notfall-Updates geschlossen. Angeblich kann der Hersteller nicht sagen, welche Schwäche genau angegriffen wird, da zu wenige bekannte Angriffe vorlägen. Ach ja, aber flicken konnte man die unbekannten Schwächen? Glaubwürdigkeit gleich null. Da drängt
https://www.pc-fluesterer.info/wordpress/2026/02/02/ivanti-notfall-update-gegen-zero-days/
#Allgemein #Empfehlung #Hintergrund #Warnung #0day #closedsource #cybercrime #exploits #foss #hintertür #politik #UnplugTrump #usa #vorbeugen #vorfälle #wissen #zeroday
Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
Overview
- Ivanti
- Endpoint Manager Mobile
Description
Statistics
- 4 Posts
- 3 Interactions
Fediverse
Ivanti: Notfall-Update gegen Zero-Days
Wieder einmal fällt der US-Hersteller Ivanti mit gefährlichen (9,8 von 10) Sicherheitslücken auf, die zum Zeitpunkt der Updates bereits angegriffen werden. Sagte ich wieder einmal? Ja, einige vergangene Meldungen: hier, hier, hier oder hier. Die beiden Sicherheitslücken CVE-2026-1281 und CVE-2026-1340 wurden mit Notfall-Updates geschlossen. Angeblich kann der Hersteller nicht sagen, welche Schwäche genau angegriffen wird, da zu wenige bekannte Angriffe vorlägen. Ach ja, aber flicken konnte man die unbekannten Schwächen? Glaubwürdigkeit gleich null. Da drängt
https://www.pc-fluesterer.info/wordpress/2026/02/02/ivanti-notfall-update-gegen-zero-days/
#Allgemein #Empfehlung #Hintergrund #Warnung #0day #closedsource #cybercrime #exploits #foss #hintertür #politik #UnplugTrump #usa #vorbeugen #vorfälle #wissen #zeroday
Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
Overview
Description
Statistics
- 2 Posts
Fediverse
#infosec #linux #vulnerability
Un fallo de seguridad (exploit) encontrado recientemente expuso casi 800.000 servicios a Telnet a nivel mundial.
Según la Base de Datos de Vulnerabilidad Nacional (NVD) el exploit CVE-2026-24061 afecta a las versiones 1.9.3 a 2.7.
Estás versiones permiten al cliente pasar un valor de la variable de entorno USER al servidor e iniciar sesión como usuario root omitiendo la autenticación.
1/2
Bluesky
Overview
Description
Statistics
- 2 Posts
Bluesky
Overview
Description
Statistics
- 1 Post
- 5 Interactions
Fediverse
RE: https://mastodon.social/@bagder/116001950411560304
My CVEs are still at 0 medals, but thanks to VxWorks I was able to achieve a CVE on Mars (#Curiosity rover, CVE-2023-38346) 😉
Btw. if anyone from #NASA could confirm curiosity was/is really affected (but probably without attack vector so no impact I guess), that would mean a lot to me
Overview
- Native Instruments
- Native Access
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
🟠 CVE-2026-24070 - High (8.8)
During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is de...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24070/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack