Description
Statistics
- 6 Posts
- 2 Interactions
Fediverse
Two Newly Discovered Chrome Zero-Days Exploited in the Wild to Run Malicious Code
Google has released an urgent security update for its Chrome desktop browser to address two critical zero-day vulnerabilities. Tracked as CVE-2026-3909 and CVE-2026-3910, both flaws are categorized as high-severity and are confirmed to be actively exploited by attackers in the wild. Users are strongly advised to update their browsers immediately to protect against potential malicious […]The post Two Newly Discovered Chrome Zero-Days Exploited in the Wild to Run Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder
Bluesky
Description
Statistics
- 6 Posts
- 2 Interactions
Fediverse
Two Newly Discovered Chrome Zero-Days Exploited in the Wild to Run Malicious Code
Google has released an urgent security update for its Chrome desktop browser to address two critical zero-day vulnerabilities. Tracked as CVE-2026-3909 and CVE-2026-3910, both flaws are categorized as high-severity and are confirmed to be actively exploited by attackers in the wild. Users are strongly advised to update their browsers immediately to protect against potential malicious […]The post Two Newly Discovered Chrome Zero-Days Exploited in the Wild to Run Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder
Bluesky
Overview
- Microsoft
- Microsoft Devices Pricing Program
Description
Statistics
- 3 Posts
- 4 Interactions
Bluesky
Overview
Description
Statistics
- 2 Posts
- 2 Interactions
Fediverse
US agencies face a CISA deadline to secure networks after a critical Cisco SD-WAN flaw (CVE-2026-20127) exposed federal systems to long-term intrusion and admin access.
Read: https://hackread.com/us-agencies-cisa-deadline-critical-cisco-sd-wan-flaw/
Overview
- elemntor
- Ally – Web Accessibility & Usability
Description
Statistics
- 3 Posts
Fediverse
Over 200,000 #WordPress sites are exposed due to an SQL injection flaw in the Ally plugin (CVE-2026-2413), allowing attackers to extract database data. Patch released, but many sites remain vulnerable.
Read: https://hackread.com/sql-injection-vulnerability-ally-wordpress-plugin/
Overview
Description
Statistics
- 1 Post
- 12 Interactions
Fediverse
Today's CVE stinker: https://github.com/joshuavanderpoll/CVE-2025-69985
You can get auth bypass on a SCADA HMI that already doesn't require auth, and then run a script by sending the script to `api/runscript`
Is this still a useful CVE? Perhaps! I am not an expert on FUXA HMIs specifically, and I'm sure they didn't intend for their runscript endpoint to be used to run *anything*
but still.
"you can run scripts by sending them to /api/runscript" sure is a funny CVE description.
Overview
- defnull
- multipart
Description
Statistics
- 1 Post
- 9 Interactions
Fediverse
The 'multipart' #python library got an independent #security audit and I only know about that because they found something -> CVE-2026-28356
This is great, actually! Someone looked into it so thoroughly that they found an obscure single-character issue in a regular expression ... and didn't find anything else! Which means I can now be really confident about the security of this library. Nice!
Overview
- dagu-org
- dagu
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse
⚠️ CRITICAL vuln: dagu <2.2.4 suffers from path traversal (CVE-2026-31886). Exploit allows deletion of /tmp, causing system-wide DoS. Upgrade to 2.2.4+ or enforce input validation now! https://radar.offseq.com/threat/cve-2026-31886-cwe-22-improper-limitation-of-a-pat-116cb11a #OffSeq #dagu #security #CVE2026_31886
Overview
- mackron
- dr_libs
Description
Statistics
- 2 Posts
- 2 Interactions
Bluesky
Overview
- nyariv
- SandboxJS
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
🔥 CRITICAL: CVE-2026-26954 in SandboxJS (< 0.8.34) enables sandbox escape via Function & Object.fromEntries. Attackers can run arbitrary code remotely! Upgrade to v0.8.34+ now. Full details: https://radar.offseq.com/threat/cve-2026-26954-cwe-94-improper-control-of-generati-35790079 #OffSeq #CVE202626954 #infosec #sandbox