Overview
- Palo Alto Networks
- Cloud NGFW
Description
Statistics
- 5 Posts
- 1 Interaction
Fediverse
Palo Alto Networks has released patches for a high-severity denial-of-service vulnerability (CVE-2026-0227) affecting its PAN-OS firewalls, which could cause them to enter maintenance mode and disrupt network availability.
https://www.csoonline.com/article/4117730/palo-alto-networks-patches-firewalls-after-discovery-of-a-new-denial-of-service-flaw-2.html
📰 Palo Alto Networks Patches High-Severity DoS Flaw in PAN-OS Firewalls
Palo Alto Networks patches high-severity DoS flaw CVE-2026-0227 in PAN-OS. 🔒 The bug allows unauthenticated attackers to crash firewalls with GlobalProtect enabled. PoC exists. Patch immediately! #CyberSecurity #Vulnerability #PaloAltoNetworks
Bluesky
Overview
Description
Statistics
- 4 Posts
- 2 Interactions
Fediverse
Cisco has patched a critical AsyncOS vulnerability (CVE-2025-20393) that was exploited as a zero-day by the China-linked APT group UAT-9686 to gain root access and install persistence mechanisms like the AquaShell backdoor on Secure Email Gateway and Secure Email and Web Manager appliances.
https://securityaffairs.com/186985/apt/china-linked-apt-uat-9686-abused-now-patched-maximum-severity-asyncos-bug.html
Bluesky
Overview
Description
Statistics
- 4 Posts
- 1 Interaction
Fediverse
📰 China-Linked APT 'UAT-8837' Targets North American Critical Infrastructure
🇨🇳 A China-linked APT group, UAT-8837, is actively targeting North American critical infrastructure, warns Cisco Talos. The group exploits flaws like CVE-2025-53690 and uses tools like Earthworm for espionage. #APT #CyberSecurity #ThreatIntel #China
A China-linked APT group, UAT-8837, is exploiting a Sitecore zero-day vulnerability (CVE-2025-53690) to target American critical infrastructure, deploying open-source tools to harvest credentials and sensitive information.
https://thehackernews.com/2026/01/china-linked-apt-exploits-sitecore-zero.html
UAT-8837 targets critical infrastructure sectors in North America
https://blog.talosintelligence.com/uat-8837/
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium
confidence is a China-nexus advanced persistent threat (APT) actor based on
overlaps in tactics, techniques, and procedures (TTPs) with those of other
known China-nexus threat actors.
Based on UAT-8837's TTPs and post-compromise activity Talos has observed
across multiple intrusions, we assess with medium confidence that this actor
is primarily tasked with obtaining initial access to high-value organizations.
Although UAT-8837's targeting may appear sporadic, since at least 2025,
the group has clearly focused on targets within critical Infrastructure
sectors in North America.
After obtaining initial access — either by successful exploitation of
vulnerable servers or by using compromised credentials — UAT-8837
predominantly deploys open-source tools to harvest sensitive information such
as credentials, security configurations, and domain and Active Directory (AD)
information to create multiple channels of access to their victims. The threat
actor uses a combination of tools in their post-compromise hands-on-keyboard
operations, including Earthworm, Sharphound, DWAgent, and Certipy. The TTPs,
tooling, and remote infrastructure associated with UAT-8837 were also seen in
the recent exploitation of CVE-2025-53690, a ViewState Deserialization
zero-day vulnerability in SiteCore products, indicating that UAT-8837 may have
access to zero-day exploits.
Overview
Description
Statistics
- 3 Posts
- 5 Interactions
Fediverse
GLIBC-SA-2026-0002: getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler (CVE-2026-0915)
https://sourceware.org/pipermail/libc-announce/2026/000050.html
https://www.openwall.com/lists/oss-security/2026/01/16/5
GLIBC-SA-2026-0002: getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler (CVE-2026-0915)
https://www.openwall.com/lists/oss-security/2026/01/16/6
Overview
- ServiceNow
- Now Assist AI Agents
Description
Statistics
- 3 Posts
Fediverse
Fascinating 🛡️ BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow 🛡️
Key Takeaways
AI agents significantly amplify the impact of traditional security flaws.
A Virtual Agent integration flaw (CVE-2025-12420) allowed unauthenticated attackers to impersonate any ServiceNow user using only an email address, bypassing MFA and SSO.
Virtual Agent APIs can become unintended execution paths for privileged AI workflows.
Internal topics such as AIA-Agent Invoker AutoChat enable AI agents to be executed outside expected deployment constraints.
Point-in-time fixes do not eliminate systemic risk from insecure provider and agent configurations.
Preventing abuse of agentic AI in conversational channels requires:
Strong provider configuration controls, including enforced MFA for account linking
Establishing an agent approval-process
Implementing lifecycle management policies to de-provision unused or stagnant agents.
https://appomni.com/ao-labs/bodysnatcher-agentic-ai-security-vulnerability-in-servicenow/ #InfoSec
The ServiceNow 'BodySnatcher' vulnerability (CVE-2025-12420) shows why AI's race to market is a security disaster. Unauthenticated attackers hijacking AI agents to bypass MFA? This is what happens when we ship AI without proper security. My latest: https://securityboulevard.com/2026/01/were-moving-too-fast-why-ais-race-to-market-is-a-security-disaster/
Overview
Description
Statistics
- 2 Posts
Fediverse
Patch Now: Active Exploitation Underway for Critical HPE OneView Vulnerability
https://blog.checkpoint.com/research/patch-now-active-exploitation-underway-for-critical-hpe-oneview-vulnerability/
Check Point Research has identified an active, coordinated exploitation
campaign targeting CVE-2025-37164, a critical remote code execution
vulnerability affecting HPE OneView. The activity, observed directly in Check
Point telemetry, is attributed to the RondoDox botnet and represents a sharp
escalation from early probing attempts to large-scale, automated attacks.
Check Point has already blocked tens of thousands of exploitation attempts,
underscoring both the severity of the vulnerability and the urgency for
organizations to act.
On January 7, 2026 Check Point Research reported the campaign to CISA, and the
vulnerability was added to the Known Exploited Vulnerabilities KEV catalog
the same day.
Overview
Description
Statistics
- 1 Post
- 2 Interactions
Overview
Description
Statistics
- 2 Posts
- 5 Interactions
Fediverse
https://www.openwall.com/lists/oss-security/2026/01/16/5
GLIBC-SA-2026-0002: getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler (CVE-2026-0915)
https://www.openwall.com/lists/oss-security/2026/01/16/6
Overview
- Fortinet
- FortiSIEM
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
CVE-2025-64155: Three Years of Remotely Rooting the #Fortinet #FortiSIEM
Overview
- Delta Electronics
- DIAView
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
🔴 CVE-2025-62582 - Critical (9.8)
Delta Electronics DIAView has multiple vulnerabilities.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-62582/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack