Overview
- SAP_SE
- SAP NetWeaver Application Server ABAP and ABAP Platform
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
🛡️ CRITICAL: CVE-2026-0509 in SAP NetWeaver ABAP (7.22 – 9.19) lets authenticated users run unauthorized background RFCs, risking integrity & availability. Patch when available, restrict S_RFC, monitor RFC usage. Details: https://radar.offseq.com/threat/cve-2026-0509-cwe-862-missing-authorization-in-sap-3bdb181d #OffSeq #SAP #CVE20260509 #infosec
Overview
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
"Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation.
The activity, observed around December 25, 2025, and described as "worm-driven," leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, along with the recently disclosed React2Shell (CVE-2025-55182, CVSS score: 10.0) vulnerability. The campaign has been attributed to a threat cluster known as TeamPCP (aka DeadCatx3, PCPcat, PersyPCP, and ShellForce).
TeamPCP is known to be active since at least November 2025, with the first instance of Telegram activity dating back to July 30, 2025. The TeamPCP Telegram channel currently has over 700 members, where the group publishes stolen data from diverse victims across Canada, Serbia, South Korea, the U.A.E., and the U.S. Details of the threat actor were first documented by Beelzebub in December 2025 under the name Operation PCPcat.
"The operation's goals were to build a distributed proxy and scanning infrastructure at scale, then compromise servers to exfiltrate data, deploy ransomware, conduct extortion, and mine cryptocurrency," Flare security researcher Assaf Morag said in a report published last week."
https://thehackernews.com/2026/02/teampcp-worm-exploits-cloud.html
#CyberSecurity #TeamPCP #Ransomware #CloudComputong #Cryptocurrencies
Overview
- shaarli
- Shaarli
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
I've uploaded new versions of the Shaarli package (bookmarks app) in Debian with a security fix.
The package versions with the fix:
- 0.16.1+dfsg-1 in testing and unstable
- 0.14.0+dfsg-2+deb13u1 in stable-security
- 0.12.1+dfsg-8+deb12u2 in oldstable-security
More information about the issue:
https://github.com/shaarli/Shaarli/security/advisories/GHSA-g3xq-mj52-f8pg
https://security-tracker.debian.org/tracker/CVE-2026-24476
Overview
- SAP_SE
- SAP CRM and SAP S/4HANA (Scripting Editor)
Description
Statistics
- 1 Post
Fediverse
🔥 CVE-2026-0488 (CVSS 9.9): CRITICAL auth bypass in SAP CRM & S/4HANA Scripting Editor. Authenticated users can run arbitrary SQL, risking full DB compromise. Patch fast, restrict access! https://radar.offseq.com/threat/cve-2026-0488-cwe-862-missing-authorization-in-sap-cae5a650 #OffSeq #SAP #Vuln #ERP #Cybersecurity
Overview
- frangoteam
- FUXA
Description
Statistics
- 1 Post
Fediverse
⚠️ CRITICAL: CVE-2026-25894 in frangoteam FUXA (<1.2.10) lets unauthenticated attackers forge admin JWT tokens & execute code. Patch to 1.2.10+, audit secrets, restrict access. Protect your ICS! https://radar.offseq.com/threat/cve-2026-25894-cwe-321-use-of-hard-coded-cryptogra-a10e5fe5 #OffSeq #ICS #Vulnerability #SCADA
Overview
Description
Statistics
- 1 Post
Bluesky
Overview
- localsend
- localsend
Description
Statistics
- 1 Post
Overview
- net.sourceforge.plantuml:plantuml
Description
Statistics
- 1 Post
Overview
- frangoteam
- FUXA
Description
Statistics
- 1 Post
Fediverse
CRITICAL: CVE-2026-25895 in frangoteam FUXA (<1.2.10) enables unauthenticated path traversal — arbitrary file writes on SCADA/HMI servers. Patch to 1.2.10+ ASAP to mitigate severe OT risk! https://radar.offseq.com/threat/cve-2026-25895-cwe-22-improper-limitation-of-a-pat-61293111 #OffSeq #SCADA #ICS #Vuln
Overview
Description
Statistics
- 1 Post