Overview
Description
Statistics
- 1 Post
Fediverse
Your antivirus is now the exploit. Defender's own remediation engine writes SYSTEM-level files to attacker-chosen paths via a symlink race. Check MPE version 1.1.26040.8 manually. Auto-update is a faith-based control.
https://www.decryptiondigest.com/blog/cve-2026-41091-defender-zero-day-patch
Overview
- Google Cloud
- Internal Integration Platform APIs
Description
Statistics
- 2 Posts
Fediverse
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
👇
https://brutecat.com/articles/google-cloud-rce/
Overview
- prefecthq
- prefecthq/prefect
Description
Statistics
- 1 Post
Fediverse
🚨 HIGH severity: CVE-2026-3515 in Prefect's GitHub integration (v3.6.18) lets attackers inject git options via 'reference' field, risking SSRF, credential theft, or RCE. No patch yet — avoid untrusted input! https://radar.offseq.com/threat/cve-2026-3515-cwe-88-improper-neutralization-of-ar-5216fe05 #OffSeq #Vuln #Infosec