Web
NewsPlease enter a web search for web results.
News
WebMultiple Splunk Enterprise Vulnerabilities Enable Path Traversal and Information Disclosure Attacks
2+ hour, 24+ min ago (503+ words) Splunk has released security updates addressing multiple vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These flaws could lead to issues such as path traversal, disclosure of stored credential hashes, and arbitrary execution of SPL (Search Processing Language) searches. Three…...
New TuxBot v3 IoT Botnet Uses LLM-Generated Code to Hijack Devices and Launch DDoS Attacks
1+ hour, 53+ min ago (634+ words) The malware can run across a wide range of device architectures, creating a broad risk for routers, cameras, and other exposed Linux-based equipment. TuxBot uses several paths to gain access, including Telnet password guessing, SSH scanning, HTTP-based probing, Android Debug…...
GPT-5.6 Sol Ultra Builds Full Chrome Exploit Chain From Security Patches
16+ hour, 30+ min ago (336+ words) OpenAI’s GPT-5.6 Sol Ultra model independently constructed a complete, working exploit chain for Google Chrome, using nothing but publicly available security patch commits as its starting point. Researchers from Hacktron tasked three frontier AI models, GPT-5.6 Sol Medium, Sol Ultra,…...
Chinese Hackers Embed Claude Code and DeepSeek in AI-Powered Government Cyberattacks
1+ day, 3+ hour ago (252+ words) Rather than acting as peripheral research tools, Claude Code and DeepSeek-v4-pro were embedded directly into the core execution flows of a China-linked cyber espionage campaign. The operation uncovered by Hunt researchers pivoted off known TencShell command-and-control (C2) infrastructure originally documented…...
Multiple Notepad++ Vulnerabilities Enable PowerShell Command Injection Attacks
1+ day, 6+ hour ago (244+ words) The update resolves five distinct issues spanning path traversal, buffer overflow, and authentication bypass weaknesses, reinforcing the security posture of one of the most widely used Windows text editors. The most severe issue fixed in this release involves an install-time…...
Gamers Download Fake Cheats and Hand Attackers a Live Remote Control of Their Windows PCs
1+ day, 3+ hour ago (403+ words) New research uncovered 11 malicious NuGet packages disguised as game cheats, bots, and management panels for popular online titles. The campaign targets gaming communities playing titles such as Albion Online, GTA5RP, GrandRP, Majestic RP, and Throne and Liberty. Once installed, these packages…...
Microsoft Active Directory Services 0-Day Vulnerability Actively Exploited in the Wild
1+ day, 5+ hour ago (453+ words) This flaw allows an authenticated local attacker with low privileges to gain administrator-level access on affected systems. CVE-2026-56155 stems from insufficient granularity in access control within AD FS, a Microsoft service commonly utilized by organizations for single sign-on and federated…...
FortiSandbox Vulnerability Allows Attackers to Access VNC Servers of VMs
1+ day, 17+ hour ago (311+ words) Fortinet has disclosed a high-severity vulnerability in FortiSandbox that could allow unauthenticated attackers to access the VNC servers of virtual machines used for malware scanning. Tracked as CVE-2026-59835, the flaw is classified as an Exposure of Resource to Wrong Sphere…...
Hackers Spoof 3.7 Million OAuth Client IDs to Stealthily Enumerate 2 Million Entra ID Users
1+ day, 17+ hour ago (468+ words) Threat actors are increasingly exploiting spoofed OAuth client IDs to enumerate Microsoft Entra ID accounts and identify potentially valid credentials while evading traditional detection methods, according to recent research from Proofpoint. Microsoft Entra ID typically logs this information in sign-in…...
Fortinet Patches Seven Vulnerabilities Across FortiOS, FortiProxy, FortiPAM, and FortiSandbox
1+ day, 17+ hour ago (352+ words) Fortinet disclosed seven new security advisories on July 14, 2026, affecting FortiOS, FortiProxy, FortiPAM, and FortiSandbox. The flaws range from low-severity header injection bugs to medium-severity buffer overflows and a notably concerning unauthenticated VNC exposure in FortiSandbox. While none carry a critical…...