What the cybersecurity community is reporting right now.
Vulnerability in SOPlanning software
Reported by 9 sources: CERT Poland, Securelist, Infosecurity Magazine, SIPRI via Google News, DIVD CSIRT
vulnerabilsoplansoftware
Vulnerability in BitWizard mtr software
Reported by 8 sources: CERT Poland, Zero Day Initiative, Infosecurity Magazine, SIPRI via Google News, DIVD CSIRT
vulnerabilbitwizardmtrsoftware
Turning software supply chain security into a daily habit
Reported by 8 sources: Help Net Security, Департамент Разработки, ReversingLabs, Unit42, Infosecurity Magazine
turnsoftwaresupchainsecurdaihabit
Cybercriminals Plant Malicious AI Agents in Open Source Tool Repositories
Reported by 8 sources: Habr InfoSec, Infosecurity Magazine, Dark Reading, Snyk, WeLiveSecurity BR
cicdopensource
SubscriberWrites: Securing India’s critical infrastructure in the age of cyber warfare
Reported by 7 sources: Google News · Energy Security, Politico Cyber via Google News, Microsoft MSTIC via Google News, Singapore CSA via Google News, ASD ACSC via Google News
Microsoft Patches Defender ‘RoguePlanet’ Vulnerability
Reported by 7 sources: SecurityWeek, Security Affairs, The Hacker News, Microsoft MSTIC via Google News, Cybereason
microsoftpatchdefendrogueplanetvulnerabil
Supply chain attack npm: реверс-инжиниринг двухступенчатого payload от bootstrap до C2
Reported by 7 sources: Codeby, Департамент Разработки, Infosecurity Magazine, Snyk, Axios Cyber via Google News
supchainattacknpmpayloadbootstrap
n8n security advisory (AV26-672)
Reported by 6 sources: Canadian Cyber Centre, Singapore CSA via Google News, NSA via Google News, Netherlands NCSC via Google News, New Zealand NCSC via Google News
n8nsecuradvisoryav26672
China issues 'backdoor' security alert over Anthropic's Claude Code - The Hindu
Reported by 6 sources: FreeBuf, The Hindu Cyber via Google News, Xianzhi, Infosecurity Magazine, WeLiveSecurity BR
claudecodecheckc
Palo Alto Networks security advisory (AV26-674)
Reported by 6 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, Risky Business, Italy ACN via Google News, DIVD CSIRT
paloaltonetworksecuradvisoryav26425
Tanium security advisory (AV26-673)
Reported by 6 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, Singapore CSA via Google News, NSA via Google News, New Zealand NCSC via Google News
taniumsecuradvisoryav26673
Rising Cyber Threats Fueling Growth: AI Infrastructure Security Market to Soar at 19.1% CAGR by 2030
Reported by 6 sources: Google News · AI Security, New Zealand NCSC via Google News, Saudi NCA via Google News, ASD ACSC via Google News, Huntress
riscybthreatfuelgrowthinfrastructuresecurmarket
Meeting with Security Council members - Президент России
Reported by 6 sources: Kremlin Cyber via Google News, Axios Cyber via Google News, Zero Day Initiative, Snyk, People's Daily Cyber via Google News
meetsecurcouncilmember
Endpoint Security Market to Reach USD 28.06 Billion by 2031, Fueled by Rising AI-Driven Cyber Threats | Report by MarketsandMarkets™
Reported by 6 sources: Google News · Advanced Threats, WeLiveSecurity, Check Point Research, New Zealand NCSC via Google News, Huntress
endpointsecurmarketreachusd2806billion2031
Spectra Analyze in Action: Hunting Device Code Phishing Pages
Reported by 6 sources: Xakep, ReversingLabs, Detection Engineering Weekly, Zero Day Initiative, Microsoft MSTIC via Google News
devicecodeflowmicrosoft
Multiple Vulnerabilities in BeyondTrust Products - Cyber Security Agency of Singapore
Reported by 6 sources: Singapore CSA via Google News, CISA Advisories, ASD ACSC via Google News, Huntress, NSA via Google News
Active Exploitation Alert: Citrix NetScaler ADC & Gateway Vulnerability (CVE-2023-4966) CitrixBleed-ing Again Under Massive Attack
Reported by 6 sources: Google News · Vulnerabilities, Dark Reading, Canadian Cyber Centre, New Zealand NCSC via Google News, BSI Germany
actexploitaalertcitrixnetscaladcgatewayvulnerabil
Vulnerabilities in R-SOFT DMS software
Reported by 6 sources: CERT Poland, Zero Day Initiative, Infosecurity Magazine, SIPRI via Google News, DIVD CSIRT
vulnerabilrsoftdmssoftware
Bad Epoll Zero-Day Vulnerability Enables Local Privilege Escalation on Linux Systems
Reported by 5 sources: Google News · Zero Days, Exploit-DB, Zero Day Initiative, Belgium CCB via Google News, Snyk
badepolzerodayvulnerabilenabllocprivilegeescala
China issues 'backdoor' security alert over Anthropic's Claude Code - The Hindu
Reported by 5 sources: Kanxue, The Hindu Cyber via Google News, Global Times Cyber via Google News, Xianzhi, WeLiveSecurity BR
claudecode
Critical infrastructure, banks must become quantum-ready to tackle future cyber threats: President, CyberPeace
Reported by 5 sources: Google News · Critical Infrastructure, New America Cyber via Google News, ASD ACSC via Google News, New Zealand NCSC via Google News, Brookings TechStream via Google News
Reported by 5 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, Singapore CSA via Google News, NSA via Google News, New Zealand NCSC via Google News
freepbxsecuradvisoryav26680
Palo Alto Networks Patches 13 Vulnerabilities
Reported by 5 sources: SecurityWeek, Canadian Cyber Centre, The Register, DIVD CSIRT, BSI Germany
paloaltonetworkpatchvulnerabil
Healthcare Cybersecurity: Risks, and Defenses
Reported by 5 sources: Google News · Cyber Attacks, Infosecurity Magazine, Huntress, ENISA EU via Google News, Brookings TechStream via Google News
healthcarecybersecurriskdefens
Google Chrome Update Patches 27 Security Vulnerabilities Including Critical Use-After-Free Flaws
Reported by 5 sources: GBHackers, Canadian Cyber Centre, Singapore CSA via Google News, KrCERT via Google News, Snyk
googlechromeupdatepatchsecurflawincludcritic
A new frontier in artificial intelligence - NCSC NZ
Reported by 5 sources: New Zealand NCSC via Google News, FBI Press, ASD ACSC via Google News, Brookings TechStream via Google News, Hudson Institute via Google News
frontiartificiintelligncsc
Claude AI Prompt Injection Attack Turns Chatbot Into Stealthy C2 Agent to Achieve Remote Code Execution
Reported by 5 sources: GBHackers, FreeBuf, Zero Day Initiative, DIVD CSIRT, Snyk
claudepromptinjecattackturnchatbotstealthyagent
Langflow security advisory (AV26-670)
Reported by 5 sources: Canadian Cyber Centre, NSA via Google News, Netherlands NCSC via Google News, New Zealand NCSC via Google News, Snyk
langflowsecuradvisoryav26670
Active Exploitation of Critical Vulnerabilities in Joomla Extensions - Cyber Security Agency of Singapore
Reported by 5 sources: Singapore CSA via Google News, Belgium CCB via Google News, ASD ACSC via Google News, NSA via Google News, German BSI via Google News