Cybersecurity

QEMU is de afgelopen maanden gebruikt voor het verspreiden van ransomware en backdoors, zo stelt securitybedrijf Sophos. QEMU ...

Een toenemend aantal mensen maakt gebruik van AI-advies als ze een conflict hebben met een bank, verzekeraar of financieel ...

Microsoft heeft een noodpatch uitgebracht voor problemen met de Windows Server updates die vorige week werden uitgerold. De ...

De Nederlandse marine heeft de locatie van een fregat gelekt via een Bluetooth-tracker die in een briefkaart zat verstopt. Dat ...

TP-Link-routers worden actief aangevallen via een kwetsbaarheid uit 2023, zo stelt securitybedrijf Palo Alto Networks. Het ...

A new email from Sony says that PlayStation will require players to verify their age later this year to keep using communication features like messages and voice chat. Insider-Gaming reports: The initiative comes from the goal of providing "safe, age-appropriate experiences for players and families while respecting their privacy" and providing "meaningful control over their gaming experiences." The age-verification process will be implemented globally, and players will need to verify their age to continue using PlayStation communication services, such as messages and voice chat. If the player opts not to verify their age, they can still use other services, such as games, trophies, and the store. Only the communication experience will be affected if you choose not to verify your age. PlayStation didn't provide a date for when players will need to begin the verification process.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Guardian: A ban on mobile phones in schools in England is to be introduced by the government to ensure that "critical safeguarding legislation" is passed. The government will table an amendment to the children's wellbeing and schools bill in the House of Lords after the bill was held up by peers on opposition benches. It will make existing guidance on mobile phone bans in schools statutory, a move that ministers have resisted until now. The government had consistently argued that the vast majority of schools had already banned mobile phones, and that there was no need to add a legal requirement. They finally capitulated, however, describing it as "a pragmatic measure" to get the bill through. [...] The bill is regarded by many as the biggest piece of child protection legislation in decades and includes proposals for a compulsory register for children who are not in school, a crackdown on profiteering in children's social care, and a "single unique identifier" to help agencies track a child's welfare.

Read more of this story at Slashdot.

Apple announced that Tim Cook will step down as CEO in September after 15 years in the role, handing the job to hardware chief John Ternus. Longtime Slashdot reader sinij shares the news from MarketWatch: Cook leaves an impressive legacy after growing the company to a $4 trillion market capitalization from just $300 billion 15 years ago. Over Cook's 15-year tenure as CEO, Apple's stock has risen 1,932%, beating the S&P 500's 504% increase, according to Dow Jones Market Data. That places Apple's stock as the 38th best-performing member of the index over that period of time. Cook had big shoes to fill, replacing Apple's iconic founder, Steve Jobs, as CEO. Cook's successor, John Ternus, Apple's senior vice president of hardware engineering, will need to guide Apple's through uncharted waters as the company navigates its artificial-intelligence transition and supply-chain constraints. Cook will remain at Apple as executive chairman. "It has been the greatest privilege of my life to be the CEO of Apple and to have been trusted to lead such an extraordinary company. I love Apple with all of my being, and I am so grateful to have had the opportunity to work with a team of such ingenious, innovative, creative, and deeply caring people who have been unwavering in their dedication to enriching the lives of our customers and creating the best products and services in the world," said Cook. "John Ternus has the mind of an engineer, the soul of an innovator, and the heart to lead with integrity and with honor. He is a visionary whose contributions to Apple over 25 years are already too numerous to count, and he is without question the right person to lead Apple into the future. I could not be more confident in his abilities and his character, and I look forward to working closely with him on this transition and in my new role as executive chairman." As for Ternus' replacement, the role of Chief Hardware Officer will be awarded to Apple executive Johny Srouji. "Srouji, who most recently served as senior vice president of Hardware Technologies, will assume an expanded role leading Hardware Engineering, which John Ternus most recently oversaw, as well as the hardware technologies organization," said Apple in a press release.

Read more of this story at Slashdot.

Alex Bores, a former Palantir employee and current Democratic House candidate in New York, is proposing an "AI dividend" that would send direct payments to Americans if AI drives major job losses. "At its core, the AI Dividend is simple: if AI dramatically increases productivity and concentrates wealth, the American people have a stake in those gains," a memo on the policy reads. Axios reports: The dividend would fund direct payments to Americans. It would also be invested into workforce training and education, as well as government capacity to "govern AI safely and fund independent oversight," per the plan memo. "You don't take out fire insurance because you expect your house to burn down -- you have insurance in case something goes awry," Bores told Axios in an interview. "Here we have, for the first time, a technology where the makers of the technology are explicitly saying that their goal is to replace all human labor." "The fact that they've put it out there means government needs to take it seriously." [...] The proposal would be funded through: - A token tax, described in the memo as a "modest tax on AI consumption" - Equity participation in frontier AI firms - Changes to the tax code that would reduce incentives to invest in AI "when it leads to less work" "If [AI companies] they can support this plan, that would show that they actually believe in what they're putting out there," Bores said. "If they're not doing it, then I think it shows that they're really putting window dressing out there." Further reading: Palantir Posts Bond Villain Manifesto On X

Read more of this story at Slashdot.

Deezer says AI-generated songs now make up 44% of all new uploads to its platform, with nearly 75,000 arriving each day and more than two million per month. The company notes that consumption of these tracks is still very low, "between 1-3% of the total streams," and 85% are flagged as fraudulent. TechCrunch reports: The latest figure from Deezer highlights a continuous surge in AI-generated music uploads to the platform. Deezer reported receiving around 60,000 AI tracks per day in January, up from 50,000 in November, 30,000 in September, and just 10,000 in January 2025, when it first launched its AI-music detection tool. Songs tagged as AI-generated on Deezer are automatically removed from algorithmic recommendations and not included in editorial playlists. The company announced today that it will no longer store hi-res versions of AI tracks. "AI-generated music is now far from a marginal phenomenon and as daily deliveries keep increasing, we hope the whole music ecosystem will join us in taking action to help safeguard artists' rights and promote transparency for fans," said Deezer CEO Alexis Lanternier in a press release. "Thanks to our technology and the proactive measures we put in place more than a year ago, we have shown that it's possible to reduce AI-related fraud and payment dilution in streaming to a minimum."

Read more of this story at Slashdot.

And China is loving it

Iranian media is claiming that the US used backdoors and/or botnets to disable networking equipment during the current war, and Chinese state media is dining out on the allegations....

A lesson in how not to respond to vulnerability reports

UPDATED Vibe-coding platform Lovable is pooh-poohing a researcher’s finding that anyone could open a free account on the service and read other users' sensitive info, including credentials, chat history, and source code. However, the company’s story keeps changing: First it attributed the publicly exposed info to "intentional behavior" and "unclear documentation," then threw bug-bounty service HackerOne under the bus....

Installation and pre-approval without consent looks dubious under EU law

One app should not modify another app without asking for and receiving your explicit consent. Yet Anthropic's Claude Desktop for macOS installs files that affect other vendors' applications without disclosure, even before those applications have been installed, and authorizes browser extensions without consent....

Tyler Buchanan admits role in scheme that stole at least $8 million in virtual currency

A Scottish man linked to the Scattered Spider cybercrime crew has pleaded guilty in the US to a phishing and SIM-swap scheme that stole at least $8 million in cryptocurrency....

Out-of-band or out of control?

Microsoft has pushed out an out-of-band update to address the restart loop that hit some Windows Server devices after its April update....

NCEES explains why licensure matters for engineers and answers your top questions about the FE and PE exams. Source Views: 15

La entrada Thinking About Becoming a Licensed Engineer? Start Here. se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

View our compilation of online stories and resources highlighting the Hispanic community and their contributions to STEM. Source Views: 14

La entrada Celebrate Hispanic Heritage Month With SWE se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.cyberdefensemagazine.com – Author: News team Software supply chain attacks have emerged as a serious threat in the rapidly evolving field of cybersecurity, especially in medical devices. As these devices become more and more interconnected and dependent on complex software ecosystems, the potential for exploitation through the supply chain has grown exponentially. One powerful tool [...]

La entrada The Critical Role of Sboms (Software Bill of Materials) In Defending Medtech From Software Supply Chain Threats – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.cyberdefensemagazine.com – Author: News team It’s common knowledge in the cybersecurity industry that ransomware is on the rise, with median demands rising 20% year-over-year across virtually all industries. But it’s not only the ransom sums themselves that are escalating; threat actors are engaging in increasingly aggressive tactics and techniques to extort their victims. It’s [...]

La entrada Ransomware Tactics Are Shifting. Here’s How to Keep Up – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.darkreading.com – Author: Rob Wright CERT-FR’s advisory follows last month’s disclosure of a zero-day flaw Apple said was used in “sophisticated” attacks against targeted individuals. Original Post URL: https://www.darkreading.com/vulnerabilities-threats/french-sheds-light-apple-spyware-activity Category & Tags: – Views: 11

La entrada French Advisory Sheds Light on Apple Spyware Activity – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Vercel confirms a breach linked to Context.ai as a hacker lists alleged data for $2M. ShinyHunters denies involvement and flags imposters.

Over 130,000 users are at risk from fake TikTok downloader extensions on Chrome and Microsoft Edge. Researchers discovered these malicious tools use device fingerprinting to spy on users and steal sensitive browser data.

Remove unwanted objects from video effortlessly with AI in 2026. Learn step-by-step methods, best tools, and pro tips to clean up your footage like a professional.

Tyler Robert Buchanan, a 24-year-old British hacker linked to Scattered Spider, admits to a multi-year US hacking scheme involving at least $8M in crypto theft.

Critical RCE flaw in protobuf.js lets attackers execute code via malicious schemas. Learn who is at risk, affected versions, and how to fix it.

A vulnerability was found in langgenius dify up to 1.13.0 and classified as problematic. Impacted is an unknown function of the file /console/api/installed-apps/conversations/ of the component Chat History Handler. Such manipulation leads to incorrect authorization. This vulnerability is listed as CVE-2026-34082. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability has been found in OpenClaw up to 2026.3.30 and classified as critical. This issue affects the function fetch of the component Marketplace Plugin. This manipulation causes server-side request forgery. This vulnerability is tracked as CVE-2026-41302. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in OpenClaw up to 2026.3.30. This vulnerability affects unknown code. The manipulation of the argument senderIsOwner results in incorrect use of privileged apis. This vulnerability is identified as CVE-2026-41329. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in OpenClaw up to 2026.3.30. This affects an unknown part of the component Environment Variable Handler. The manipulation leads to insecure default variable initialization. This vulnerability is referenced as CVE-2026-41330. The attack can only be performed from a local environment. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in OpenClaw up to 2026.3.27. Affected by this issue is some unknown functionality. Executing a manipulation can lead to incorrect authorization. The identification of this vulnerability is CVE-2026-41303. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.

Added acknowledgements. This is an informational change only.

Added Security Only packages to Windows Server 2012 security updates. This is an informational change only.

Information published.

Information published.

Cisco heeft een kwetsbaarheid verholpen in Cisco Webex Services, specifiek in de SSO-integratie met Control Hub. De kwetsbaarheid bevindt zich in de onjuiste validatie van certificaten binnen de SSO-integratie van Cisco Webex Services via Control Hub. Een niet-geauthenticeerde externe aanvaller kan deze kwetsbaarheid misbruiken om zich voor te doen als elke gebruiker binnen het systeem. Dit kan leiden tot ongeautoriseerde toegang tot gebruikersaccounts en gevoelige informatie.

Fortinet heeft meerdere kwetsbaarheden verholpen in FortiSandbox, waaronder in on-premises versies en FortiSandbox Cloud, waarvan twee door Fortinet als kritiek zijn beoordeeld. Een kwaadwillende kan de kwetsbaarheden met kenmerk CVE-2026-39813 en CVE-2026-39808 misbruiken doordat in FortiSandbox sprake is van OS command injection en een path traversal-kwetsbaarheid in de JRPC API. Hierdoor kan een niet-geauthenticeerde aanvaller via gemanipuleerde HTTP-verzoeken ongeautoriseerde code of commando’s uitvoeren en authenticatie omzeilen. De overige kwetsbaarheden omvatten een path traversal-kwetsbaarheid waardoor een geprivilegieerde super-admin met CLI-toegang via HTTP-verzoeken mappen kan verwijderen, en meerdere cross-site scripting kwetsbaarheden (reflected en stored) waardoor via gemanipuleerde HTTP-verzoeken XSS-aanvallen kunnen worden uitgevoerd.

Fortinet heeft kwetsbaarheden verholpen in FortiAnalyzer, FortiAnalyzer Cloud, FortiManager en FortiManager Cloud. Een kwaadwillende kan de kwetsbaarheden misbruiken doordat in FortiAnalyzer, FortiAnalyzer Cloud, FortiManager en FortiManager Cloud sprake is van SQL-injection, path traversal en een heap-based buffer overflow, waardoor respectievelijk geautoriseerde aanvallers code kunnen uitvoeren of bestanden kunnen verwijderen en een niet-geauthenticeerde aanvaller op afstand code kan uitvoeren. Deze kwetsbaarheden treffen zowel on-premises als cloud-gebaseerde versies van de genoemde Fortinet producten.

Microsoft heeft een kwetsbaarheid verholpen in System Center. Een kwaadwillende kan de kwetsbaarheid misbruiken doordat Windows Defender onvoldoende gedetailleerde toegangscontrole toepast, waardoor een geautoriseerde aanvaller lokaal zijn rechten kan verhogen. **UPDATE ** Indien Microsoft Defender zichzelf in jouw IT-omgeving automatisch bijwerkt, controleer dan of de desbetreffende beveiligingsupdates zijn geïnstalleerd. Er is publieke Proof-of-Concept-code (PoC) verschenen die de kwetsbaarheid met kenmerk CVE-2026-33825 aantoont en mogelijk misbruikt. De kans op misbruik neemt hierdoor toe.

Microsoft heeft kwetsbaarheden verholpen in Windows. Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipulatie van gegevens - Toegang tot gevoelige gegevens - Uitvoeren van willekeurige code (gebruikersrechten) - Verkrijgen van verhoogde rechten - Omzeilen van een beveiligingsmaatregel - Spoofing ``` Function Discovery Service (fdwsd.dll): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32087 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-32093 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-32086 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-32150 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Applocker Filter Driver (applockerfltr.sys): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-25184 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Kernel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26179 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-26180 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32195 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-32215 | 5,50 | Toegang tot gevoelige gegevens | | CVE-2026-32217 | 5,50 | Toegang tot gevoelige gegevens | | CVE-2026-32218 | 5,50 | Toegang tot gevoelige gegevens | | CVE-2026-26163 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Remote Procedure Call: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32085 | 5,50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Common Log File System Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32070 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Management Console: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27914 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Push Notification Core: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26167 | 8,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32158 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32159 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32160 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-26172 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Installer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27910 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows File Explorer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32081 | 5,50 | Toegang tot gevoelige gegevens | | CVE-2026-32079 | 5,50 | Toegang tot gevoelige gegevens | | CVE-2026-32084 | 5,50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Boot Manager: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26175 | 4,60 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows Boot Loader: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-0390 | 6,70 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows User Interface Core: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32165 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-27911 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32163 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32164 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Windows Speech: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32153 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows USB Print Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32223 | 6,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows COM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20806 | 5,50 | Toegang tot gevoelige gegevens | | CVE-2026-32162 | 8,40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Input-Output Memory Management Unit (IOMMU): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2023-20585 | 5,30 | | |----------------|------|-------------------------------------| Universal Plug and Play (upnp.dll): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32212 | 5,50 | Toegang tot gevoelige gegevens | | CVE-2026-32214 | 5,50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Redirected Drive Buffering: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32216 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Virtualization-Based Security (VBS) Enclave: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-23670 | 5,70 | Omzeilen van beveiligingsmaatregel | | CVE-2026-32220 | 4,40 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows Active Directory: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-33826 | 8,00 | Uitvoeren van willekeurige code | | CVE-2026-32072 | 6,20 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Windows Shell: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26165 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-26166 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-27918 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32202 | 4,30 | Voordoen als andere gebruiker | | CVE-2026-32151 | 6,50 | Toegang tot gevoelige gegevens | | CVE-2026-32225 | 8,80 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows Server Update Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26154 | 7,50 | | | CVE-2026-26174 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-32224 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows TCP/IP: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27921 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-33827 | 8,10 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Kernel Memory: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26169 | 6,10 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows BitLocker: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27913 | 7,70 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows GDI: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27931 | 5,50 | Toegang tot gevoelige gegevens | | CVE-2026-27930 | 5,50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Kerberos: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27912 | 8,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows RPC API: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26183 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Ancillary Function Driver for WinSock: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32073 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-26168 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-26173 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-26177 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-26182 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-27922 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-33099 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-33100 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Remote Desktop Licensing Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26160 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-26159 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Snipping Tool: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32183 | 7,80 | Uitvoeren van willekeurige code | | CVE-2026-33829 | 4,30 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Windows Local Security Authority Subsystem Service (LSASS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26155 | 6,50 | Toegang tot gevoelige gegevens | | CVE-2026-32071 | 7,50 | Denial-of-Service | |----------------|------|-------------------------------------| Windows Cryptographic Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26152 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27917 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Print Spooler Components: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-33101 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Projected File System: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27927 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-26184 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32069 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32074 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32078 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows LUAFV: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27929 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Universal Plug and Play (UPnP) Device Host: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27915 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-27919 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32075 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32156 | 8,40 | Uitvoeren van willekeurige code | | CVE-2026-27916 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-27920 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-27925 | 7,50 | Toegang tot gevoelige gegevens | | CVE-2026-32077 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Win32K - GRFX: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-33104 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Hello: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27906 | 4,40 | Omzeilen van beveiligingsmaatregel | | CVE-2026-27928 | 7,70 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows Cloud Files Mini Filter Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27926 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Admin Center: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32196 | 6,10 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Windows Win32K - ICOMP: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32222 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Remote Desktop Client: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32157 | 8,80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows WalletService: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32080 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Windows Search Component: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27909 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Desktop Window Manager: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27924 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32152 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32154 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-27923 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32155 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows HTTP.sys: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-33096 | 7,50 | Denial-of-Service | |----------------|------|-------------------------------------| Windows Secure Boot: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-25250 | 6,00 | Omzeilen van beveiligingsmaatregel, | |----------------|------|-------------------------------------| Microsoft PowerShell: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26170 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Windows: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32181 | 5,50 | Denial-of-Service | |----------------|------|-------------------------------------| Windows SSDP Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32082 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-32083 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-32068 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Client Side Caching driver (csc.sys): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26176 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Sensor Data Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26161 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Encrypting File System (EFS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26153 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows TDI Translation Driver (tdx.sys): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27908 | 7,00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Storage Spaces Controller: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-27907 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32076 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Brokering File System: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26181 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32219 | 7,00 | Verkrijgen van verhoogde rechten | | CVE-2026-32091 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows IKE Extension: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-33824 | 9,80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Biometric Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32088 | 6,10 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows Advanced Rasterization Platform: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26178 | 8,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows OLE: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26162 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Recovery Environment Agent: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20928 | 4,60 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows Speech Brokered Api: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32089 | 7,80 | Verkrijgen van verhoogde rechten | | CVE-2026-32090 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Container Isolation FS Filter Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-33098 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Management Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20930 | 7,80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Role: Windows Hyper-V: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26156 | 7,80 | Uitvoeren van willekeurige code | | CVE-2026-32149 | 7,30 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Remote Desktop: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26151 | 7,10 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Microsoft Graphics Component: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32221 | 8,40 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| ```

Er is een ernstige kwetsbaarheid gevonden in Microsoft System Center, aangeduid als CVE-2026-33825. Deze kwetsbaarheid wordt beoordeeld als hoog risico, met een CVSS-score van 7.8, en wordt actief misbruikt. Daarnaast is er een publieke exploitcode beschikbaar, waardoor het risico op grootschalige aanvallen hoog is. We adviseren daarom om meteen de updates uit te voeren.

Vandaag, 15 april, heeft de Tweede Kamer de wetsvoorstellen voor de Cyberbeveiligingswet (Cbw) en de Wet weerbaarheid kritieke entiteiten aangenomen. Dat is een belangrijke stap, ook voor ons werk bij NCSC.

Het Amerikaanse AI-bedrijf Anthropic kondigde onlangs het AI model Mythos aan, een model voor kwetsbaarheidsopsporing en chaining. Volgens de gepresenteerde resultaten kan Mythos kwetsbaarheden sneller opsporen en koppelen tot volledige exploits en aanvalsketens. Dit kan de verdediging versterken, maar kan ook digitale aanvallen versnellen. De boodschap van het NCSC is simpel: Wacht niet af. Verkort je reactietijden, versnel patch processen, en zorg dat basisbeveiliging op orde is.

Er is een ernstige kwetsbaarheid, CVE-2026-34621, gevonden in Adobe Acrobat DC, Acrobat Reader DC en Acrobat 2024. Deze kwetsbaarheid wordt beoordeeld als zeer ernstig, CVSS-score van 9,6, en wordt actief misbruikt. Daarnaast is er een publieke exploitcode beschikbaar, waardoor het risico op grootschalige aanvallen hoog is. We adviseren daarom om meteen de updates uit te voeren.

Er is een ernstige kwetsbaarheid gevonden in Fortinet FortiClient EMS, aangeduid als CVE-2026-35616 met een CVSS-score van 9.8. Deze kwetsbaarheid wordt beoordeeld als 'zeer ernstig' en bevindt zich in de fase van actief misbruik.

Ein Angreifer kann mehrere Schwachstellen in OpenClaw ausnutzen, um erweiterte Privilegien zu erlangen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten offenzulegen oder zu manipulieren oder andere, nicht näher spezifizierte Angriffe durchzuführen.

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenClaw ausnutzen, um Daten zu manipulieren, Sicherheitsmechanismen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen..

Ein Angreifer kann mehrere Schwachstellen in OpenClaw ausnutzen, um erweiterte Rechte zu erlangen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen oder andere, nicht näher spezifizierte Angriffe durchzuführen.

Ein Angreifer kann mehrere Schwachstellen in OpenClaw ausnutzen, um erweiterte Privilegien zu erlangen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten offenzulegen oder zu manipulieren oder andere, nicht näher spezifizierte Angriffe durchzuführen.

Ein Angreifer kann mehrere Schwachstellen in OpenClaw ausnutzen, um erweiterte Rechte zu erlangen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten offenzulegen oder zu manipulieren oder andere, nicht näher spezifizierte Angriffe durchzuführen.

De multiples vulnérabilités ont été découvertes dans Spring Framework. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.

Une vulnérabilité a été découverte dans les produits Moxa. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Une vulnérabilité a été découverte dans Mattermost Server. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Une vulnérabilité a été découverte dans Xen. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

De multiples vulnérabilités ont été découvertes dans Apache Kafka. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection leading to the execution of arbitrary code. SGLang is a high-performance, open-source serving

Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser extensions act normally while pulling data and running code. Even update channels are used to push payloads. It’s not breaking systems—it’s bending trust. There’s also a shift in how attacks run.

The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don't fail because of bad technology. They stall because what worked in the demo doesn't survive contact with real operations. The gap between a

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture that could pave the way for remote code execution and have a cascading effect on the artificial intelligence (AI) supply chain. "This flaw enables Arbitrary Command Execution (RCE) on any system running a vulnerable MCP implementation, granting attackers direct access to

Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence, tamper with local configuration files, and scan for operational technology (OT)-relevant services on the local subnet.

VP.NET makes VPN privacy verifiable, not just policy-based, with secure enclave tech for up to five devices.

The post This VPN Lets You Verify Your Business Privacy For $130 appeared first on TechRepublic.

Amtrak data breach exposes over 2.1 million customer records after CRM access. Learn what was leaked, risks, and steps users and IT teams should take now.

The post Amtrak Data Breach Exposes 2.1M Records, Reports Suggest Larger Leak appeared first on TechRepublic.

The MCP flaw reveals a systemic AI security gap, exposing enterprise systems to supply chain attacks and forcing a shift toward data-layer governance.

The post The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment appeared first on TechRepublic.

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft Defender and Windows users.

The post Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched appeared first on TechRepublic.

Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and sideloaded fake apps to steal PINs.

The post Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign appeared first on TechRepublic.

State-sponsored North Korean hackers are likely behind the $290 million crypto-heist that impacted the KelpDAO DeFi project on Saturday. [...]

A set of 26 malicious apps on Apple App Store impersonate popular wallets, such as Metamask, Coinbase, Trust Wallet, and OneKey, to steal recovery or seed phrases and drain them of cryptocurrency assets. [...]

A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang affiliate. [...]

The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. [...]

Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks. [...]

Scammers dressed up like Catholic Charities and legitimate pro bone legal services on social media platforms are targeting immigrants and bilking them for money. Manhattan DA Alvin Bragg is pressing Meta to follow its own terms and shut them down.

The post Manhattan DA Bragg Pushes Meta to Put a Stop to Immigration Scams appeared first on Security Boulevard.

Learn how ML-based anomaly detection stops metadata exfiltration in post-quantum AI environments and secures MCP infrastructure against advanced threats.

The post ML-Based Anomaly Detection for Post-Quantum Metadata Exfiltration appeared first on Security Boulevard.

Key Takeaways It’s surprising that traditional risk registers (spreadsheets or basic databases) persist in a world racing toward AI-infused technology. But the states speak for themselves: 59% of GRC practitioners use no commercial tool, with 52% spending 30-50% of time on admin tasks like data entry. Although reliable for basic checklists, traditional risk registers are [...]

The post AI-Powered Risk Registers vs. Traditional Risk Management: What’s the Difference? appeared first on Centraleyes.

The post AI-Powered Risk Registers vs. Traditional Risk Management: What’s the Difference? appeared first on Security Boulevard.

There is a certain kind of argument that appears every time encryption comes up. Yes, yes, privacy is lovely. But think of the children!!! And just like that, the conversation is over. Because once someone has wheeled in children, terrorists, organised crime, and a shadowy man in a basement who definitely has a beard, anyone ... Continue reading Why We Actually Need End-to-End Encryption →

The post Why We Actually Need End-to-End Encryption appeared first on Security Boulevard.

Author, Creator & Presenter: Rob T. Lee, Glenn Thorpe, Dan Hubbard & Sergej Epp

---

Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations' YouTube Channel.

Permalink

The post [un]prompted 2026 – Rob T. Lee, Glenn Thorpe, Dan Hubbard & Sergej Epp – Vibe Coded (Micro-Talks) appeared first on Security Boulevard.

Topic: Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange (IKE) Service (CVE-2026-33824) Risk: High Text:CVE-2026-33824 is a critical remote code execution vulnerability affecting the Windows Internet Key Exchange (IKE) service, whi...

Topic: WordPress Madara Local File Inclusion Risk: Medium Text:# Exploit Title: WordPress Madara Local File Inclusion # Date: November 1, 2025 # Exploit Author: Beatriz Fresno Naumova # ...

Topic: FortiWeb 8.0.2 Remote Code Execution Risk: High Text:# Exploit Title: FortiWeb 8.0.2 - Remote Code Execution # Date: 2025-11-22 # Author: Mohammed Idrees Banyamer # Author Coun...

Topic: Easy File Sharing Web Server v7.2 Buffer Overflow Risk: High Text:# Exploit title: Easy File Sharing Web Server v7.2 - Buffer Overflow # Date: 16/10/2025 # Exploit Author: Donwor # X: @real_...

Topic: NetBT e-Fatura Privilege Escalation Risk: Medium Text:# Exploit Title: NetBT e-Fatura - Privilege Escalation # Author: Seccops # Discovery Date: 2025-10-03 # Vendor: https://net-...

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021.

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named Aisuru, Kimwolf, JackSkid and Mossad -- are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.

The New York Times has a long article where the author lays out an impressive array of circumstantial evidence that the inventor of Bitcoin is the cypherpunk Adam Back.

I don’t know. The article is convincing, but it’s written to be convincing.

I can’t remember if I ever met Adam. I was a member of the Cypherpunks mailing list for a while, but I was never really an active participant. I spent more time on the Usenet newsgroup sci.crypt. I knew a bunch of the Cypherpunks, though, from various conferences around the world at the time. I really have no opinion about who Satoshi Nakamoto really is...

Pretty fantastic video from Japan of a giant squid eating another squid.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

Last week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been restricted to roughly 50 organizations—Microsoft, Apple, Amazon Web Services, CrowdStrike and other vendors of critical infrastructure—under an initiative called Project Glasswing.

The announcement was accompanied by a barrage of hair-raising anecdotes: thousands of vulnerabilities uncovered across every major...

Interesting research: “Humans expect rationality and cooperation from LLM opponents in strategic games.”

Abstract: As Large Language Models (LLMs) integrate into our social and economic interactions, we need to deepen our understanding of how humans respond to LLMs opponents in strategic settings. We present the results of the first controlled monetarily-incentivised laboratory experiment looking at differences in human behaviour in a multi-player p-beauty contest against other humans and LLMs. We use a within-subject design in order to compare behaviour at the individual level. We show that, in this environment, human subjects choose significantly lower numbers when playing against LLMs than humans, which is mainly driven by the increased prevalence of ‘zero’ Nash-equilibrium choices. This shift is mainly driven by subjects with high strategic reasoning ability. Subjects who play the zero Nash-equilibrium choice motivate their strategy by appealing to perceived LLM’s reasoning ability and, unexpectedly, propensity towards cooperation. Our findings provide foundational insights into the multi-player human-LLM interaction in simultaneous choice games, uncover heterogeneities in both subjects’ behaviour and beliefs about LLM’s play when playing against them, and suggest important implications for mechanism design in mixed human-LLM systems...

This article on the walls of Constantinople is fascinating.

The system comprised four defensive lines arranged in formidable layers:

• The brick-lined ditch, divided by bulkheads and often flooded, 15­-20 meters wide and up to 7 meters deep.
• A low breastwork, about 2 meters high, enabling defenders to fire freely from behind.
• The outer wall, 8 meters tall and 2.8 meters thick, with 82 projecting towers.
• The main wall—a towering 12 meters high and 5 meters thick—with 96 massive towers offset from those of the outer wall for maximum coverage.

...

A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which handles applications for passports, ID cards, residence permits, and driver’s licenses. Authorities detected the incident on April 15 and warned it may have exposed personal data from both individuals [...]

Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan, a 24-year-old from Scotland linked to the Scattered Spider group, admitted in a US court that he hacked dozens of companies, committed fraud, and stole millions in cryptocurrency. Spanish police arrested the British national [...]

Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw, tracked as CVE-2023-33538 (CVSS score of 8.8), in outdated TP-Link routers, but so far without success. The vulnerability is a command [...]

Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach caused by the compromise of a third-party AI tool, Context.ai, used by one of its employees. The attacker took over the employee’s Google Workspace account and used it [...]

Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome exploit for just $2,283, raising concerns about how easily AI can be used to find and exploit vulnerabilities. Below is the cost of the experiment: Model [...]