DESTAQUES

Ameaças Cibernéticas

1223 notícias
Ameaças Cibernéticas Bleeping Computer 🇺🇸

OpenAI confirms security breach in TanStack supply chain attack

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. [...]

Ameaças Cibernéticas The Hacker News 🇺🇸

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious - node-ipc@9.1.6 nod…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

18-year-old NGINX vulnerability allows DoS, potential RCE

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. [...]

Ameaças Cibernéticas Dark Reading 🇺🇸

Foxconn Attack Highlights Manufacturing's Cyber Crisis

A Nitrogen ransomware attack on Foxconn's North American facilities is one of 600 hits on manufacturers this year, as gangs increasingly target the sector for its low tolerance for downtime.

Ameaças Cibernéticas The Hacker News 🇺🇸

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure. The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case o…

Ameaças Cibernéticas The Hacker News 🇺🇸

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON). The security defects have been…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

New Fragnesia Linux flaw lets attackers gain root privileges

Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability (known as Fragnasia and tracked as CVE-2026-46300) that allows attackers to run malicious code as root. [...]

Ameaças Cibernéticas The Hacker News 🇺🇸

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia, the…

Ameaças Cibernéticas The Hacker News 🇺🇸

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, discovered by depthfirst, is a heap buffer overflow issue impacting ngx_http_rewrite…

Link copiado!