radar.cysentrix

Security Radar

Page 1 of 10 · 656 stories from the last 30 days across 19 trusted sources.

Actively exploited 19 actively exploited CVEs in current coverage
View all CVEs →
  • CVE-2026-10520

    An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

    1storyEPSS 99%
  • CVE-2026-20253

    In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service.

    6storiesEPSS 92%
  • CVE-2026-35273

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

    2storiesEPSS 90%
  • CVE-2026-48907

    A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.

    1storyEPSS 80%
  • CVE-2026-50751

    A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

    1storyEPSS 71%
  • CVE-2024-40766

    An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

    1storyEPSS 16%
The Hacker News

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets

DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant. Tracked as CVE-2026-43503 (CVSS 8.8), it lets a local user c...

vulnerability
Help Net Security

Critical open-source projects get a new security framework

Open source software projects are getting a new framework for handling security vulnerabilities as AI shortens the time between flaw discovery and exploitation. The Linux Foundation has launched Akrites, an industry initiative that brings together technology companies, financi...

vulnerability
The Hacker News

Guardian Agents: The Next Layer of Identity Governance

AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to govern human access wasn't designed for autonomous actors, and the gap betwee...

Security Affairs · The Hacker News2 stories

Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff

AIRussian authorities used Cellebrite's UFED tools to unlock detained activist Andrey Pivovarov's iPhone in June 2021, months after Cellebrite said it halted sales to Russia.

Open narrative →
Show all coverage
The Hacker News

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. "The latest activity includes ...

malwaresupply chain
Schneier on Security

One Million Passports Leaked Online

A database of almost a million passports from around the world was leaked online. Note what happened. A high-value credential—a passport—was used in an ancillary low-value authentication system: ID verification for cannabis dispensaries. And it’s the low-value system that got ...

data breach
Help Net Security

Synology issues critical fix for MailPlus Server vulnerabilities

Synology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices. The security update fixes three flaws: CVE-2026-13136, stemming from faulty authorization checks, may allow remote attackers...

vulnerability
Security Affairs · SecurityWeek · Dark Reading · CISA Alerts · Help Net Security · The Hacker News · BleepingComputer9 stories

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

AICisco Unified CM SSRF flaw (CVE-2026-20230) actively exploited for webshell deployment after PoC release.

Open narrative →
vulnerabilityzero day Actively exploited · EPSS 34%
Show all coverage
Help Net Security

Ransomware gangs find Europe’s weakest link in third-party suppliers

Ransomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for attackers. Black Kite examined 2,066 ransomware incidents across 31 countries between January 2025 and April 2026 in its 202...

ransomware
SecurityWeek

$3 Million Reportedly Stolen in Polymarket Hack

The decentralized prediction market said hackers targeted some of its users through a compromise of a third-party vendor. The post $3 Million Reportedly Stolen in Polymarket Hack appeared first on SecurityWeek.

The Hacker News · Microsoft Security2 stories

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant

AIMicrosoft warns of a "Photo ZIP" phishing campaign targeting hospitality organizations in Europe and Asia since April 2026, using photo-themed ZIP files to deliver a Node.js implant for persistent access.

Open narrative →
microsoftphishing
Show all coverage
Help Net Security

Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials

Mirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal credentials during MFA prompts, has been identified by researchers at Fortra. Fortra based its analysis on a suspicious HTM...

phishingmicrosoft
Security Affairs

Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft

Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-party vendor allowed attackers to inject malicious code into its website, leading t...

data breach
SOCRadar

OSINT Tools for Cybersecurity: A Practical Guide for Security Teams

Best OSINT Tools for Cybersecurity in 2026 Attackers are already running open source intelligence operations against your organization. Before writing a single line of exploit code, they are mapping your exposed infrastructure, harvesting employee credentials from breach datab...

data breach
SecurityWeek

New Enterprise-Ready MCP Specification Brings New Security Challenges

A major overhaul of the Model Context Protocol shifts critical security responsibilities from the protocol itself to developers and platform operators. The post New Enterprise-Ready MCP Specification Brings New Security Challenges appeared first on SecurityWeek.