radar.cysentrix

Security Radar

Page 1 of 10 · 1056 stories from the last 30 days across 19 trusted sources.

Actively exploited 23 actively exploited CVEs in current coverage
View all CVEs →
  • CVE-2025-5777

    Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

    1storyEPSS 100%
  • CVE-2026-10520

    An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

    1storyEPSS 99%
  • CVE-2026-33017

    Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data (containing arbitrary Python code in node definitions) instead of the stored flow data from the database. This code is passed to exec() with zero sandboxing, resulting in unauthenticated remote code execution. This is distinct from CVE-2025-3248, which fixed /api/v1/validate/code by adding authentication. The build_public_tmp endpoint is designed to be unauthenticated (for public flows) but incorrectly accepts attacker-supplied flow data containing arbitrary executable code. This issue has been fixed in version 1.9.0.

    1storyEPSS 98%
  • CVE-2026-35273

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

    2storiesEPSS 92%
  • CVE-2026-20253

    In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service.

    6storiesEPSS 88%
  • CVE-2026-48907

    A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.

    1storyEPSS 80%
The Hacker News

CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware

Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' web management interfaces, the CERT Coordination Center (CERT/CC) warned Monda...

Help Net Security

Researchers make the case for a cybersecurity AI scientist

Autonomous AI agents have started doing real security work. Language-model agents probe software for flaws, run penetration tests, and chain together attack steps that once needed a human operator. Research about security has stayed slower and more manual, built around expert ...

Help Net Security

Review: Building Machine Learning Systems with a Feature Store

Many people come to machine learning by training a model on a tidy dataset, and then meet a harder problem: making that model work for real users, on fresh data, every day. Jim Dowling’s O’Reilly book, Building Machine Learning Systems with a Feature Store, is written for that...

Help Net Security

Your company already adopted AI and nobody is governing access

In this Help Net Security video, Antoine Berton, CTO at Elba Security, breaks down the AI attack surface. Your company already adopted AI, and every adoption creates access that nobody governs. A quick click on a Friday afternoon connects a free AI tool to your Google Workspac...

The Hacker News

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices. The vulnerabilities ...

vulnerability
Help Net Security

Apple Container: Open-source tool for Linux containers on the Mac

Developers on Apple silicon Macs have run Linux containers through software built around a single shared virtual machine for years. Apple’s open-source Container project gives each Linux workload its own lightweight virtual machine. Container is written in Swift and tuned for ...

Help Net Security

Microsoft wants to keep your AI agents from going rogue

Microsoft has introduced Microsoft Execution Containers (MXC), a cross-platform, policy-driven execution layer for AI agents on Windows and Windows Subsystem for Linux (WSL), now available in early preview. Updated Agent 365 platform (Source: Microsoft) Developers can define c...

microsoft
Help Net Security

Power shortages could slow AI data center expansion

AI adoption is increasing demand for data center capacity at the same time operators are running into limits around power, equipment, land, and permitting, according to NTT Data. Access to electricity is becoming a deciding factor in where new data centers are built, when new ...

Help Net Security

Cybersecurity jobs available right now: July 7, 2026

Application Security Lead Gett | Israel | Hybrid – View job details As an Application Security Lead, you will lead application and cloud security initiatives by integrating security into the SDLC, overseeing threat modeling, secure architecture, application security testing, a...

cloud
Dark Reading · SecurityWeek · The Hacker News3 stories

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

AIArmored Likho APT targets government and electric power entities in Russia, Brazil, and Kazakhstan, using the BusySnake stealer and modular RATs for espionage and financial gain.

Open narrative →
malwareapt
Show all coverage
BleepingComputer

Fake IT support calls on Microsoft Teams push EtherRAT malware

Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into installing the EtherRAT malware, giving attackers initial access to corporate networks. [...]

malwaremicrosoft
Security Affairs · BleepingComputer · The Hacker News · SOCRadar · SecurityWeek7 stories

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

AIAdobe patched seven maximum-severity (CVSS 10.0) vulnerabilities in ColdFusion and Campaign Classic that could lead to remote code execution.

Open narrative →
vulnerabilityzero day EPSS 1%
Show all coverage
SecurityWeek

Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks

Securonix says the sophisticated framework abuses compromised websites, Blogspot, PowerShell, and fileless techniques to evade detection and deploy the PureLog information stealer. The post Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks appeared first on SecurityWeek.

malware