radar.cysentrix

Security Radar

Page 1 of 10 · 1039 stories from the last 30 days across 19 trusted sources.

Actively exploited 23 actively exploited CVEs in current coverage
View all CVEs →
  • CVE-2025-5777

    Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

    1storyEPSS 100%
  • CVE-2026-10520

    An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

    1storyEPSS 99%
  • CVE-2026-33017

    Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data (containing arbitrary Python code in node definitions) instead of the stored flow data from the database. This code is passed to exec() with zero sandboxing, resulting in unauthenticated remote code execution. This is distinct from CVE-2025-3248, which fixed /api/v1/validate/code by adding authentication. The build_public_tmp endpoint is designed to be unauthenticated (for public flows) but incorrectly accepts attacker-supplied flow data containing arbitrary executable code. This issue has been fixed in version 1.9.0.

    1storyEPSS 98%
  • CVE-2026-35273

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

    2storiesEPSS 92%
  • CVE-2026-20253

    In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service.

    6storiesEPSS 88%
  • CVE-2026-48907

    A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.

    1storyEPSS 80%
Security Affairs · BleepingComputer · The Hacker News · SOCRadar · SecurityWeek7 stories

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

AIAdobe patched seven maximum-severity (CVSS 10.0) vulnerabilities in ColdFusion and Campaign Classic that could lead to remote code execution.

Open narrative →
vulnerabilityzero day EPSS 1%
Show all coverage
SecurityWeek

Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks

Securonix says the sophisticated framework abuses compromised websites, Blogspot, PowerShell, and fileless techniques to evade detection and deploy the PureLog information stealer. The post Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks appeared first on SecurityWeek.

malware
The Hacker News

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from the DevOps platform trusting the "X-...

vulnerability
SecurityWeek

The Shift Toward Business-Aligned Risk Management

Moving from isolated, technical data to a continuous risk lifecycle can help organizations align security controls with actual business consequences. The post The Shift Toward Business-Aligned Risk Management appeared first on SecurityWeek.

CyberScoop

Sysdig clocks first documented case of agentic ransomware

The AI agent didn’t accomplish every step in the late June 2026 attack, but it allowed the threat actor to significantly reduce complexity, speed up the tempo and gain operational advantages. The post Sysdig clocks first documented case of agentic ransomware appeared first on ...

ransomwareapt
SecurityWeek · The Hacker News2 stories

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

AIArmored Likho APT targets government and electric power entities in Russia, Brazil, and Kazakhstan, using the BusySnake stealer and modular RATs for espionage and financial gain.

Open narrative →
aptmalware
Show all coverage
BleepingComputer

Software Is Now Written at the Speed of Thought. Security Isn't.

Every evolution in software development has reduced the friction between an idea and a deployable application. AI may remove the final barrier, but it also removes many of the moments where security decisions have traditionally taken place. [...]

SANS Internet Storm Center

RCS and DNS: The NAPTR Record, (Mon, Jul 6th)

Over the last year, with recent updates to iOS and Android, RCS (Rich Communication Services) has become an increasingly used protocol [1]. RCS is supposed to eventually replace SMS, and in addition to richer formatting, provides added (but optional) security. RCS messages may...

SecurityWeek

North Korean Hackers Target Open Source Developers in Supply Chain Attacks

The PolinRider campaign has compromised more than 100 legitimate open source packages and repositories to deliver a backdoor and information stealer to developers. The post North Korean Hackers Target Open Source Developers in Supply Chain Attacks appeared first on SecurityWeek.

malwaresupply chain