Épisodes

  • Daily DefSec Brief - Cyber Security News for July 8 2026
    Jul 8 2026
    1. CISA adds ColdFusion, Langflow, and two Joomla plugins to KEV — patch by Friday — CVE-2026-48282, CVE-2026-55255, CVE-2026-48908, CVE-2026-56290 — CISA KEV: https://www.cisa.gov/known-exploited-vulnerabilities-catalog · BleepingComputer: https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-prioritize-patching-langflow-auth-bypass-flaw/ · SecurityWeek: https://www.securityweek.com/cisa-urges-immediate-patching-of-exploited-coldfusion-langflow-joomla-flaws/ 2. Ubiquiti patches max-severity command injection in UniFi Connect — CVE-2026-50746 (plus CVE-2026-50747, -50748, -54400, -54402, -55115, -55116) — BleepingComputer: https://www.bleepingcomputer.com/news/security/ubiquiti-warns-of-new-max-severity-unifi-os-vulnerability/ 3. Critical Gitea auth bypass under active exploitation — CVE-2026-20896 — SecurityWeek: https://www.securityweek.com/critical-gitea-flaw-under-active-exploitation-researchers-warn/ 4. GhostLock: 15-year-old Linux kernel flaw gives root and container escape — CVE-2026-43499 — The Hacker News: https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html Also mentioned: - China-linked UAT-7810 expands ORB network with LONGLEASH malware via Ruckus routers — Cisco Talos via BleepingComputer: https://www.bleepingcomputer.com/news/security/chinese-hackers-develop-longleash-malware-to-expand-orb-network/ - GitLost prompt-injection leaks private GitHub repo data via public issues — The Hacker News: https://thehackernews.com/2026/07/public-github-issue-could-trick-github.html - Malvertising campaign drops Vidar stealer and XMRig miner via fake cracked software — Unit 42: https://unit42.paloaltonetworks.com/vidar-stealer-xmrig-miner-campaign-analysis/ - Hardcoded backdoor password in Tenda router firmware (CVE-2026-11405) — CERT/CC via BleepingComputer: https://www.bleepingcomputer.com/news/security/hidden-backdoor-in-tenda-router-firmware-grants-admin-access/
    Afficher plus Afficher moins
    5 min
  • Daily DefSec Brief - Cyber Security News for July 7 2026
    Jul 7 2026
    1. BeyondTrust patches critical auth-bypass flaws in Remote Support and Privileged Remote Access — CVE-2026-40138, CVE-2026-40139 — BleepingComputer — https://www.bleepingcomputer.com/news/security/beyondtrust-warns-of-critical-flaws-in-remote-access-software/ 2. Fake Microsoft Teams IT-support calls deliver EtherRAT malware — no CVE (technique; Unit 42 / Palo Alto Networks) — BleepingComputer — https://www.bleepingcomputer.com/news/security/fake-it-support-calls-on-microsoft-teams-push-etherrat-malware/ 3. Cisco patches RCE and info-disclosure flaws in Identity Services Engine — CVE-2026-20181, CVE-2026-20190 — Cisco PSIRT — https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv 4. "Januscape" Linux kernel flaw allows VM escape on Intel and AMD hosts — CVE-2026-53359 — SecurityWeek — https://www.securityweek.com/linux-kernel-vulnerability-allows-vm-escape-on-intel-and-amd-systems/
    Afficher plus Afficher moins
    5 min
  • The Microsoft login page that phishing training can't save you from
    Jul 6 2026
    1. Attackers phishing Microsoft's device-code login flow — no CVE (flow abuse) — Securelist (Kaspersky) — https://securelist.com/microsoft-device-code-phishing-attack/120350/ 2. Unauthenticated PHP-FPM crash via TLS stream wrapper — CVE-2026-12184 — Cyber Security News — https://cybersecuritynews.com/multiple-php-vulnerabilities-dos/ 3. ModSecurity WAF input-inspection bypass bugs — CVE-2026-52761, CVE-2026-52747 — Cyber Security News — https://cybersecuritynews.com/modsecurity-vulnerabilities/ 4. Attackers abusing OpenAI's org-invite system — no CVE (feature abuse) — Cyber Security News (citing Push Security) — https://cybersecuritynews.com/hackers-use-openai-org-invites/ Also mentioned: - ClamAV patches seven scanner bugs (update to 1.5.3 / 1.4.5 LTS) — Help Net Security — https://www.helpnetsecurity.com/2026/07/06/clamav-security-patch-versions/ - Cisco Catalyst Center arbitrary file read (CVE-2026-20191) — Cisco PSIRT — https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-file-read-wLH2vf8X - Opera GX zero-click browser-mod / Gmail-address bug (update to 130.0.5847.89) — The Hacker News — https://thehackernews.com/2026/07/opera-gx-flaw-let-malicious-sites-auto.html - Gaslight North Korean-linked macOS malware — Cyber Security News — https://cybersecuritynews.com/gaslight-macos-malware-uses-prompt-injection/
    Afficher plus Afficher moins
    6 min