SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558) - Help Net Security
14h 10m ago in cybersecurity@sh.itjust.works from www.helpnetsecurity.comRokarolla Android Trojan Levels Up to Full Device Control
14h 23m ago in cybersecurity@sh.itjust.works from www.darkreading.comMalicious JetBrains Marketplace plugins steal AI API keys from developers
14h 34m ago in cybersecurity@sh.itjust.works from www.bleepingcomputer.com
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
15h 8m ago in cybersecurity@sh.itjust.works from thehackernews.com
Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research | Google Cloud Blog
15h 26m ago in cybersecurity@sh.itjust.works from cloud.google.comRansomware gang abuses Microsoft Teams relays to hide malicious traffic
1d 6h ago in cybersecurity@sh.itjust.works from www.bleepingcomputer.com
UNC1151 Gmail Phishing Campaign Targets 2FA Credentials
1d 6h ago in cybersecurity@sh.itjust.works from thecyberexpress.comCritical Fortinet FortiSandbox flaws now exploited in attacks
1d 10h ago in cybersecurity@sh.itjust.works from www.bleepingcomputer.comChina-Nexus Actor Spies on US Researchers Undetected for a Year
1d 12h ago in cybersecurity@sh.itjust.works from www.darkreading.com
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
1d 12h ago in cybersecurity@sh.itjust.works from thehackernews.comSeems Udemy got hacked, but hasn't told anyone yet
1mon 20d ago in cybersecurity@sh.itjust.worksLooks like it: https://haveibeenpwned.com/Breach/Udemy
ShinyHunters leak 12.4M CarGurus records after ransom threat
3mon 22d ago in cybersecurity@sh.itjust.works from cybernews.comDone, thanks!
Bloody Wolf: A Blunt Crowbar Threat To Justice
6mon 22d ago in cybersecurity@sh.itjust.works from www.group-ib.comEdited. Thanks!
Critical Key Derivation Flaws in pbkdf2 Affect Millions of JavaScript Projects, PoC Available
11mon 28d ago in cybersecurity@sh.itjust.works from securityonline.infoSorry. It was not paywalled for me when I first saw. More info from different source: https://feedly.com/cve/CVE-2025-6545
Google Cloud incident report
1y 7d ago in cybersecurity@sh.itjust.works from status.cloud.google.comThe incident occurred on June 12, 2025, due to a policy change that contained blank fields, causing 503 errors in Google Cloud and Google Workspace APIs. The root cause was:
- A new feature added to Service Control on May 29, 2025, without adequate error handling.
- The policy change with blank fields was globally replicated and caused Service Control binaries to crash.
84% of Organizations’ SOC Analysts are Unknowingly Investigating the Same Incidents
1y 11d ago in cybersecurity@sh.itjust.works from www.globenewswire.comThanks! Corrected
Critical Linux Vulnerabilities Expose Password Hashes on Millions of Linux Systems Worldwide
1y 20d ago in cybersecurity@sh.itjust.works from cybersecuritynews.comThe first vulnerability, CVE-2025-5054, affects Ubuntu’s Apport crash reporting system, while the second, CVE-2025-4598, impacts systemd-coredump, the default core dump handler used across Red Hat Enterprise Linux 9 and 10, as well as Fedora distributions.
Coinbase data breach exposes customer info and government IDs
1y 1mon ago in cybersecurity@sh.itjust.works from www.bleepingcomputer.com
You think ransomware is bad? Wait until it infects CPUs
1y 1mon ago in cybersecurity@sh.itjust.works from www.theregister.comNoted!