nerdDual

NerdDual Nav

Chatbox

You must be logged in to post comments on this site - please either log in from the Login box or from here.

dj617 9 months ago

@djames617 Welcome

Headlines

The Hacker News

»	Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data New Microsoft research shows how attackers can hijack AI agents that act on a user's behalf, using nothing more than a poisoned tool description to...
»	RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching the...

Date published: Wed, 01 Jul 2026 03:52:51 +0530
Details

darkreading

»	Fake Bug Report Hijacks AI Coding Agents at Scale "Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instruc...
»	Attackers Hijack Exposed AI Endpoints to Power Offensive Ops Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.

Date published: not known

Schneier on Security

»	The Realities of AI Video Surveillance
»	Factoring RSA Keys with Many Zeros

Date published: not known
Details

Latest Newsroom

»	RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS A new two-stage malware family ca...
»	CVE-2026-48558: SimpleHelp OIDC Flaw Added to KEV CVE-2026-48558: SimpleHelp OIDC Flaw Added to KEV Authentication systems are built on trust.But when that...

Date published: Tue, 30 Jun 2026 17:45:25 +0000
Details

Cyber Security Advisories - MS-ISAC

»	Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful explo...
»	A Vulnerability in PAN-OS Could Allow for Authentication Bypass A vulnerability has been discovered in the GlobalProtect portal and gateway of PAN-OS which could allow for authentication bypass. The PAN-OS Globa...

Date published: not known

Latest Vulnerabilities

»	CVE-2026-50040 - Cross-site Scripting in StoneFly Storage Concentrator CVE ID :CVE-2026-50040 Published : June 30, 2026, 10:27 p.m. \| 44 minutes ago Description :Storage Concentrator (SC & SCVM) is vulnera...
»	CVE-2026-28322 - SolarWinds Database Performance Analyzer Stored Cross-Site Scripting Vulnerability CVE ID :CVE-2026-28322 Published : June 30, 2026, 10:15 p.m. \| 56 minutes ago Description :SolarWinds Database Performance Analyzer wa...

Date published: Tue, 30 Jun 2026 22:27:37 +0000
Details

This web site requires that javascript be enabled. Click here for instructions..

Latest Newsroom

RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS

A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online s ...

Published Date: Jun 30, 2026 (4 hours ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-20245 CVE-2025-29635 CVE-2024-1781 CVE-2018-8007 CVE-2017-17215
CVE-2026-48558: SimpleHelp OIDC Flaw Added to KEV
CVE-2026-48558: SimpleHelp OIDC Flaw Added to KEV

Authentication systems are built on trust.But when that trust is broken at the protocol layer, the entire security model collapses.That is exactly what happened with CVE-2026-48558, a critical vulnera ...

Published Date: Jun 30, 2026 (5 hours, 1 minute ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-55200 CVE-2026-48558
Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026- ...

Published Date: Jun 30, 2026 (5 hours, 58 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-20245 CVE-2026-5027 CVE-2026-33017 CVE-2025-3248
Vulnerabilities in KTM System e-BOK software
Vulnerabilities in KTM System e-BOK software

Vulnerabilities in KTM System e-BOK software CVE ID CVE-2026-35095 Publication date 30 June 2026 Vendor KTM System Product e-BOK Vulnerable versions All before 06.2026 Vulnerability type (CWE) Session ...

Published Date: Jun 30, 2026 (6 hours, 50 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-35098 CVE-2026-35097 CVE-2026-35096 CVE-2026-35095
Vulnerabilities in fzf software
Vulnerabilities in fzf software

Vulnerabilities in fzf software CVE ID CVE-2026-53432 Publication date 30 June 2026 Vendor fzf Product fzf Vulnerable versions All before 0.73.1 Vulnerability type (CWE) Integer Overflow or Wraparound ...

Published Date: Jun 30, 2026 (7 hours, 50 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-53433 CVE-2026-53432
Vulnerabilities in Redeight CMS software
Vulnerabilities in Redeight CMS software

Vulnerabilities in Redeight CMS software CVE ID CVE-2026-53690 Publication date 30 June 2026 Vendor Redeight Product Redeight CMS Vulnerable versions 1.0 Vulnerability type (CWE) Improper Neutralizati ...

Published Date: Jun 30, 2026 (9 hours, 50 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-53692 CVE-2026-53691 CVE-2026-53690
Gevaarlijk lek in SimpleHelp RMM-servers actief misbruikt bij aanvallen
Gevaarlijk lek in SimpleHelp RMM-servers actief misbruikt bij aanvallen

Een gevaarlijke kwetsbaarheid in SimpleHelp RMM-servers wordt actief misbruikt bij aanvallen en kan grote gevolgen voor allerlei organisaties hebben, zo waarschuwt het Amerikaanse cyberagentschap CISA ...

Published Date: Jun 30, 2026 (10 hours, 11 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-48558
Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer
Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Steal ...

Published Date: Jun 30, 2026 (10 hours, 27 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-48558 CVE-2026-20245
Vulnerability in Raytha CMS software
Vulnerability in Raytha CMS software

Vulnerability in Raytha CMS software CVE ID CVE-2026-12076 Publication date 30 June 2026 Vendor Raytha Product Raytha Vulnerable versions 1.5.2 Vulnerability type (CWE) Improper Neutralization of Spec ...

Published Date: Jun 30, 2026 (10 hours, 50 minutes ago)

Vulnerabilities has been mentioned in this article.
Beveiligingslek in Microsoft Defender misbruikt bij ransomware-aanvallen
Beveiligingslek in Microsoft Defender misbruikt bij ransomware-aanvallen

Een beveiligingslek in Microsoft Defender, de antivirussoftware die standaard in Windows zit ingebouwd, wordt actief misbruikt bij ransomware-aanvallen, zo waarschuwt het Amerikaanse cyberagentschap C ...

Published Date: Jun 30, 2026 (12 hours, 15 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2026-33825