Vendors
-
GitHub investigates claim of internal repository theft after TeamPCP listing
GitHub said it is investigating unauthorized access to internal repositories after TeamPCP claimed it was selling source code and internal data. The company said it has no evidence of customer impact outside internal repositories.
-
Researchers disclose critical SEPPMail gateway flaws that could allow remote code execution
Researchers disclosed seven critical flaws in SEPPMail Secure E-Mail Gateway that could allow remote code execution and reading of arbitrary mail. SEPPmail has issued fixes across recent versions, including patches for multiple CVEs rated above 9.0.
-
Grafana says GitHub token breach let intruder download codebase
Grafana said a stolen token let an unauthorized party access its GitHub environment and download code. The company said no customer data was exposed and that the attacker later tried to extort payment.
-
Avada Builder WordPress flaws could expose site credentials, database data
Two flaws in the Avada Builder WordPress plugin could let attackers read server files or pull data from the database. The issues affect versions through 3.15.2 and 3.15.1, and site owners were urged to upgrade to 3.15.3.
-
OpenAI says two employees were affected in TanStack supply chain attack
OpenAI said two employees were affected in the TanStack supply chain attack, and it rotated code-signing certificates as a precaution. The company said customer data and production systems were not impacted.
-
Microsoft says on-prem Exchange flaw under active exploitation
Microsoft said an actively exploited Exchange Server flaw affects on-premises versions 2016, 2019 and Subscription Edition. The company issued temporary mitigations and said Exchange Online is not affected.
-
Cisco patches critical SD-WAN Controller flaw after limited exploitation
Cisco said a critical authentication bypass in Catalyst SD-WAN Controller, CVE-2026-20182, was exploited in limited attacks. The flaw can let a remote attacker gain administrative access and alter SD-WAN network settings.
-
New Fragnesia Linux flaw can grant root access, researchers say
Fragnesia is a new Linux kernel local privilege escalation flaw that can grant root access, according to a technical analysis. The issue affects the XFRM ESP-in-TCP subsystem and has prompted advisories from multiple Linux distributions.
-
NGINX flaw left hidden for 18 years could allow remote code execution
A critical NGINX rewrite module flaw hidden for 18 years can let a remote attacker trigger code execution or denial of service with crafted requests, according to a technical analysis and vendor advisory.
-
Google adds Android intrusion logging to help investigate spyware attacks
Google introduced an opt-in Android intrusion logging feature for suspected spyware cases. The encrypted logs are stored for 12 months, can be downloaded by users, and are rolling out to devices with the Android 16 December update and later.
