ASP.NET Core
-
Microsoft patches critical ASP.NET Core flaw that could enable privilege escalation
Microsoft has issued an out-of-band fix for a critical ASP.NET Core vulnerability, CVE-2026-40372, that could let attackers elevate privileges and forge protected payloads under specific conditions.
-
China-linked Ink Dragon group targets European government networks, Check Point says
Check Point Research says a China-linked hacking cluster known as Ink Dragon has focused on European government targets since July 2025, using web shells, ShadowPad relays and modular tooling including FINALDRAFT to maintain stealthy, long-term access across multiple regions.
-
QNAP: Windows NetBak PC Agent affected by critical ASP.NET Core flaw
QNAP warned that its NetBak PC Agent for Windows is impacted by CVE-2025-55315, a critical ASP.NET Core vulnerability in the Kestrel web server that can enable credential hijacking or request-smuggling attacks, and urged users to reinstall the agent or install the latest ASP.NET Core runtime.
