ZCyberNews
中文

Articles

432 articles

GitHub Enterprise Server SSRF Lets Attackers Reach Internal ServicesHIGH
Vulnerabilities

GitHub Enterprise Server SSRF Lets Attackers Reach Internal Services

CVE-2026-8034: A server-side request forgery flaw in GitHub Enterprise Server notebook viewer exploits URL parser confusion, letting attackers access internal services.

CVE-2026-8034
3 min read
Go ReverseProxy Flaw CVE-2026-39825 Leaks Query ParametersHIGH
Vulnerabilities

Go ReverseProxy Flaw CVE-2026-39825 Leaks Query Parameters

CVE-2026-39825 in Go's ReverseProxy allows query parameters invisible to Rewrite functions to be forwarded, bypassing sanitization in net/http.

CVE-2026-39825
3 min read
JeecgBoot SQLi Flaw CVE-2026-8114 Exploit Publicly AvailableMEDIUM
Vulnerabilities

JeecgBoot SQLi Flaw CVE-2026-8114 Exploit Publicly Available

CVE-2026-8114 (CVSS 6.5) in JeecgBoot up to 3.9.1 enables remote SQL injection via the /sys/dict/loadTreeData endpoint. Exploit code is public.

CVE-2026-8114
3 min read
NWHStealer Uses Bun JavaScript Runtime to Evade DetectionHIGH
Malware

NWHStealer Uses Bun JavaScript Runtime to Evade Detection

Attackers repurpose the Bun JavaScript runtime to distribute NWHStealer, a Rust-based infostealer targeting browsers, crypto wallets, and FTP apps via game lures and fake software.

3 min readNWHStealer
OceanLotus APT Uses PyPI Packages to Deliver ZiChatBot MalwareHIGH
Malware

OceanLotus APT Uses PyPI Packages to Deliver ZiChatBot Malware

Kaspersky attributes a PyPI supply chain campaign to OceanLotus APT, using fake wheel packages to drop ZiChatBot malware that abuses Zulip chat APIs for C2 on Windows and Linux.

4 min readOceanLotus
OpenStack Cyborg API Flaw Lets Low-Privilege Users Reprogram FPGAsHIGH
Vulnerabilities

OpenStack Cyborg API Flaw Lets Low-Privilege Users Reprogram FPGAs

CVE-2026-40213 (CVSS 7.4) in OpenStack Cyborg before 16.0.1 uses rule:allow as default policy, letting any authenticated Keystone token holder reprogram FPGA bitstreams on...

CVE-2026-40213
3 min read
PamDOORa Backdoor Steals SSH Credentials via Linux PAM ModulesHIGH
Malware

PamDOORa Backdoor Steals SSH Credentials via Linux PAM Modules

A new Linux backdoor named PamDOORa, sold for $1,600 on the Rehub forum, uses PAM modules to steal SSH credentials via a magic password and TCP port combination.

3 min readdarkworm
Quasar Linux RAT Targets Developers for Supply Chain AttacksHIGH
Malware

Quasar Linux RAT Targets Developers for Supply Chain Attacks

A new Linux implant codenamed QLNX steals developer credentials, keystrokes, and clipboard data. Targets DevOps environments for software supply chain compromise.

3 min readQuasar Linux RAT
Spring Cloud Config Server Leaks Secrets in Trace LogsMEDIUM
Vulnerabilities

Spring Cloud Config Server Leaks Secrets in Trace Logs

CVE-2026-41004 (CVSS 4.4): Spring Cloud Config Server writes plaintext secrets to logs when trace logging is enabled. Affects versions 3.1.0–3.1.13 and 4.1.0–4.1.9.

CVE-2026-41004
3 min read
TCLBANKER Trojan Targets 59 Banks, Spreads via WhatsApp and OutlookHIGH
Malware

TCLBANKER Trojan Targets 59 Banks, Spreads via WhatsApp and Outlook

Elastic Security Labs tracks REF3076 — a Brazilian banking trojan called TCLBANKER that targets 59 financial platforms and spreads via WhatsApp worms and Outlook email propagation.

3 min readTCLBANKER
Boost Security Raises $4M, Acquires SecureIQx and Korbit.ai
Industry News

Boost Security Raises $4M, Acquires SecureIQx and Korbit.ai

Boost Security raised $4M to expand its AI-native SDLC defense platform, acquiring SecureIQx for reachability analysis and Korbit.ai for code review.

3 min read
Chrome 148 Patches 127 Flaws, Three Critical Use-After-Free BugsCRITICAL
Vulnerabilities

Chrome 148 Patches 127 Flaws, Three Critical Use-After-Free Bugs

Google's Chrome 148 fixes 127 vulnerabilities including three critical-severity bugs (CVE-2026-7896, CVE-2026-7897, CVE-2026-7898) — integer overflow in Blink and use-after-free...

CVE-2026-7896CVE-2026-7897CVE-2026-7898
3 min read
← PrevPage 13 of 36Next →