ZCyberNews
中文

Articles

432 articles

Delta ASDA-Soft PAR Buffer Overflow Hits 7.8 CVSSHIGH
Vulnerabilities

Delta ASDA-Soft PAR Buffer Overflow Hits 7.8 CVSS

CVE-2026-5726: A stack-based buffer overflow in Delta Electronics ASDA-Soft PAR file parsing scores 7.8 CVSS and enables remote code execution via crafted PAR files.

CVE-2026-5726
3 min read
Elastic Security Backs UK MoD Defence Cyber Marvel 2026 ExerciseINFORMATIONAL
Industry News

Elastic Security Backs UK MoD Defence Cyber Marvel 2026 Exercise

Elastic Security Labs deployed AI-driven detection pipelines for the UK Ministry of Defence's Defence Cyber Marvel 2026 exercise, processing 1.2TB of telemetry across 50 simulated…

2 min read
FortiGate SSO Bypass CVE-2025-59718 Exploited in Active AttacksCRITICAL
Vulnerabilities

FortiGate SSO Bypass CVE-2025-59718 Exploited in Active Attacks

Rapid7 IR confirms active exploitation of CVE-2025-59718 — a 9.8-CVSS FortiGate SSO bypass — enabling attackers to gain persistent admin access on unpatched appliances.

CVE-2025-59718
2 min read
Locked Shields 2026: 41 Nations Train in Largest Cyber Defense
Industry News

Locked Shields 2026: 41 Nations Train in Largest Cyber Defense

Locked Shields 2026 involved 41 nations in the largest live-fire cyber defense exercise, testing response to critical infrastructure attacks including power grid and telecom…

2 min read
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 PrivilegeCRITICAL
Vulnerabilities

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege

Microsoft released out-of-band patches for CVE-2026-40372, a 9.1-CVSS privilege escalation flaw in ASP.NET Core affecting all supported versions.

CVE-2026-40372
3 min read
ADT Confirms Breach as ShinyHunters Leaks Customer DataHIGH
Industry News

ADT Confirms Breach as ShinyHunters Leaks Customer Data

ADT confirmed a data breach after ShinyHunters leaked 30,000+ customer records including names, emails, and account details from a compromised Salesforce instance.

2 min readShinyHunters
AI Agent Authority Gap Creates New Enterprise Security Blind SpotsHIGH
Industry News

AI Agent Authority Gap Creates New Enterprise Security Blind Spots

The Hacker News reports AI agents create a structural security gap: delegated actors lack continuous oversight, enabling lateral movement and privilege escalation without human…

3 min read
AI-Powered Phishing Surges as Attackers Personalize Lures at ScaleHIGH
Industry News

AI-Powered Phishing Surges as Attackers Personalize Lures at Scale

Enterprises report a sharp rise in AI-generated phishing campaigns that craft personalized lures at scale, moving from broad sprays to 1-to-1 targeting in the last six months.

2 min read
Copperhelm Raises $7M for Agentic Cloud Security Platform
Industry News

Copperhelm Raises $7M for Agentic Cloud Security Platform

Copperhelm, an Israel-based startup founded by ex-RSA and McAfee engineers, raised $7 million in seed funding for an agentic AI platform that autonomously hunts cloud…

2 min read
Docker Desktop ECI Flaw CVE-2026-6406 Lets Attackers EscalateHIGH
Vulnerabilities

Docker Desktop ECI Flaw CVE-2026-6406 Lets Attackers Escalate

CVE-2026-6406 (CVSS 8.8) in Docker Desktop's Enhanced Container Isolation allows local attackers with low-privileged code execution inside a container to escalate privileges on…

CVE-2026-6406
3 min read
DORA Mandates Credential Management as Financial Risk ControlHIGH
Industry News

DORA Mandates Credential Management as Financial Risk Control

EU's DORA Article 9 legally requires financial firms to enforce authentication and access controls. A breach at a UK bank shows the cost of non-compliance.

2 min read
LMDeploy SSRF Flaw CVE-2026-33626 Exploited 13 Hours After DisclosureHIGH
Vulnerabilities

LMDeploy SSRF Flaw CVE-2026-33626 Exploited 13 Hours After Disclosure

CVE-2026-33626 (CVSS 7.5) in LMDeploy, an open-source LLM toolkit, was exploited in the wild within 13 hours of public disclosure, enabling SSRF attacks to access sensitive…

CVE-2026-33626
3 min read
← PrevPage 23 of 36Next →