ZCyberNews
中文

#vulnerability

9 articles

The artificial intelligence sector faces significant exposure as a wave of vulnerabilities impacts healthcare, IT services, managed service providers, and residential environments. Among the 11 articles published between April 12 and April 21, 2026, five critical, three high, two medium, and one informational severity issues were documented. Key CVEs include CVE-2026-1731 and CVE-2026-5760, both with a CVSS score of 9.8, alongside CVE-2026-5492 (6.5), CVE-2024-3721 (6.3), and CVE-2022-39173.

Bomgar RMM Exploit Fuels Ransomware and Supply Chain AttacksCRITICAL
Vulnerabilities

Bomgar RMM Exploit Fuels Ransomware and Supply Chain Attacks

CVE-2026-1731, a critical 9.8 CVSS flaw in BeyondTrust's Bomgar RMM, is being actively exploited to deploy ransomware and compromise IT service providers in global supply chain attacks.

CVE-2026-1731
3 min read
Windows Snipping Tool Vulnerability Leaks NTLM Hashes via Malicious LinksHIGH
Vulnerabilities

Windows Snipping Tool Vulnerability Leaks NTLM Hashes via Malicious Links

CVE-2026-33829 in Windows Snipping Tool allows attackers to steal NTLMv2 hashes via malicious links. A public PoC exploit targets the ms-screensketch protocol to enable credential relay attacks.

CVE-2026-33829
3 min read
SGLang Vulnerability CVE-2026-5760 Enables Remote Code Execution via GGUF FilesCRITICAL
Vulnerabilities

SGLang Vulnerability CVE-2026-5760 Enables Remote Code Execution via GGUF Files

CVE-2026-5760, a critical 9.8 CVSS flaw in the SGLang inference engine, allows attackers to execute arbitrary code by uploading malicious GGUF model files, compromising AI/ML serving deployments.

CVE-2026-5760
2 min read
DriveLock Directory Traversal Vulnerability Exposes Sensitive System InformationMEDIUM
Vulnerabilities

DriveLock Directory Traversal Vulnerability Exposes Sensitive System Information

A directory traversal vulnerability (CVE-2026-5492) in DriveLock endpoint security software allows authenticated attackers to read arbitrary files, potentially exposing sensitive system information and configuration data.

CVE-2026-5492
3 min read
Mirai Variant Nexcorium Exploits DVR Flaw to Build DDoS BotnetMEDIUM
Malware

Mirai Variant Nexcorium Exploits DVR Flaw to Build DDoS Botnet

A new Mirai botnet variant, 'Nexcorium,' is exploiting a command injection flaw (CVE-2024-3721) in TBK DVRs and end-of-life TP-Link routers to conscript devices into a distributed denial-of-service (DDoS) swarm.

CVE-2024-3721
4 min read
TP-Link Router Flaw Exploited by Mirai Botnet VariantCRITICAL
Threat Intel

TP-Link Router Flaw Exploited by Mirai Botnet Variant

Attackers are exploiting CVE-2023-33538, a command injection flaw in TP-Link Archer AX21 routers, to deploy a Mirai botnet variant. The campaign hijacks devices for DDoS attacks and credential theft.

CVE-2023-33538
4 min read
Critical wolfSSL Flaw Allows Attackers to Forge TLS CertificatesCRITICAL
Vulnerabilities

Critical wolfSSL Flaw Allows Attackers to Forge TLS Certificates

A critical vulnerability (CVE-2022-39173) in the wolfSSL library allows attackers to forge TLS certificates, enabling MITM attacks and impersonation of trusted services.

CVE-2022-39173
4 min read
Orthanc DICOM CVE-2023-26012: Pre-Auth RCE on Imaging ServersHIGH
Vulnerabilities

Orthanc DICOM CVE-2023-26012: Pre-Auth RCE on Imaging Servers

Three flaws in Orthanc DICOM server let unauthenticated attackers crash, read, or take over hospital imaging systems. Affected versions and patch details inside.

CVE-2023-26012CVE-2023-26013CVE-2023-26014
2 min read
Metasploit Framework Expands with Cisco, osTicket Exploits and LDAP EnhancementsINFORMATIONAL
Tools & Techniques

Metasploit Framework Expands with Cisco, osTicket Exploits and LDAP Enhancements

The latest Metasploit Framework release introduces exploit modules for Cisco Catalyst SD-WAN and osTicket, alongside significant improvements to LDAP/ADCS data collection and Windows persistence techniques.

3 min read

Stay Updated

Get the latest cybersecurity news delivered to your inbox.