vulnerability-management

Docker fixes AuthZ bypass bug that created containers with excessive privileges

• aiml
• patchconfiguration-management
• vulnerability-management

Docker fixes AuthZ bypass bug that created containers with excessive privileges

Laura French April 8, 2026

A crafted HTTP request can make restricted containers invisible to AuthZ plugins.

Read More Read more about Docker fixes AuthZ bypass bug that created containers with excessive privileges

Active exploitation of max severity Flowise bug threatens broad compromise

• aiml
• patchconfiguration-management
• vulnerability-management

Active exploitation of max severity Flowise bug threatens broad compromise

SC Staff April 7, 2026

More than 12,000 internet-exposed instances of open-source AI agent builder Flowise could be compromised by the ongoing...

Read More Read more about Active exploitation of max severity Flowise bug threatens broad compromise

Immediate remediation of Fortinet FortiClient EMS bug ordered by CISA

• patchconfiguration-management
• vulnerability-management

Immediate remediation of Fortinet FortiClient EMS bug ordered by CISA

SC Staff April 7, 2026

BleepingComputer reports that the Cybersecurity and Infrastructure Security Agency has called on federal civilian executive agencies to...

Read More Read more about Immediate remediation of Fortinet FortiClient EMS bug ordered by CISA

New CUPS vulnerabilities threaten RCE, network breaches

• iot
• network-security
• vulnerability-management

New CUPS vulnerabilities threaten RCE, network breaches

SC Staff April 7, 2026

Attackers could combine a pair of newly discovered vulnerabilities in the Common Unix Printing System used by...

Read More Read more about New CUPS vulnerabilities threaten RCE, network breaches

Windows zero-day vulnerability ‘BlueHammer’ exploit code released

• privileged-access-management
• vulnerability-management

Windows zero-day vulnerability ‘BlueHammer’ exploit code released

SC Staff April 7, 2026

The BlueHammer vulnerability is a local privilege escalation (LPE) flaw that combines a time-of-check to time-of-use (TOCTOU)...

Read More Read more about Windows zero-day vulnerability ‘BlueHammer’ exploit code released

Total takeover of Nvidia GPU-based devices possible with novel Rowhammer attacks

• Hardware
• vulnerability-management

Total takeover of Nvidia GPU-based devices possible with novel Rowhammer attacks

SC Staff April 6, 2026

Machines running high-performance Nvidia GPU cards, which are prevalent in cloud environments, could be completely hijacked through...

Read More Read more about Total takeover of Nvidia GPU-based devices possible with novel Rowhammer attacks

Fortinet issues Easter weekend hotfix for FortiClient EMS

• identity
• patchconfiguration-management
• vulnerability-management

Fortinet issues Easter weekend hotfix for FortiClient EMS

Steve Zurier April 6, 2026

Experts warn to apply hotfix right away for critical bug exploited in the wild.

Read More Read more about Fortinet issues Easter weekend hotfix for FortiClient EMS

N-able report highlights shift to proactive risk management in SOC operations

• incident-response
• soc
• vulnerability-management

N-able report highlights shift to proactive risk management in SOC operations

SC Staff April 6, 2026

The report identifies six key metrics for moving from reactive to proactive security.

Read More Read more about N-able report highlights shift to proactive risk management in SOC operations

DexterBot, Darksword, Eviltokens, Tubular Bells, Claude, Drift, Gmail, Josh Marpet… – SWN #569

• aiml
• phishing
• vulnerability-management

DexterBot, Darksword, Eviltokens, Tubular Bells, Claude, Drift, Gmail, Josh Marpet… – SWN #569

Doug White April 3, 2026

Read More Read more about DexterBot, Darksword, Eviltokens, Tubular Bells, Claude, Drift, Gmail, Josh Marpet… – SWN #569

Actively exploited Chrome zero-day patched

• vulnerability-management

Actively exploited Chrome zero-day patched

SC Staff April 2, 2026

Updates have been issued by Google to fix 21 vulnerabilities in its Chrome browser, including the actively...

Read More Read more about Actively exploited Chrome zero-day patched