vulnerability-management

Pretalx vulnerability allows account takeover and admin demotion

• vulnerability-management

Pretalx vulnerability allows account takeover and admin demotion

SC Staff June 1, 2026

The vulnerability, with a CVSS score of 8.7, can be exploited with low privileges and complexity.

Read More Read more about Pretalx vulnerability allows account takeover and admin demotion

New CIFSwitch vulnerability allows Linux privilege escalation

• vulnerability-management

New CIFSwitch vulnerability allows Linux privilege escalation

SC Staff June 1, 2026

The CIFSwitch vulnerability, which was discovered by SpaceX Security Engineer Asim Viladi Oglu Manizada, impacts multiple Linux...

Read More Read more about New CIFSwitch vulnerability allows Linux privilege escalation

PAN-OS authentication bypass bug added to list of exploited vulnerabilities

• patchconfiguration-management
• vulnerability-management

PAN-OS authentication bypass bug added to list of exploited vulnerabilities

Steve Zurier June 1, 2026

While NIST upgraded the bug to 9.1, experts say teams must focus more on how attackers can...

Read More Read more about PAN-OS authentication bypass bug added to list of exploited vulnerabilities

Helping defense’s use of AI catch up with offense, cost of the vulnpocalypse, news – Evan Powell – ESW #461

• ai-benefitsrisks
• aiml
• vulnerability-management

Helping defense’s use of AI catch up with offense, cost of the vulnpocalypse, news – Evan Powell – ESW #461

Adrian Sanabria June 1, 2026

Read More Read more about Helping defense’s use of AI catch up with offense, cost of the vulnpocalypse, news – Evan Powell – ESW #461

Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet – SWN #585

• aiml
• phishing
• vulnerability-management

Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet – SWN #585

Doug White May 29, 2026

Read More Read more about Sidhe, GreyVibe, Claude, Lightwell, Eclipse, Kimsuky, Obscure Beliefs, Josh Marpet – SWN #585

Zapier security flaws could have exposed millions of user accounts

• vulnerability-management

Zapier security flaws could have exposed millions of user accounts

SC Staff May 29, 2026

The flaws, disclosed by Token Security, did not require malware or insider access, only a free Zapier...

Read More Read more about Zapier security flaws could have exposed millions of user accounts

Linux Supply Chain How-To – PSW #928

• ai-benefitsrisks
• aiml
• vulnerability-management

Linux Supply Chain How-To – PSW #928

Paul Asadoorian May 28, 2026

Read More Read more about Linux Supply Chain How-To – PSW #928

High-severity Starlette vulnerability ‘BadHost’ could expose sensitive data

• vulnerability-management

High-severity Starlette vulnerability ‘BadHost’ could expose sensitive data

SC Staff May 27, 2026

The flaw, tracked as CVE-2026-48710, arises from the framework's handling of malformed Host headers.

Read More Read more about High-severity Starlette vulnerability ‘BadHost’ could expose sensitive data

CISA adds LiteSpeed cPanel plugin bug to exploited vulnerabilities list

• patchconfiguration-management
• vulnerability-management

CISA adds LiteSpeed cPanel plugin bug to exploited vulnerabilities list

Steve Zurier May 27, 2026

CISA warns of exploited LiteSpeed flaw putting shared hosting at risk.

Read More Read more about CISA adds LiteSpeed cPanel plugin bug to exploited vulnerabilities list

Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland – SWN #584

• malware
• Privacy
• vulnerability-management

Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland – SWN #584

Doug White May 26, 2026

Read More Read more about Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland – SWN #584