[{"published": "2026-06-07 17:41", "relative_age": "2 h", "source": "Sydsvenskan", "category": "sweden", "title": "Attack mot Tjernobyllager för kärnavfall", "link": "https://www.sydsvenskan.se/varlden/attack-mot-tjernobyllager-for-karnavfall/", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "En rysk drönare har träffat ett lager för kärnbränsle i området kring Tjernobyl, meddelar ukrainska Energoatom."}, {"published": "2026-06-07 11:33", "relative_age": "8 h", "source": "Dagens Industri", "category": "sweden", "title": "Attack mot Tjernobyllager för kärnavfall", "link": "https://www.di.se/nyheter/attack-mot-tjernobyllager-for-karnavfall/", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "En rysk drönare har träffat ett lager för kärnbränsle i området kring Tjernobyl, meddelar ukrainska Energoatom."}, {"published": "2026-06-06 07:07", "relative_age": "1 d", "source": "DN Varlden", "category": "world", "title": "USA och Iran i nattliga attacker", "link": "https://www.dn.se/varlden/usa-och-iran-i-nattliga-attacker/", "topic_tag": "attacker", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Det iranska Revolutionsgardet uppger att det attackerat amerikanska baser, sedan USA:s militär attackerat radaranläggningar i Iran och skjutit ned fyra iranska drönare som avfyrats mot Hormuzsundet."}, {"published": "2026-06-06 16:07", "relative_age": "1 d", "source": "DN Varlden", "category": "world", "title": "Ny attack mot S:t Petersburg – flottbas träffad", "link": "https://www.dn.se/varlden/ny-attack-mot-st-petersburg-flottbas-traffad/", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Ryssland säger sig ha skjutit ned hundratals ukrainska drönare under natten. Bara över Leningradregionen, där S:t Petersburg ligger, uppges långt över 100 drönare ha oskadliggjorts. Det är andra gången på bara några dagar som regionen utsätts för stora ukrainska anfall."}, {"published": "2026-06-07 18:17", "relative_age": "1 h", "source": "Al Jazeera", "category": "world", "title": "Police say two suspects have been shot and killed in Israel gun attack", "link": "https://www.aljazeera.com/video/newsfeed/2026/6/7/police-say-two-suspects-have-been-shot-and-killed-in-israel-gun-attack?traffic_source=rss", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Police say two suspects have been shot and killed in Israel gun attack."}, {"published": "2026-06-07 18:04", "relative_age": "1 h", "source": "Al Jazeera", "category": "world", "title": "Al Jazeera reports from Beirut after Israeli attack", "link": "https://www.aljazeera.com/video/newsfeed/2026/6/7/al-jazeera-reports-from-beirut-after-israeli-attack?traffic_source=rss", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Multiple explosions have hit Beirut’s southern suburbs as Israel launches new attacks, claiming to target Hezbollah."}, {"published": "2026-06-07 00:01", "relative_age": "19 h", "source": "NYTimes World", "category": "world", "title": "Ukraine Strikes St. Petersburg in Long-Range Drone Attack", "link": "https://www.nytimes.com/2026/06/06/world/europe/ukraine-drone-strike-st-petersburg.html", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "It was the second such attack in days and came just hours after President Vladimir V. Putin spoke at an economic forum in the city."}, {"published": "2026-06-06 11:38", "relative_age": "1 d", "source": "DN Varlden", "category": "world", "title": "Hundratals drönare över Sankt Petersburg – viktig bas träffad", "link": "https://www.dn.se/varlden/hundratals-dronare-over-sankt-petersburg-viktig-bas-traffad/", "topic_tag": "drönare", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Hundratals drönare har skjutits ned över Leningradregionen och Sankt Petersburg, enligt Ryssland. Även från Moskva kommer drönarlarm. Den ukrainske presidenten Volodymyr Zelenskyj uppger att en viktig marinbas träffats i nattens anfall."}, {"published": "2026-06-06 08:58", "relative_age": "1 d", "source": "The Hacker News", "category": "security", "title": "Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack", "link": "https://thehackernews.com/2026/06/miasma-worm-hits-73-microsoft-github.html", "topic_tag": "attack", "cves": [], "vendor": "Microsoft", "cvss": null, "risk_level": "low", "item_type": "malware", "summary": "Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories. \"Access to this"}, {"published": "2022-08-30 18:00", "relative_age": "1377 d", "source": "Threatpost", "category": "security", "title": "Watering Hole Attacks Push ScanBox Keylogger", "link": "https://threatpost.com/watering-hole-attacks-push-scanbox-keylogger/180490/", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool."}, {"published": "2022-08-23 15:19", "relative_age": "1384 d", "source": "Threatpost", "category": "security", "title": "Firewall Bug Under Active Attack Triggers CISA Warning", "link": "https://threatpost.com/firewall-bug-under-active-attack-cisa-warning/180467/", "topic_tag": "active", "cves": [], "vendor": "Palo Alto", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP."}, {"published": "2026-06-07 14:59", "relative_age": "4 h", "source": "France 24", "category": "world", "title": "One killed, five wounded in terror attacks in Israel", "link": "https://www.france24.com/en/one-killed-five-wounded-in-terror-attacks-in-israel", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "At least one person was killed and five others wounded in multiple shootings in Israel on Sunday, and security forces killed an attacker identified as a Palestinian citizen of Israel. Israel's emergency service Magen David Adom said a man aged around 35 had died of gunshot wounds. FRANCE 24's Noga Tarnopolsky reports."}, {"published": "2026-06-07 11:14", "relative_age": "8 h", "source": "The Next Web", "category": "tech", "title": "OpenAI adds Lockdown Mode to ChatGPT to block data theft from prompt injection attacks", "link": "https://thenextweb.com/news/chatgpt-lockdown-mode-prompt-injection", "topic_tag": "adds", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "OpenAI has begun rolling out Lockdown Mode to ChatGPT, a new security setting designed to block attackers from stealing data through prompt injection attacks. The feature disables live web browsing, agent mode, deep research, image retrieval, Canvas networking, and file downloads. It is available to logged-in users across Free, Go, Plus, Pro, and self-serve ChatGPT […] This story continues at The Next Web"}, {"published": "2026-06-07 11:03", "relative_age": "8 h", "source": "Expressen", "category": "sweden", "title": "En död i misstänkt terrorattack i Israel", "link": "https://www.expressen.se/nyheter/varlden/en-dod-i-misstankt-terrorattack-i-israel/", "topic_tag": "israel", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Minst en person har dödats och flera har skadats i en skjutning i Israel. Skjutningen rubriceras av israeliska myndigheter som en terrorattack. Initialt uppgavs att två misstänkta personer skjutits till döds, men det ska enligt israelisk polis röra sig om en person, rapporterar Times of Israel."}, {"published": "2026-06-07 09:11", "relative_age": "10 h", "source": "BBC World", "category": "world", "title": "Steve Rosenberg: Russia's economic forum overshadowed by drone attacks on St Petersburg", "link": "https://www.bbc.com/news/articles/c9q2gp52rgro?at_medium=RSS&at_campaign=rss", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "The BBC's Russia editor saw Putin's flagship economic event overshadowed by Ukrainian drones attacks."}, {"published": "2026-06-06 08:05", "relative_age": "1 d", "source": "SVT Utrikes", "category": "world", "title": "Allvarlig hajattack i Australien – dykare dödad", "link": "https://www.svt.se/nyheter/utrikes/allvarlig-hajattack-i-australien", "topic_tag": "allvarlig", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "En dykare har dödats i en hajattack i västra Australien, rapporterar ABC News."}, {"published": "2026-06-05 20:05", "relative_age": "1 d", "source": "The Hacker News", "category": "security", "title": "IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks", "link": "https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer \"scrapes every secret it can find on a developer's machine, hides behind an eBPF kernel rootkit, and"}, {"published": "2026-06-04 06:00", "relative_age": "3 d", "source": "The Guardian World", "category": "world", "title": "Rebel attacks in eastern DRC kill 30 people and hamper Ebola response", "link": "https://www.theguardian.com/global-development/2026/jun/04/allied-democratic-forces-adf-rebel-attacks-massacre-eastern-drc-ebola-response", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Islamic State-linked militia blamed for raids in North Kivu as governor says three patients with disease fled clinics Rebel attacks around a town that is one of the centres of the Ebola outbreak in the Democratic Republic of the Congo have left more than 30 people dead over the past few days, complicating the response to the disease. At least 10 people were massacred in raids on three villages around the city of Beni, in North Kivu, in the early hours of Wednesday morning. Continue reading..."}, {"published": "2026-06-07 19:03", "relative_age": "46 min", "source": "NYTimes World", "category": "world", "title": "Arab Gunman Kills One in Attack on Central Israel", "link": "https://www.nytimes.com/2026/06/07/world/middleeast/israel-west-bank-shooting.html", "topic_tag": "arab", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "The assailant, an Arab citizen of Israel, was killed. Hamas, the Palestinian militant group, praised the shooting, but it did not claim responsibility."}, {"published": "2026-06-07 11:45", "relative_age": "8 h", "source": "Euronews", "category": "world", "title": "Washington could tap into Iran's frozen billions to pay for Gulf attack damage", "link": "http://www.euronews.com/2026/06/07/reports-washington-could-tap-into-irans-frozen-billions-to-pay-for-gulf-attack-damage", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "The Iranian assets Washington is considering reallocating could include frozen funds, along with ships previously seized by the United States."}, {"published": "2026-06-06 09:47", "relative_age": "1 d", "source": "The Guardian World", "category": "world", "title": "Man dies after shark attack off Western Australia coast near Albany", "link": "https://www.theguardian.com/australia-news/2026/jun/06/man-fighting-for-life-after-being-bitten-by-shark-off-western-australian-coast", "topic_tag": "albany", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Government department says man was in the water around Michaelmas Island, near Albany, when he was bitten by a suspected 4.5-metre shark Get our breaking news email, free app or daily news podcast A male diver aged in his 30s has died after being bitten by a shark in Western Australia. The state’s police force confirmed on Saturday afternoon that the 35-year-old man had died, after being treated by paramedics at the scene for more than two hours. Continue reading..."}, {"published": "2026-06-05 21:04", "relative_age": "1 d", "source": "Dark Reading", "category": "security", "title": "Exposed Fuel Tank Gauges Under Attack in the US", "link": "https://www.darkreading.com/cyberattacks-data-breaches/exposed-fuel-tank-gauges-attack-us", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "incident", "summary": "Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption."}, {"published": "2026-06-05 19:27", "relative_age": "2 d", "source": "The Register", "category": "tech", "title": "Yet another Cisco SD-WAN 0-day under attack, and no patch in sight", "link": "https://www.theregister.com/security/2026/06/05/yet-another-cisco-sd-wan-0-day-under-attack-and-no-patch-in-sight/5251855", "topic_tag": "another", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Good luck, sys admins"}, {"published": "2026-05-23 14:34", "relative_age": "15 d", "source": "ScienceDaily (Fitness)", "category": "health_fitness", "title": "New AI body map reveals obesity’s hidden attack on facial nerves", "link": "https://www.sciencedaily.com/releases/2026/05/260522023308.htm", "topic_tag": "attack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Scientists have created an AI-powered system that can scan and map an entire mouse body in extraordinary detail — and it just uncovered a surprising new effect of obesity. Beyond disrupting metabolism, obesity appears to damage facial sensory nerves linked to touch and sensation, while also triggering widespread inflammation across the body."}, {"published": "2026-06-07 12:35", "relative_age": "7 h", "source": "BBC World", "category": "world", "title": "Hegseth attacks Europe over migration with beach 'invasion' D-Day speech", "link": "https://www.bbc.com/news/articles/c802e7jk458o?at_medium=RSS&at_campaign=rss", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "The US defence secretary was speaking in Normandy, 82 years after allied forces launched their operation to liberate Nazi-occupied north-western Europe."}, {"published": "2026-06-07 11:38", "relative_age": "8 h", "source": "Svenska Dagbladet", "category": "sweden", "title": "Minst en död i misstänkt terrorattack i Israel", "link": "https://www.svd.se/a/JOBQb6/minst-en-dod-i-misstankt-terrorattack-i-israel", "topic_tag": "israel", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "En person har dödats och fem har skadats i flera skjutningar i Israel under söndagsförmiddagen. Den misstänkte gärningsmannen sköts till döds av polis."}, {"published": "2026-06-07 10:50", "relative_age": "8 h", "source": "Goteborgs-Posten", "category": "sweden", "title": "Misstänkt terrorattack i Israel – flera skadade", "link": "https://www.gp.se/nyheter/varlden/misstankt-terrorattack-i-israel-skott-pa-flera-platser.061ef145-ee96-4e73-a225-c1fc5ea630bb", "topic_tag": "flera", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "En död • Skytten skjuten av polis."}, {"published": "2026-06-07 10:02", "relative_age": "9 h", "source": "Microsoft MSRC", "category": "security", "title": "CVE-2026-37460 Missing input validation in the rfapiRibBi2Ri() function (rfapi_rib.c) of FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.", "link": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-37460", "topic_tag": "2026", "cves": ["CVE-2026-37460"], "vendor": "Microsoft", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "Information published."}, {"published": "2026-06-07 08:50", "relative_age": "10 h", "source": "Bbl-AT", "category": "sweden", "title": "Hackerattack mot länets bibliotek – e-böcker spärrade", "link": "https://www.bblat.se/vastmanland/hackerattack-mot-lanets-bibliotek-e-bocker-sparrade/", "topic_tag": "bibliotek", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Under veckan har biblioteken i Västmanland blivit utsatta för ett dataintrång som berör låntagarna på alla länets bibliotek: inloggningar har stängts ned, liksom hela e-bokstjänsten Biblio."}, {"published": "2026-06-07 08:48", "relative_age": "11 h", "source": "DN Varlden", "category": "world", "title": "Nya vapen placeras ut på skyskrapor i Moskva – efter attackerna", "link": "https://www.dn.se/varlden/nya-vapen-placeras-ut-pa-skyskrapor-i-moskva-efter-attackerna/", "topic_tag": "attackerna", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Ukraina har slagit till långt inne i Ryssland. Nu ska nya vapen ha placerats ut på tak till skyskrapor i Moskva."}, {"published": "2026-06-06 22:32", "relative_age": "21 h", "source": "TechCrunch", "category": "tech", "title": "OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks", "link": "https://techcrunch.com/2026/06/06/openai-unveils-lockdown-mode-to-protect-sensitive-data-from-prompt-injection-attacks/", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Even with Lockdown Mode, ChatGPT could be still vulnerable to prompt injections, but the goal is to reduce the likelihood that sensitive data gets shared in the process."}, {"published": "2026-06-06 16:46", "relative_age": "1 d", "source": "Lanstidningen i Sodertalje", "category": "sweden", "title": "Hackerattack mot biblioteken – lånekorten spärrades", "link": "https://www.lt.se/nyheter/hackerattack-mot-biblioteken-lanekorten-sparrades/", "topic_tag": "biblioteken", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Under veckan har biblioteken i Södertälje, Nykvarn och Salem blivit utsatta för ett dataintrång som berör samtliga bibliotekens låntagare: alla måste se till att ha rätt inloggning till lånekorten för att kunna låna nya böcker."}, {"published": "2026-06-06 16:38", "relative_age": "1 d", "source": "Dalademokraten", "category": "sweden", "title": "Hackerattack mot Dalarnas bibliotek – lånekorten spärrades", "link": "https://www.dalademokraten.se/dalarna/hackerattack-mot-dalarnas-bibliotek-lanekorten-sparrades/", "topic_tag": "bibliotek", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Under veckan har biblioteken i Dalarna blivit utsatta för ett dataintrång som berör samtliga bibliotekens låntagare: alla måste se till att ha rätt inloggning till lånekorten för att kunna låna nya böcker."}, {"published": "2026-06-06 16:14", "relative_age": "1 d", "source": "Nacka Varmdo Posten", "category": "sweden", "title": "Hackerattack mot Nackas bibliotek – lånekorten spärrades", "link": "https://www.nvp.se/nacka/hackerattack-mot-nackas-bibliotek-alla-lanekort-paverkas/", "topic_tag": "bibliotek", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Under veckan har biblioteken i Nacka kommun blivit utsatta för ett dataintrång som berör alla bibliotekens låntagare: alla måste se till att ha rätt inloggning till lånekorten för att kunna låna nya böcker."}, {"published": "2026-06-05 14:33", "relative_age": "2 d", "source": "Computer Sweden", "category": "tech", "title": "NSA uppges använda Anthropics Mythos för cyberattacker", "link": "https://computersweden.se/article/4181701/nsa-uppges-anvanda-anthropics-mythos-for-cyberattacker.html", "topic_tag": "anthropics", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Enligt uppgifter till Financial Times hjälper AI-bolaget Anthropic den amerikanska säkerhetsmyndigheten National Security Agency (NSA) att använda den avancerade AI-modellen Mythos för offensiva cyberoperationer. Företaget ska ha placerat flera utvecklare på plats hos myndigheten för att anpassa tekniken till specifika uppdrag. Mythos har väckt uppmärksamhet eftersom modellen sägs vara mycket skicklig på att hitta och utnyttja cybersäkerhetsbrister. Enligt Financial Times källor ska tekniken exempelvis kunna användas mot länder som Kina eller Iran. Samtidigt pågår en juridisk konflikt mellan Anthropic och det amerikanska försvarsdepartementet, som NSA är en del av. Företaget har motsatt sig att dess AI används för bland annat massövervakning och autonoma vapensystem, medan Pentagon har klassat bolaget som en potentiell leverantörsrisk. Anthropic och USA:s försvarsdepartement har avböjt att kommentera uppgifterna."}, {"published": "2026-06-05 14:33", "relative_age": "2 d", "source": "IDG.se", "category": "tech", "title": "NSA uppges använda Anthropics Mythos för cyberattacker", "link": "https://computersweden.se/article/4181701/nsa-uppges-anvanda-anthropics-mythos-for-cyberattacker.html", "topic_tag": "anthropics", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Enligt uppgifter till Financial Times hjälper AI-bolaget Anthropic den amerikanska säkerhetsmyndigheten National Security Agency (NSA) att använda den avancerade AI-modellen Mythos för offensiva cyberoperationer. Företaget ska ha placerat flera utvecklare på plats hos myndigheten för att anpassa tekniken till specifika uppdrag. Mythos har väckt uppmärksamhet eftersom modellen sägs vara mycket skicklig på att hitta och utnyttja cybersäkerhetsbrister. Enligt Financial Times källor ska tekniken exempelvis kunna användas mot länder som Kina eller Iran. Samtidigt pågår en juridisk konflikt mellan Anthropic och det amerikanska försvarsdepartementet, som NSA är en del av. Företaget har motsatt sig att dess AI används för bland annat massövervakning och autonoma vapensystem, medan Pentagon har klassat bolaget som en potentiell leverantörsrisk. Anthropic och USA:s försvarsdepartement har avböjt att kommentera uppgifterna."}, {"published": "2026-06-04 23:23", "relative_age": "2 d", "source": "Dark Reading", "category": "security", "title": "China's TA4922 Expands Cybercrime Attacks Globally", "link": "https://www.darkreading.com/threat-intelligence/china-ta4922-cybercrime-attacks-globally", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia."}, {"published": "2026-06-04 23:08", "relative_age": "2 d", "source": "Dark Reading", "category": "security", "title": "4 Critical Threats Where Attackers Have the Advantage", "link": "https://www.darkreading.com/vulnerabilities-threats/4-critical-threats-attackers-advantage", "topic_tag": "advantage", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections."}, {"published": "2026-06-04 14:22", "relative_age": "3 d", "source": "The Hacker News", "category": "security", "title": "China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa", "link": "https://thehackernews.com/2026/06/china-linked-ta4922-expands-phishing.html", "topic_tag": "africa", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "malware", "summary": "A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been complemented by a \"rapid operational tempo\" and a continually evolving malware arsenal comprising known families like ValleyRAT (aka Winos 4.0) and Atlas RAT (aka AtlasCross RAT), as well as previously"}, {"published": "2026-06-03 23:34", "relative_age": "3 d", "source": "Dark Reading", "category": "security", "title": "Attackers Use AI to Automate EDR Evasion Testing", "link": "https://www.darkreading.com/endpoint-security/attackers-automate-edr-evasion-testing", "topic_tag": "attackers", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "malware", "summary": "Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender."}, {"published": "2026-06-02 22:11", "relative_age": "4 d", "source": "Dark Reading", "category": "security", "title": "DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks", "link": "https://www.darkreading.com/cyberattacks-data-breaches/drivesurge-hijacks-thousands-sites-clickfix-fakeupdate-attacks", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "malware", "summary": "A sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware."}, {"published": "2026-06-02 21:50", "relative_age": "4 d", "source": "Dark Reading", "category": "security", "title": "China Uses Dual-Method Cyberattack on Czech Orgs", "link": "https://www.darkreading.com/threat-intelligence/china-uses-dual-method-attack-czech-taiwan-orgs", "topic_tag": "china", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "malware", "summary": "China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware."}, {"published": "2026-05-30 20:44", "relative_age": "7 d", "source": "NYTimes Well", "category": "health_fitness", "title": "How to Travel if You Have Panic Attacks", "link": "https://www.nytimes.com/2026/05/29/travel/how-to-travel-if-you-have-panic-attacks.html", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "You don’t have to let severe anxiety keep you from exploring the world. Here’s how to manage your panic on vacation."}, {"published": "2022-08-26 18:44", "relative_age": "1381 d", "source": "Threatpost", "category": "security", "title": "Ransomware Attacks are on the Rise", "link": "https://threatpost.com/ransomware-attacks-are-on-the-rise/180481/", "topic_tag": "attacks", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "malware", "summary": "Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group."}, {"published": "2026-06-07 16:18", "relative_age": "3 h", "source": "France 24", "category": "world", "title": "One dead, five wounded after shootings in Israel", "link": "https://www.france24.com/en/one-dead-five-wounded-after-shootings-in-israel", "topic_tag": "dead", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "A Palestinian man with Israeli citizenship went on a shooting rampage in several towns in central Israel on Sunday, killing one person and wounding five others, according to Israeli police. The attacker was killed by police. The attack came at a time of heightened tensions following a spate of Israeli settler attacks, and the deadly shooting of a Palestinian baby over the weekend, in the nearby West Bank. Police identified the attacker as a resident of the nearby Arab town of Taybeh in his 20s, but his precise motives were not immediately known."}, {"published": "2026-06-07 12:35", "relative_age": "7 h", "source": "DW World", "category": "world", "title": "Ukraine: Russian drone hits nuclear-fuel storage facility", "link": "https://www.dw.com/en/ukraine-russian-drone-hits-nuclear-fuel-storage-facility/a-77448846?maca=en-rss-en-all-1573-rdf", "topic_tag": "drone", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Ukrainian President Volodymyr Zelenskyy has called a Russian attack on a nuclear storage facility near Chernobyl \"vile.\" The UN's nuclear watchdog said no increased radiation had been registered at the site."}, {"published": "2026-06-07 09:41", "relative_age": "10 h", "source": "Norran", "category": "sweden", "title": "Man anhållen efter våld mot polis i centrala Skellefteå", "link": "https://www.norran.se/nyheter/skelleftea/artikel/man-anhallen-efter-attack-mot-polis-i-skelleftea/r9m22exl", "topic_tag": "anhållen", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "En man i 40-årsåldern har anhållits misstänkt för våld mot tjänsteman efter en attack mot en polis i centrala Skellefteå."}, {"published": "2026-06-07 06:59", "relative_age": "12 h", "source": "The Guardian World", "category": "world", "title": "Greens warn nuclear submarines deal risks war with China as Albanese says Aukus ‘full-steam ahead’", "link": "https://www.theguardian.com/world/2026/jun/07/greens-warn-nuclear-submarines-deal-risks-war-with-china-as-albanese-says-aukus-full-steam-ahead", "topic_tag": "ahead", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "David Shoebridge says Australia could become embroiled in a US war with China if purchase of Virginia-class attack submarines proceeds Anthony Albanese has reiterated that Aukus is “full-steam ahead” after the Greens renewed calls to cancel the nuclear-powered submarines deal, which the minor party warned could draw Australia into a potential US war with China. Debate over the security pact has resurfaced after the announcement that Australia would buy secondhand Virginia-class submarines from the US, rather than a mix of old and new vessels. Continue reading..."}, {"published": "2026-06-07 05:50", "relative_age": "13 h", "source": "SVT Utrikes", "category": "world", "title": "Drönarpiloten jobbar för kartellen: ”Släpper bomber och dödar svin”", "link": "https://www.svt.se/nyheter/utrikes/dronarpiloten-jobbar-for-kartellen-slapper-bomber-och-dodar-svin", "topic_tag": "bomber", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Drönare förändrar spelreglerna i Mexikos drogkrig. I delstaten Sinaloa, där kartellerna länge haft sitt fäste, pågår ett teknikrace på liv och död som förflyttar konflikten från marken till luften. – Den här drönaren är nästan ny men har redan dödat två personer, säger Jacinto som är drönarpilot för en av fraktionerna inom Sinaloakartellen."}, {"published": "2026-06-06 09:28", "relative_age": "1 d", "source": "The Register", "category": "tech", "title": "Oxford Uni student data pwned yet again - this time via career platform breach", "link": "https://www.theregister.com/security/2026/06/06/oxford-university-data-pwned-again-by-career-platform-breach/5251754", "topic_tag": "again", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Totally different attack from the break-in last month. Oh so that's OK then"}, {"published": "2026-06-05 16:53", "relative_age": "2 d", "source": "The Hacker News", "category": "security", "title": "Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps", "link": "https://thehackernews.com/2026/06/android-spyware-asin-targets-arabic.html", "topic_tag": "android", "cves": [], "vendor": "Google", "cvss": null, "risk_level": "low", "item_type": "malware", "summary": "Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of distinct websites mimicking utilities, war-related updates, and a government news source: govlens[.]net, which"}, {"published": "2026-06-05 10:00", "relative_age": "2 d", "source": "The Guardian World", "category": "world", "title": "‘Family values’ African charter condemned by rights groups as regressive and dangerous", "link": "https://www.theguardian.com/global-development/2026/jun/05/ghana-african-charter-family-values-gender-women-sex-lgbtq-reproductive-rights", "topic_tag": "african", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Draft treaty claims sexual and reproductive health and rights are an existential threat to the African family An African treaty that rejects longstanding international human rights obligations moved a step closer to becoming policy this week as governments across the continent met in Ghana. The draft African charter on family, sovereignty and values, seen by the Guardian, asserts that African values and culture are under attack from “foreign ideologies” and urges states to withdraw from any agreements that do not align with the principles of the charter, including the 2003 Maputo protocol, which promotes gender equality and protects the reproductive and health rights of women and girls. Continue reading..."}, {"published": "2026-06-05 09:24", "relative_age": "2 d", "source": "SecurityWeek Vulnerabilities", "category": "security", "title": "Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals", "link": "https://www.securityweek.com/nightclub-giant-rci-says-data-breach-affects-40000-individuals/", "topic_tag": "affects", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "incident", "summary": "The company detected a network intrusion in March and an investigation showed that some files were stolen during the attack. The post Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals appeared first on SecurityWeek."}, {"published": "2026-06-04 17:15", "relative_age": "3 d", "source": "The Hacker News", "category": "security", "title": "Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories", "link": "https://thehackernews.com/2026/06/claude-code-github-action-flaw-let-one.html", "topic_tag": "action", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because Anthropic's own action repo used the same workflow, a working attack could have pushed malicious code into the action itself and onto the projects downstream that pull it. RyotaK of GMO"}, {"published": "2026-06-04 13:19", "relative_age": "3 d", "source": "The Hacker News", "category": "security", "title": "FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads", "link": "https://thehackernews.com/2026/06/fluttershell-backdoor-spreads-to-macos.html", "topic_tag": "backdoor", "cves": [], "vendor": "Google", "cvss": null, "risk_level": "low", "item_type": "analysis", "summary": "Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed JSCoreRunner (aka FileRipple) in late August 2025. The cybercrime group behind the two attack chains is"}, {"published": "2026-06-04 07:30", "relative_age": "3 d", "source": "ScienceDaily (Health)", "category": "health_fitness", "title": "Cancer’s favorite escape trick may actually make it easier to kill", "link": "https://www.sciencedaily.com/releases/2026/06/260603023911.htm", "topic_tag": "actually", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Scientists have uncovered a surprising new way the immune system fights cancer, overturning a core belief that has guided immunology for decades. The research found that when cancer cells shut down a key immune-recognition molecule called MHC I—a common trick used to hide from “killer” T cells—they can actually become more vulnerable to attack by a different group of immune cells known as CD4+ “helper” T cells."}, {"published": "2026-06-03 18:00", "relative_age": "4 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Webex Meetings Cross-Site Scripting Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-jw3NeQzS?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Webex%20Meetings%20Cross-Site%20Scripting%20Vulnerability%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2026-20233"], "vendor": "Cisco", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability existed because of insufficient validation of user input. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to follow a malicious link. A successful exploit could have allowed the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information. As mentioned, Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-jw3NeQzS Security Impact Rating: Medium CVE: CVE-2026-20233"}, {"published": "2026-04-14 09:00", "relative_age": "54 d", "source": "Fortinet PSIRT", "category": "security", "title": "2FA request can be replayed without a valid token after one successful request", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-101", "topic_tag": "replayed", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 6.7 An Improper authentication vulnerability [CWE-287] in FortiSOAR web GUI may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration. Revised on 2026-04-14 00:00:00"}, {"published": "2023-11-03 05:15", "relative_age": "947 d", "source": "NVD (National Vulnerability Database)", "category": "security", "title": "CVE-2020-28407", "link": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28407", "topic_tag": "2020", "cves": ["CVE-2020-28407"], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall."}, {"published": "2022-08-19 17:25", "relative_age": "1388 d", "source": "Threatpost", "category": "security", "title": "iPhone Users Urged to Update to Patch 2 Zero-Days", "link": "https://threatpost.com/iphone-users-urged-to-update-to-patch-2-zero-days-under-attack/180448/", "topic_tag": "days", "cves": [], "vendor": "", "cvss": null, "risk_level": "medium", "item_type": "exploit", "summary": "Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack."}, {"published": "2022-08-18 16:31", "relative_age": "1389 d", "source": "Threatpost", "category": "security", "title": "Google Patches Chrome’s Fifth Zero-Day of the Year", "link": "https://threatpost.com/google-patches-chromes-fifth-zero-day-of-the-year/180432/", "topic_tag": "chrome", "cves": [], "vendor": "Google", "cvss": null, "risk_level": "medium", "item_type": "exploit", "summary": "An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack."}, {"published": "2026-06-07 19:03", "relative_age": "45 min", "source": "Barometern", "category": "sweden", "title": "Misstänkt terror i Israel – skott på flera platser", "link": "https://www.barometern.se/varlden/misstankt-terror-i-israel-skott-pa-flera-platser/", "topic_tag": "flera", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "En person dödades och fem andra skadades i en misstänkt terrorattack i Israel på söndagen. Gärningsmannen öppnade eld på flera platser för att sedan skjutas ihjäl av säkerhetsstyrkor, rapporterar israeliska medier."}, {"published": "2026-06-07 19:03", "relative_age": "45 min", "source": "Skanska Dagbladet", "category": "sweden", "title": "Misstänkt terror i Israel – skott på flera platser", "link": "https://www.skd.se/misstankt-terror-i-israel-skott-pa-flera-platser/", "topic_tag": "flera", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "En person dödades och fem andra skadades i en misstänkt terrorattack i Israel på söndagen. Gärningsmannen öppnade eld på flera platser för att sedan skjutas ihjäl av säkerhetsstyrkor, rapporterar israeliska medier."}, {"published": "2026-06-07 18:42", "relative_age": "1 h", "source": "BBC World", "category": "world", "title": "Israel strikes Beirut suburb days after US-brokered truce", "link": "https://www.bbc.com/news/articles/c0qyevk8139o?at_medium=RSS&at_campaign=rss", "topic_tag": "beirut", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Israel says the attacks on the Lebanese capital were ordered \"in response to Hezbollah's firing at Israeli territory\"."}, {"published": "2026-06-07 16:49", "relative_age": "2 h", "source": "Goteborgs-Posten", "category": "sweden", "title": "Familjen åkte på semester – fyraåring spårlöst borta", "link": "https://www.gp.se/krim/familjen-akte-pa-semester-fyraaring-sparlost-borta.fb380bcd-61ff-4e96-9f3e-73c3ddd7b3b6", "topic_tag": "borta", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Pappa attackerade mamma och förde bort sonen • Åklagaren: Inte fått något livstecken."}, {"published": "2026-06-07 16:31", "relative_age": "3 h", "source": "Al Jazeera", "category": "world", "title": "Israel kills 13 in Gaza as Egypt hosts renewed ‘ceasefire’ talks", "link": "https://www.aljazeera.com/news/2026/6/7/israeli-army-kills-nine-in-gaza-as-mediators-renew-diplomacy-in-cairo?traffic_source=rss", "topic_tag": "ceasefire", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Israeli attacks came near Khan Younis, in Gaza City and Deir el-Balah as Hamas and other groups met mediators in Cairo."}, {"published": "2026-06-07 16:27", "relative_age": "3 h", "source": "Dagens Nyheter", "category": "sweden", "title": "Misstänkt terror i Israel – skott på flera platser", "link": "https://www.dn.se/varlden/misstankt-terror-i-israel-skott-pa-flera-platser/", "topic_tag": "flera", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Minst en person har dödats och fem andra skadats i en misstänkt terrorattack i Israel. Gärningsmannen öppnade eld på flera platser för att sedan skjutas ihjäl av säkerhetsstyrkor, rapporterar israeliska medier."}, {"published": "2026-06-07 16:27", "relative_age": "3 h", "source": "DN Varlden", "category": "world", "title": "Misstänkt terror i Israel – skott på flera platser", "link": "https://www.dn.se/varlden/misstankt-terror-i-israel-skott-pa-flera-platser/", "topic_tag": "flera", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Minst en person har dödats och fem andra skadats i en misstänkt terrorattack i Israel. Gärningsmannen öppnade eld på flera platser för att sedan skjutas ihjäl av säkerhetsstyrkor, rapporterar israeliska medier."}, {"published": "2026-06-07 16:14", "relative_age": "3 h", "source": "Al Jazeera", "category": "world", "title": "Missiles and negotiations: Iran 100 days into the war with US and Israel", "link": "https://www.aljazeera.com/features/2026/6/7/missiles-and-negotiations-iran-100-days-into-the-war-with-us-and-israel?traffic_source=rss", "topic_tag": "days", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Talks and attacks have continued for months, and could last much longer without a breakthrough."}, {"published": "2026-06-07 15:34", "relative_age": "4 h", "source": "Euronews", "category": "world", "title": "Man opens fire in central Israel killing one person and injuring five others", "link": "http://www.euronews.com/2026/06/07/man-opens-fire-in-central-israel-killing-one-person-and-injuring-five-others", "topic_tag": "central", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Israeli media say the attacker carried out the shootings from inside his car, allowing him to reach several locations within a matter of minutes."}, {"published": "2026-06-07 11:06", "relative_age": "8 h", "source": "Dagens Industri", "category": "sweden", "title": "Skjutningar i Israel – minst en död", "link": "https://www.di.se/nyheter/skjutningar-i-israel-minst-en-dod/", "topic_tag": "israel", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Minst en person har dödats och flera har skadats i en misstänkt terrorattack i Israel, rapporterar medier i landet."}, {"published": "2026-06-07 10:18", "relative_age": "9 h", "source": "SVT Nyheter", "category": "sweden", "title": "Skjutning i Israel – minst en död och flera skadade", "link": "https://www.svt.se/nyheter/utrikes/skjutningar-i-israel-minst-en-dod-och-flera-skadade", "topic_tag": "flera", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Minst en person har dödats och fem har skadats i en skjutning i centrala Israel på söndagen, rapporterar israeliska medier. Skjutningen rubriceras av israeliska myndigheter som en terrorattack."}, {"published": "2026-06-07 10:18", "relative_age": "9 h", "source": "SVT Utrikes", "category": "world", "title": "Skjutning i Israel – minst en död och flera skadade", "link": "https://www.svt.se/nyheter/utrikes/skjutningar-i-israel-minst-en-dod-och-flera-skadade", "topic_tag": "flera", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Minst en person har dödats och fem har skadats i en skjutning i centrala Israel på söndagen, rapporterar israeliska medier. Skjutningen rubriceras av israeliska myndigheter som en terrorattack."}, {"published": "2026-06-06 15:36", "relative_age": "1 d", "source": "The Hacker News", "category": "security", "title": "New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration", "link": "https://thehackernews.com/2026/06/new-chatgpt-lockdown-mode-limits-tools.html", "topic_tag": "chatgpt", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection guarantees. Lockdown Mode is available to logged-in users across Free, Go, Plus, and Pro, and"}, {"published": "2026-06-05 23:23", "relative_age": "1 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Manager%20Authenticated%20Privilege%20Escalation%20Vulnerability%26vs_k=1", "topic_tag": "authenticated", "cves": ["CVE-2026-20127", "CVE-2026-20182", "CVE-2026-20245"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user. To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of CVE-2026-20182 or CVE-2026-20127. Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the Catalyst SD-WAN Security Advisory that was published on May 14, 2026, and verify the configuration of the edge devices. Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Important: To preserve possible indicators of compromise, customers should issue the request admin-tech command from each of the control components in the SD-WAN deployment before upgrading. After the admin-tech file has been collected, software should be upgraded at the earliest opportunity. Before upgrading an SD-WAN deployment to a fixed release, retain relevant logs. After upgrading, verify that the system has not been compromised by checking the logs for the indicators of compromise as documented in this advisory. If the logs show indicators of compromise and the system is confirmed to be compromised, applying the software update alone will not resolve the vulnerability. In such cases, follow the specific remediation steps that will be provided by the Cisco Technical Assistance Center (TAC) to help secure the system. This section will be updated as information becomes available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx Security Impact Rating: High CVE: CVE-2026-20245"}, {"published": "2026-06-05 14:10", "relative_age": "2 d", "source": "MIT Technology Review", "category": "tech", "title": "The Download: AI hacking beyond Mythos, and chatbots’ impact on our brains", "link": "https://www.technologyreview.com/2026/06/05/1138452/the-download-ai-hacking-mythos-chatbots-brain-impacts/", "topic_tag": "beyond", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology. The Meta hack shows there’s more to AI security than Mythos On Monday, reports emerged that attackers had used Meta’s AI customer support agent to steal Instagram accounts. Their approach was…"}, {"published": "2026-06-05 11:00", "relative_age": "2 d", "source": "MIT Technology Review", "category": "tech", "title": "The Meta hack shows there’s more to AI security than Mythos", "link": "https://www.technologyreview.com/2026/06/05/1138437/the-meta-hack-shows-theres-more-to-ai-security-than-mythos/", "topic_tag": "hack", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "On June 5, 404 Media reported that attackers had been using Meta’s AI customer support agent to steal Instagram accounts. Their approach was simple: They asked the agent to link the accounts to email addresses that they controlled, and the agent complied. One attacker broke into the dormant Obama White House account and made pro-Iran…"}, {"published": "2026-06-05 10:27", "relative_age": "2 d", "source": "MacWorld", "category": "tech", "title": "Vilken version av IOS kan din Iphone köra?", "link": "https://www.macworld.se/article/1933805/iphone-vilken-ios-version.html", "topic_tag": "iphone", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Osäker på vilken IOS-version din Iphone klarar av? Här är en guide som hjälper dig ta reda på om din Iphone stöder den senaste versionen av Apples mobiloperativsystem – och om inte, vilken version du kan installera. Vi svarar också på frågan: Vilka Iphone-modeller kommer att klara IOS 27? Varje år ger Apple IOS en större uppdatering med nya funktioner och förbättringar mot den förra versionen. Under övriga året kommer sedan många mindre uppdateringar. Även om företaget är bättre än de flesta på att hålla kvar äldre modeller på listan över enheter som stöds, kan hårdvarubegränsningar ibland innebära att en Iphone-modell blir utan. Det betyder inte att enheten slutar fungera. Apple underhåller bara de tre senaste versionerna av sina operativsystem, så om din Iphone inte kan köra någon av dem är det förmodligen dags att uppgradera till en ny telefon. Läs även: Allt du behöver veta om IOS 27 Iphone och IOS – snabböversikt Ta reda på vilken IOS-version din Iphone stöder med hjälp av vår tabell. Vilken Iphone har du?Vilken version av IOS kan du köra?Iphone 17e 2026IOS 26Iphone 17 Pro (Max) 2025IOS 26Iphone Air 2025IOS 26Iphone 17 2025IOS 26Iphone 16e 2025IOS 26Iphone 16 Pro (Max) 2024IOS 26Iphone 16 (Plus) 2024IOS 26Iphone 15 Pro (Max) 2023IOS 26Iphone 15 (Plus) 2023IOS 26Iphone 14 Pro (Max) 2022IOS 26Iphone 14 (Plus) 2022IOS 26Iphone SE (3:dje gen) 2022IOS 26Iphone 13 Pro (Max) 2021IOS 26Iphone 13 (Mini) 2021IOS 26Iphone 12 Pro (Max) 2020IOS 26Iphone 12 (Mini) 2020IOS 26Iphone SE (2:a gen) 2020IOS 26Iphone 11 Pro (Max) 2019IOS 26Iphone 11 2019IOS 26Iphone XR 2018IOS 18Iphone XS (Max) 2018IOS 18Iphone X 2017IOS 16Iphone 8 (Plus) 2017IOS 16Iphone 7 (Plus) 2016IOS 15Iphone SE (1:a gen) 2016IOS 15Iphone 6s (Plus) 2015IOS 15 Vilka modeller får stöd för IOS 27? Apple har ännu inte bekräftat vilka modeller som kommer att få stöd för kommande IOS 27, men en läcka har antytt att det nya operativsystemet kommer att fungera med telefoner nyare än Iphone 12. Så det innebär: Iphone 17 Pro & 17 Pro Max (2025) Iphone 17 (2025) Iphone Air (2025) Iphone 16 Pro & 16 Pro Max (2024) Iphone 16 & 16 Plus (2024) Iphone 15 Pro & Pro Max (2023) Iphone 15 & 15 Plus (2023) Iphone 14 Pro & 14 Pro Max (2022) Iphone 14 & 14 Plus (2022) Iphone SE (3:dje gen, 2022) Iphone 13 Pro & 13 Pro Max (2021) Iphone 13 Mini (2021) Stöds din Iphone fortfarande av Apple? Den nuvarande versionen av operativsystemet till Iphone är IOS 26, som kommer att fortsätta att få nya uppdateringar fram till nästa stora lansering under hösten 2026, IOS 27. Även om din telefon inte kan köra den senaste versionen av IOS, är den säker att använda så länge som den får säkerhetsuppdateringar. I mars 2026 identifierades till exempel verktyget “Darksword” som ett hot mot Iphone-modeller som körde äldre versioner av IOS 18. Säkerhetshålen som DarkSword utnyttjade åtgärdades i uppdateringen IOS 18.7.6. Använder du en Iphone med en IOS-version som Apple inte längre stöder med säkerhetsuppdateringar riskerar du att drabbas av attacker som utnyttjar svagheter i äldre programvara. Vissa uppdateringar kan också vara nödvändiga för att upprätthålla de certifikat som krävs för viktiga tjänster som Imessage, Facetime och enhetsaktivering – saknar du en uppdaterad IOS-version kan dessa funktioner sluta fungera. Den goda nyheten är att alla Iphone-modeller i tabellen ovan för närvarande stöds av Apple, även om stödnivån varierar. Apple fortsätter att tillhandahålla säkerhetsuppdateringar för följande äldre ios-versioner: IOS 15 och IOS 16 fick uppdateringar för att åtgärda säkerhetsproblem i maj 2026 IOS 18 fick en kritisk säkerhetsuppdatering i maj 2026 Apple behöver inte uppdatera IOS 17, eftersom alla Iphone-modeller som kör den versionen kan uppgradera till en nyare. Det betyder att följande äldre Iphone-modeller fortfarande får säkerhetsuppdateringar, åtminstone för tillfället: Iphone X Iphone 8 Iphone 7 Iphone SE (1:a generationen) Iphone 6s – den äldsta Iphone-modell som stöds Vi vet inte hur länge Apple fortsätter att stödja IOS 15 och IOS 16 – och motsvarande Iphone-modeller. Apple har klassat Iphone SE (1:a generationen) som föråldrad, medan Iphone 6s, Iphone 7, Iphone 8, Iphone X, Iphone XS, Iphone XS Max samt Iphone 11 Pro och 11 Pro Max finns med på Apples “äldre produkter”-lista. Det innebär att det kan vara svårt eller omöjligt att få dessa enheter reparerade via Apple. Borde jag uppgradera min Iphone? Macworld Om din Iphone inte klarar den senaste IOS-versionen betyder inte nödvändigtvis att du måste köpa en nyare. Apple fortsätter att släppa säkerhetsuppdateringar för äldre IOS-versioner – även efter lanseringen av IOS 26 fick IOS 18, IOS 16 och IOS 15 säkerhetsuppdateringar, vilket skyddar Iphone-modeller från Iphone 6s (2015) till Iphone XR och Iphone XS (2018). Har du en äldre Iphone är säkerheten den viktigaste frågan. Apple tillhandahåller fortfarande säkerhetskorrigeringar via IOS 15 och IOS 16, men det stödet lär inte hålla särskilt länge till. IOS 18-stödet väntas däremot fortsätta i flera år till. När din enhet inte längre kan köra en IOS-version som får säkerhetsuppdateringar är det dags att uppgradera. Som tumregel: en Iphone som inte klarar IOS 26 närmar sig slutet på sin praktiska livslängd. Även bland Iphone-modeller som stöder IOS 26 kan en uppgradering vara värd att överväga – nyare modeller har stöd för Apple Intelligence, som inte finns på äldre enheter. Uppgraderar du från någon av följande modeller till en nyare Iphone, till exempel Iphone 17, märker du stor skillnad i prestanda och funktioner: Iphone 15 & 15 Plus (2023) Iphone 14 Pro & 14 Pro Max (2022) Iphone 14 & 14 Plus (2022) Iphone SE (3:dje gen, 2022) Iphone 13 Pro & 13 Pro Max (2021) Iphone 13 Mini (2021) Iphone 12 Pro & 12 Pro Max (2020) Iphone 12 & 12 Mini (2020) Iphone SE (2:a gen, 2020) Iphone 11 Pro & 11 Pro Max (2019) Iphone 11 (2019) Vilken version av IOS kan de olika Iphone-modellerna köra? I tabellen nedan har vi samlat alla Iphone-generationer så att du enkelt kan se vilken IOS-version varje modell lanserades med – det är också den tidigaste versionen den kan köra – samt vilken version den maximalt stöder idag, inklusive om modellen klarar IOS 26. Alla IOS-versioner och vilka telefoner som stöder vilken version. Foundry Iphone Air Ursprunglig IOS-version: IOS 26 Kan den köra IOS 26: Ja Kommer den få IOS 27: Ja Iphone 17, 17e, 17 Pro, 17 Pro Max Ursprunglig IOS-version: IOS 26 Kan den köra IOS 26: Ja Kommer den få IOS 27: Ja Iphone 16, 16e, 16 Pro, 16 Pro Max Ursprunglig IOS-version: IOS 18 Kan den köra IOS 26: Ja Kommer den få IOS 27: Ja Iphone 15, 15 Plus, 15 Pro, 15 Pro Max Ursprunglig IOS-version: IOS 17 Kan den köra IOS 26: Ja Kommer den få IOS 27: Förmodligen Iphone 14, 14 Plus, 14 Pro, 14 Pro Max Ursprunglig IOS-version: IOS 16 Kan den köra IOS 26: Ja Kommer den få IOS 27: Förmodligen Iphone 13, 13 Mini, 13 Pro, 13 Pro Max Ursprunglig IOS-version: IOS 15 Kan den köra IOS 26: Ja Kommer den få IOS 27: Förmodligen Iphone SE (3:e generationen) Ursprunglig IOS-version: IOS 15 Kan den köra IOS 26: Ja Kommer den få IOS 27: Förmodligen Iphone 12, 12 Mini, 12 Pro, 12 Pro Max Ursprunglig IOS-version: IOS 14 Kan den köra IOS 26: Ja Kommer den få IOS 27: Förmodligen inte Iphone 11, 11 Pro, 11 Pro Max Ursprunglig IOS-version: IOS 13 Kan den köra IOS 26: Ja Kommer den få IOS 27: Förmodligen inte Iphone SE (2:a generationen) Ursprunglig IOS-version: IOS 13 Kan den köra IOS 26: Ja Kommer den få IOS 27: Förmodligen inte Iphone XR, XS, XS Max Ursprunglig IOS-version: IOS 12 Kan den köra IOS 26: Nej Senaste kompatibla versionen: IOS 18 Iphone X Ursprunglig IOS-version: IOS 11 Senaste kompatibla versionen: IOS 16 Iphone 8, 8 Plus Ursprunglig IOS-version: IOS 11 Senaste kompatibla versionen: IOS 16 Iphone 7, 7 Plus Ursprunglig IOS-version: IOS 10 Senaste kompatibla versionen: IOS 15 Iphone 6S, 6S Plus Ursprunglig IOS-version: IOS 9 Senaste kompatibla versionen: IOS 15 Iphone SE (1:a generationen) Ursprunglig IOS-version: IOS 9 Senaste kompatibla versionen: IOS 15 Iphone 6, 6 Plus Ursprunglig IOS-version: IOS 8 Senaste kompatibla versionen: IOS 15 Iphone 5S Ursprunglig IOS-version: IOS 7 Senaste kompatibla versionen: IOS 12 Iphone 5C Ursprunglig IOS-version: IOS 7 Senaste kompatibla versionen: IOS 10 Iphone 5 Ursprunglig IOS-version: IOS 6 Senaste kompatibla versionen: IOS 10 Iphone 4S Ursprunglig IOS-version: IOS 5 Senaste kompatibla versionen: IOS 9 Iphone 4 Ursprunglig IOS-version: IOS 4 Senaste kompatibla versionen: IOS 7 Iphone 3GS Ursprunglig IOS-version: IOS 3 Senaste kompatibla versionen: IOS 6 Iphone 3G Ursprunglig IOS-version: IOS 2 Senaste kompatibla versionen: IOS 4 Iphone Ursprunglig IOS-version: IOS 1 Senaste kompatibla versionen: IOS 3 Om din Iphone inte stöds av IOS 26 eller 18 bör du kanske överväga att uppgradera till en nyare enhet. Så här ser du vilken version av IOS du kör Om du inte är säker på vilken version av IOS du kör för närvarande är det väldigt enkelt att ta reda på det. Gå bara till Inställningar > Allmänt > Om och leta efter IOS-versionens nummer. Så här uppgraderar du IOS Nu när du vet vilken senaste version av IOS som din Iphone stöder är det en bra idé att se till att du använder den. Öppna appen Inställningar på din telefon och gå till Allmänt > Programuppdatering. IOS kommer leta efter tillgängliga uppdateringar och guida dig genom processen. Du kan också välja att aktivera automatiska uppdateringar. Om din Iphone har stöd för IOS 27 och du vill få en smygtitt på vad uppdateringen kommer att innebära kan du alltid registrera dig för att testa en betaversion före den officiella lanseringen. Detta ger dig tidig tillgång till operativsystemet, även om det finns några varningar att tänka på, så läs hur du går med i Apples beta-programvaruprogram innan du tar steget."}, {"published": "2026-06-04 18:55", "relative_age": "3 d", "source": "The Hacker News", "category": "security", "title": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public", "link": "https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "topic_tag": "20230", "cves": ["CVE-2026-20230"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco's PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens that runway. The flaw is a server-side request forgery."}, {"published": "2026-06-04 12:52", "relative_age": "3 d", "source": "Computer Sweden", "category": "tech", "title": "HTTP/2 Bomb kan slå ut en webbserver på några sekunder", "link": "https://computersweden.se/article/4181161/http-2-bomb-kan-sla-ut-en-webbserver-pa-nagra-sekunder.html", "topic_tag": "bomb", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Forskare på säkerhetsföretaget Calif varnar för HTTP/2 Bomb, en ny sorts överbelastningsattack som kan slå ut en webbserver på bara några sekunder. För att utföra attacken räcker det med en vanlig hemdator med en internetuppkoppling på 100 megabit per sekund. Enligt uppgift är de flesta sorters webbservrar i farozonen, däribland Nginx, Apache HTTP Server, Microsoft IIS, Envoy och Cloudflare Pingora. Användare av Nginx och Apache uppmanas att installera de senaste uppdateringarna för att vara på den säkra sidan. I övriga fall är rekommendationen att avaktivera HTTP/2 i väntan på en uppgradering, rapporterar Bleeping Computer."}, {"published": "2026-06-04 12:52", "relative_age": "3 d", "source": "IDG.se", "category": "tech", "title": "HTTP/2 Bomb kan slå ut en webbserver på några sekunder", "link": "https://computersweden.se/article/4181161/http-2-bomb-kan-sla-ut-en-webbserver-pa-nagra-sekunder.html", "topic_tag": "bomb", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Forskare på säkerhetsföretaget Calif varnar för HTTP/2 Bomb, en ny sorts överbelastningsattack som kan slå ut en webbserver på bara några sekunder. För att utföra attacken räcker det med en vanlig hemdator med en internetuppkoppling på 100 megabit per sekund. Enligt uppgift är de flesta sorters webbservrar i farozonen, däribland Nginx, Apache HTTP Server, Microsoft IIS, Envoy och Cloudflare Pingora. Användare av Nginx och Apache uppmanas att installera de senaste uppdateringarna för att vara på den säkra sidan. I övriga fall är rekommendationen att avaktivera HTTP/2 i väntan på en uppgradering, rapporterar Bleeping Computer."}, {"published": "2026-06-03 21:52", "relative_age": "3 d", "source": "Dark Reading", "category": "security", "title": "Tropical Blend: Cyber & Politics Ramp Up Across Latin America", "link": "https://www.darkreading.com/cyberattacks-data-breaches/nation-state-cyber-activity-latin-america", "topic_tag": "across", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "China-linked espionage groups have attacked at least a dozen nations in the region, gathering information on maritime shipping, oil production, and other geopolitical interests."}, {"published": "2026-06-03 21:10", "relative_age": "3 d", "source": "Dark Reading", "category": "security", "title": "Cyber Insurance Rates Are Dropping, but Exclusions Widen", "link": "https://www.darkreading.com/cyber-risk/cyber-insurance-rates-drop-exclusions-widen", "topic_tag": "cyber", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Cyber insurance coverage is slowly changing, and some policies may not provide coverage for social engineering attacks like ClickFix."}, {"published": "2026-06-03 21:00", "relative_age": "3 d", "source": "Dark Reading", "category": "security", "title": "Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover", "link": "https://www.darkreading.com/application-security/coding-gaffe-exposes-microsoft-365-accounts-takeover", "topic_tag": "accounts", "cves": [], "vendor": "Microsoft", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data."}, {"published": "2026-06-03 18:00", "relative_age": "4 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unified%20Communications%20Manager%20Server-Side%20Request%20Forgery%20Vulnerability%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2026-20230"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root. Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW Security Impact Rating: Critical CVE: CVE-2026-20230"}, {"published": "2026-06-03 18:00", "relative_age": "4 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Finesse Remote File Inclusion Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Finesse%20Remote%20File%20Inclusion%20Vulnerability%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2026-20175"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89 Security Impact Rating: Medium CVE: CVE-2026-20175"}, {"published": "2026-06-03 15:29", "relative_age": "4 d", "source": "Computer Sweden", "category": "tech", "title": "Uppgifter: Sverige får tillgång till Mythos", "link": "https://computersweden.se/article/4180538/uppgifter-sverige-far-tillgang-till-mythos.html", "topic_tag": "mythos", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Anthropic meddelar att företaget nu utökar initiativet Project Glasswing, som ger utvalda organisationer tillgång till AI-modellen Mythos. Modellen är utvecklad för att identifiera sårbarheter i programvara, men har samtidigt väckt uppmärksamhet för sin potential för att kunna användas för cyberattacker. Financial Times rapporterar att bland de nya länder som får tillgång finns Sverige, såväl som Kanada, Australien, Nya Zeeland, Frankrike, Tyskland, Italien, Nederländerna, Spanien, Belgien, Indien, Japan och Sydkorea. Även Nato och EU:s cybersäkerhetsmyndighet Enisa ska få tillgång till modellen. Vilka organisationer eller företag det rör sig om i Sverige framgår dock inte. När Mythos lanserades i april begränsades tillgången till ett mindre antal, främst amerikanska, organisationer. Anthropic uppger att de nya deltagarna representerar samhällsviktig infrastruktur inom bland annat finans, energi, vattenförsörjning, sjukvård, kommunikation och teknik. Bolaget varnar samtidigt för att liknande AI-modeller sannolikt kommer att bli vanliga inom de kommande sex till tolv månaderna."}, {"published": "2026-06-03 15:29", "relative_age": "4 d", "source": "IDG.se", "category": "tech", "title": "Uppgifter: Sverige får tillgång till Mythos", "link": "https://computersweden.se/article/4180538/uppgifter-sverige-far-tillgang-till-mythos.html", "topic_tag": "mythos", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "Anthropic meddelar att företaget nu utökar initiativet Project Glasswing, som ger utvalda organisationer tillgång till AI-modellen Mythos. Modellen är utvecklad för att identifiera sårbarheter i programvara, men har samtidigt väckt uppmärksamhet för sin potential för att kunna användas för cyberattacker. Financial Times rapporterar att bland de nya länder som får tillgång finns Sverige, såväl som Kanada, Australien, Nya Zeeland, Frankrike, Tyskland, Italien, Nederländerna, Spanien, Belgien, Indien, Japan och Sydkorea. Även Nato och EU:s cybersäkerhetsmyndighet Enisa ska få tillgång till modellen. Vilka organisationer eller företag det rör sig om i Sverige framgår dock inte. När Mythos lanserades i april begränsades tillgången till ett mindre antal, främst amerikanska, organisationer. Anthropic uppger att de nya deltagarna representerar samhällsviktig infrastruktur inom bland annat finans, energi, vattenförsörjning, sjukvård, kommunikation och teknik. Bolaget varnar samtidigt för att liknande AI-modeller sannolikt kommer att bli vanliga inom de kommande sex till tolv månaderna."}, {"published": "2026-06-03 14:01", "relative_age": "4 d", "source": "Dark Reading", "category": "security", "title": "Malicious Notifications Could Trick Google Gemini Users", "link": "https://www.darkreading.com/application-security/malicious-notifications-could-trick-google-gemini-users", "topic_tag": "could", "cves": [], "vendor": "Google", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "A prompt injection flaw in Google Gemini's voice assistant let attackers hide malicious commands in notifications, enabling social engineering and more."}, {"published": "2026-06-03 02:00", "relative_age": "4 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2026-45247 – Mirasvit Mirasvit Full Page Cache Warmer", "link": "https://nvd.nist.gov/vuln/detail/CVE-2026-45247", "topic_tag": "2026", "cves": ["CVE-2026-45247"], "vendor": "", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-06"}, {"published": "2026-06-01 02:00", "relative_age": "6 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2024-21182 – Oracle WebLogic Server", "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-21182", "topic_tag": "2024", "cves": ["CVE-2024-21182"], "vendor": "", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-04"}, {"published": "2026-05-29 02:00", "relative_age": "9 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2026-0257 – Palo Alto Networks PAN-OS", "link": "https://nvd.nist.gov/vuln/detail/CVE-2026-0257", "topic_tag": "0257", "cves": ["CVE-2026-0257"], "vendor": "Palo Alto", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-01"}, {"published": "2026-05-28 14:17", "relative_age": "10 d", "source": "WHO News", "category": "health_fitness", "title": "Message by the WHO Director-General to the people of the Democratic Republic of the Congo", "link": "https://www.who.int/news/item/28-05-2026-message-by-the-who-director-general-to-the-people-of-the-democratic-republic-of-the-congo", "topic_tag": "congo", "cves": [], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "misc", "summary": "To the people of DRC, especially to the people of Ituri Jambo kwenu wakahaji wa Ituri Mbote na bino, bato ya Ituri My name is Tedros, and I am the Director-General of the World Health Organization (WHO). But today, I am not writing to you as an official. I am writing to you as someone who knows your region, who has walked your streets, and who cares deeply about what happens to you and your families. I am writing because I want to be with you in these moments. And I want you to know that you are not alone. Ebola is not new to me personally. From 2018 to 2020, I came fourteen times to North Kivu, the epicentre of the outbreak at that time. Fourteen visits to Beni, Butembo, Katwa, Goma, and many other communities. During that outbreak, Ebola spread across North Kivu, South Kivu, and reached parts of Ituri as well. I was alongside families who had lost their loved ones. I met health workers risking their lives every day. I met community leaders, traditional healers, religious leaders and business leaders who refused to abandon their people. I saw men and women show extraordinary courage in the most difficult of circumstances. The people there, who saw me coming back again and again, wanted to give me a name that belonged to their community. They asked me whether I was the first, second, or third child of my parents. When I told them I was the firstborn, they gave me the name Dr Paluku. I carry that name with pride. It is not just a name. It is a bond. It is a reminder that this work is not about titles or institutions. It is about people. It is about you. That outbreak was one of the most complex in history. It did not unfold in a stable, peaceful environment. It happened in the middle of armed conflict, with communities displaced, supply routes disrupted, and health workers operating under constant threat. People were fleeing violence while also trying to protect themselves and their families from a deadly disease. I remember being in Beni on more than one occasion while fighting was taking place on the outskirts of the city. We could hear it. And yet the health workers around me did not stop. They kept working. That kind of courage is something I will never forget. The challenges of that time are not so different from what you are facing today in Ituri. I understand that. I have seen it with my own eyes. Mistrust ran deep, and the security situation cost us precious time. Our health workers were attacked. Clinics were targeted. People who were only trying to save lives found themselves caught in the middle of a conflict they did not start. Lives were lost that we might have saved, and that weighs on me still. But I also witnessed something remarkable. When we listened, when communities felt respected and heard, things began to change. Trust grew slowly, then more quickly. People came forward. And together, we managed to contain the outbreak. We did it. The people of DRC did it. I will never forget that. Ebola is now back. This time, the outbreak is hitting Ituri province the hardest. More than 90% of all cases have been reported in Ituri province, with a small number of cases also reported in North Kivu and South Kivu. I know how frightening that is, and I know that the people of Ituri are bearing a burden that is not easy to carry. I know that many of you are exhausted. You are already carrying so much: malaria, hunger, insecurity, and the daily struggle to keep your families safe. And now Ebola. It is not fair, and I will not pretend otherwise. But I also want to say something else about Ituri, because this province deserves to be seen for more than its hardships. Ituri is a place of remarkable energy. It is a province of vibrant commerce, of entrepreneurial spirit, of communities that have refused to be defined by the conflicts around them. The markets of Bunia buzz with life. Traders, farmers, teachers, and young people building their futures against all odds. That spirit, that refusal to give up, is exactly what we need now. It is the foundation on which we will build our response. We do not come to Ituri with only medicine and expertise. We come to join a community that already knows how to fight for its survival. I want to say a special word to the young people of Ituri. You are growing up in circumstances that no young person should have to face. And yet what I see, again and again, is not despair but determination. You are the future of this province and this country. In this outbreak, you have a vital role to play. Talk to your friends and your families. Share what you know about Ebola. Help break the fear and the silence that allow this virus to spread. Your voice carries further than you know, and we need it now more than ever. And to the health workers of Ituri, I want to say this: you are seen, and you are not alone. Every day you go to work knowing the risks, and you go anyway. You do it for your patients, for your communities, for your families. You are the backbone of this response. Without you, none of this is possible. I know the conditions are hard. I know the resources are often not enough. I know that fear and exhaustion are real. Please know that WHO stands with you, that we are working to get you the support you need, and that your courage and dedication are known and deeply valued far beyond the borders of this province. I also know that the security situation in parts of this region remains very difficult. Conflict and displacement make everything harder, including reaching people who need care and keeping health workers safe. I want to be honest: this is one of our greatest challenges. We cannot do this work if those who are trying to help are prevented from doing so or put in danger. We are working closely with all relevant partners to ensure that the response can reach every community that needs it, and that no one is left behind because of where they live or what is happening around them. That is why today I am making a direct appeal to all warring parties in this region: please, declare a ceasefire. Even briefly. Even just enough to let health workers through. People are dying from Ebola who do not have to die. Children are sick. Families are suffering. No cause, no conflict, no grievance is worth condemning innocent people to death from a preventable disease. A ceasefire, even a temporary one, would save lives. I urge you, I implore you: give us the space to help the people who need it most. I also know that there is anger and mistrust in some communities, and I understand why. Trust must be earned, it cannot be assumed. We have not always done things correctly. But I promise you, we are here to learn as much as we are here to help. I need to be honest with you about something important. Most previous Ebola outbreaks in DRC were caused by a virus called Ebola Zaire, for which we have vaccines and treatments. This outbreak is caused by a different virus called Ebola Bundibugyo. There are currently no approved vaccines or treatments for it. This is serious, and you deserve to hear that plainly. But I also want you to know this: while there are no specific treatments for Bundibugyo, there is much we can do together to prevent the spread of this virus and save lives. Early supportive care in our treatment centers can make a real difference. If you or someone you know falls ill, please do not wait. Coming forward early can make the difference between life and death. And everything we do, we will do with you. We will listen to you, we will share information with you, and we are here to help. And for those we cannot save, we will mourn with you. We will help you grieve your lost loved ones with safe and dignified burials. We are working under the leadership of the Government of DRC, together with all relevant partners, united around one goal: to stop this outbreak and protect your communities. No one is working alone. No one is working at cross purposes. We are coordinated, we are committed, and we are here. That is why I am coming to Bunia. I will be there in person, alongside my colleagues, meeting your leaders, listening to your concerns, and doing everything in my power to help you. I will not be managing this from a comfortable office far away. This is the 17th Ebola outbreak in DRC. Together, you have overcome every single one before. That is not a small thing. That is a testament to the strength and resilience of your communities. I have seen that strength with my own eyes. My brothers and sisters of Ituri, I want you to know that the world is watching your courage. You are not forgotten. Together, we will overcome this outbreak, as you have overcome every challenge before. Your resilience is the light that guides us all. We will get through this one too. Not because of anyone, but because of you. Our teams are already on the ground, and they will stay for as long as necessary. And when this outbreak is over, we will not quietly disappear. We will not forget you. We will stay, and we will keep working with you to build health systems that protect every person in every community. I look forward to seeing you in Bunia soon. Until then, please know that you are in my thoughts. With respect and solidarity, Paluku Tedros Tedros Adhanom Ghebreyesus Director-General, World Health Organization"}, {"published": "2026-05-28 00:13", "relative_age": "10 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Controller%20Authentication%20Bypass%20Vulnerability%26vs_k=1", "topic_tag": "authentication", "cves": ["CVE-2026-20182"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The Indicators of Compromise section of this advisory includes Show Control Connections guidance to help with system checks. A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Important: To preserve possible indicators of compromise, customers should issue the request admin-tech command from each of the control components in the SD-WAN deployment before upgrading. After the admin-tech file has been collected, software should be upgraded at the earliest opportunity. Before upgrading an SD-WAN deployment to a fixed release, retain relevant logs. After upgrading, verify that the system has not been compromised by checking the logs for the indicators of compromise as documented in this advisory. If the logs show indicators of compromise and the system is confirmed to be compromised, applying the software update alone will not resolve the vulnerability. In such cases, follow the specific remediation steps that are provided by the Cisco Technical Assistance Center (TAC) to help secure the system. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW Security Impact Rating: Critical CVE: CVE-2026-20182"}, {"published": "2026-05-21 02:00", "relative_age": "17 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2025-34291 – Langflow Langflow", "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-34291", "topic_tag": "2025", "cves": ["CVE-2025-34291"], "vendor": "", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. This could allow the attacker to execute arbitrary code and achieve full system compromise via obtained tokens that permit access to authenticated endpoints. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-04"}, {"published": "2026-05-21 02:00", "relative_age": "17 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2026-34926 – Trend Micro Apex One", "link": "https://nvd.nist.gov/vuln/detail/CVE-2026-34926", "topic_tag": "2026", "cves": ["CVE-2026-34926"], "vendor": "", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-04"}, {"published": "2026-05-20 18:00", "relative_age": "18 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bgp-iefab-3hb2pwtx?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Nexus%203000%20and%209000%20Series%20Switches%20Border%20Gateway%20Protocol%20Denial%20of%20Service%20Vulnerability%26vs_k=1", "topic_tag": "3000", "cves": ["CVE-2026-20171"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect parsing of a transitive BGP attribute. An attacker could exploit this vulnerability by sending a crafted BGP update through an established BGP peer session. If the update propagates to an affected device, it could cause the device to drop the BGP session and flap with the BGP peer that is forwarding this update, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bgp-iefab-3hb2pwtx Security Impact Rating: Medium CVE: CVE-2026-20171"}, {"published": "2026-05-20 18:00", "relative_age": "18 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Secure Workload Unauthorized API Access Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Workload%20Unauthorized%20API%20Access%20Vulnerability%26vs_k=1", "topic_tag": "access", "cves": ["CVE-2026-20223"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy Security Impact Rating: Critical CVE: CVE-2026-20223"}, {"published": "2026-05-20 18:00", "relative_age": "18 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tevacert-rce-RMJVEym5?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ThousandEyes%20Virtual%20Appliance%20Authenticated%20Remote%20Code%20Execution%20Vulnerability%26vs_k=1", "topic_tag": "appliance", "cves": ["CVE-2026-20199"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input. An authenticated attacker could exploit this vulnerability by uploading a crafted certificate to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tevacert-rce-RMJVEym5 Security Impact Rating: Medium CVE: CVE-2026-20199"}, {"published": "2026-05-20 18:00", "relative_age": "18 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tebbot-cmdinj-wN3yQ5gn?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ThousandEyes%20Enterprise%20Agent%20BrowserBot%20Command%20Injection%20Vulnerability%26vs_k=1", "topic_tag": "agent", "cves": ["CVE-2026-20206"], "vendor": "Cisco", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the BrowserBot synthetics orchestration process. Cisco has addressed this vulnerability in the Cisco ThousandEyes Enterprise Agent, and no customer action is needed. This vulnerability was due to insufficient input validation of command arguments that are supplied by the user. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by authenticating to the ThousandEyes SaaS and submitting crafted input into the affected parameter. A successful exploit could have allowed the attacker to execute arbitrary commands within the BrowserBot container as the node user. To exploit this vulnerability, the attacker must have valid user credentials for the ThousandEyes SaaS and the ability to manage transaction tests. As mentioned, Cisco has addressed this vulnerability in the ThousandEyes service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tebbot-cmdinj-wN3yQ5gn Security Impact Rating: Medium CVE: CVE-2026-20206"}, {"published": "2026-05-20 02:00", "relative_age": "18 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2008-4250 – Microsoft Windows", "link": "https://nvd.nist.gov/vuln/detail/CVE-2008-4250", "topic_tag": "2008", "cves": ["CVE-2008-4250"], "vendor": "Microsoft", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-03"}, {"published": "2026-05-20 02:00", "relative_age": "18 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2009-1537 – Microsoft DirectX", "link": "https://nvd.nist.gov/vuln/detail/CVE-2009-1537", "topic_tag": "1537", "cves": ["CVE-2009-1537"], "vendor": "Microsoft", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-03"}, {"published": "2026-05-20 02:00", "relative_age": "18 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2009-3459 – Adobe Acrobat and Reader", "link": "https://nvd.nist.gov/vuln/detail/CVE-2009-3459", "topic_tag": "2009", "cves": ["CVE-2009-3459"], "vendor": "Adobe", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-03"}, {"published": "2026-05-20 02:00", "relative_age": "18 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2010-0249 – Microsoft Internet Explorer", "link": "https://nvd.nist.gov/vuln/detail/CVE-2010-0249", "topic_tag": "0249", "cves": ["CVE-2010-0249"], "vendor": "Microsoft", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-03"}, {"published": "2026-05-20 02:00", "relative_age": "18 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2010-0806 – Microsoft Internet Explorer", "link": "https://nvd.nist.gov/vuln/detail/CVE-2010-0806", "topic_tag": "0806", "cves": ["CVE-2010-0806"], "vendor": "Microsoft", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-03"}, {"published": "2026-05-20 02:00", "relative_age": "18 d", "source": "CISA KEV-katalog", "category": "security", "title": "CVE-2026-41091 – Microsoft Defender", "link": "https://nvd.nist.gov/vuln/detail/CVE-2026-41091", "topic_tag": "2026", "cves": ["CVE-2026-41091"], "vendor": "Microsoft", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Deadline: 2026-06-03"}, {"published": "2026-05-19 19:49", "relative_age": "19 d", "source": "Cisco PSIRT", "category": "security", "title": "Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Continued%20Evolution%20of%20Persistence%20Mechanism%20Against%20Cisco%20Secure%20Firewall%20Adaptive%20Security%20Appliance%20and%20Secure%20Firewall%20Threat%20Defense%26vs_k=1", "topic_tag": "adaptive", "cves": ["CVE-2025-20333", "CVE-2025-20362"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "On April 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an update to V1: Emergency Directive (ED) 25-03: Identify and Mitigate Potential Compromise of Cisco Devices related to Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) products. According to the update, the ArcaneDoor threat actor has developed a previously unknown persistence mechanism that is preserved across upgrading to the fixed releases that were published in September 2025. This persistence mechanism resides in the Cisco Firepower eXtensible Operating System (FXOS) Software base operating system for Cisco Secure Firewall ASA Software and Cisco Secure FTD Software installations on the affected hardware platforms. Note: According to the intelligence Cisco PSIRT has received to date, the initial compromise, begins with the attacker exploiting the following vulnerabilities before customers upgraded to the fixed releases that were made available in September 2025: CVE-2025-20333: Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability CVE-2025-20362: Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability For more information about the fixed releases that were made available in September 2025, see Cisco Event Response: Continued Attacks Against Cisco Firewalls. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03 Security Impact Rating: Informational"}, {"published": "2026-05-14 18:00", "relative_age": "24 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Catalyst SD-WAN Manager Vulnerabilities", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Manager%20Vulnerabilities%26vs_k=1", "topic_tag": "catalyst", "cves": ["CVE-2026-20209", "CVE-2026-20210", "CVE-2026-20224"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R Security Impact Rating: Critical CVE: CVE-2026-20209,CVE-2026-20210,CVE-2026-20224"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "Arbitrary log file read in administrative interface", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-138", "topic_tag": "administrative", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 4.0 An Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability [CWE-88] in FortiDeceptor WEB UI may allow an authenticated attacker with at least read-only admin permission to read log files via HTTP crafted requests. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "Command injection in CLI", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-131", "topic_tag": "command", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 6.1 An improper neutralization of special elements used in an OS command (\"OS Command Injection\") vulnerability [CWE-78] in FortiAP, FortiAP-U & FortiAP-W2 CLI may allow an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "DoS due to unsafe function in signal handler", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-137", "topic_tag": "function", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 5.2 A use of potentially Dangerous Function vulnerability [CWE-676] in FortiAnalyzer and FortiManager API may allow an authenticated attacker to cause a system hang via multiple specially crafted HTTP requests causing crashes. This happens if internal locks are aligned, which is out of control of the attacker. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "Hardcoded Encryption Key Used for VPN Saved Passwords", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-129", "topic_tag": "encryption", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 2.1 A Missing Authorization [CWE-862] in FortiClient Windows may allow an authenticated local attacker to decrypt a currently logged in users VPN password via use of an unprotected DLL function. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "Improper access control on API endpoints", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-128", "topic_tag": "access", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 9.1 An Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "Incorrect global authorization", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-136", "topic_tag": "authorization", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 9.1 A missing authorization vulnerability [CWE-862] in FortiSandbox, FortiSandbox Cloud and FortiSandbox PaaS WEB UI may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "OS command injection in CLI", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-133", "topic_tag": "command", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 6.5 An OS command injection vulnerabtility [CWE-78] in FortiAP and FortiAP-W2 cli may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted cli command. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "Out-of-bounds access in CAPWAP daemon", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-123", "topic_tag": "access", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 8.3 An Out-Of-Bounds Write vulnerability [CWE-787] in FortiOS capwap daemon may allow an attacker controlling an authenticated FortiAP FortiExtender or FortiSwitch to gain execution privileges on the FortiGate device Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "SQL command injection in administrative portal", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-132", "topic_tag": "administrative", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 6.3 An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiMail may allow an authenticated privileged attacker to execute unauthorized code or commands via specifically crafted HTTP or HTTPS requests. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-12 09:00", "relative_age": "26 d", "source": "Fortinet PSIRT", "category": "security", "title": "User controlled SQL commands", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-134", "topic_tag": "commands", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 5.1 An improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability [CWE-89] in FortiNDR may allow an authenticated attacker to execute arbitrary SQL commands on selected databases and tables via specifically crafted HTTP requests. Revised on 2026-05-12 00:00:00"}, {"published": "2026-05-06 18:00", "relative_age": "32 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Remote%20Code%20Execution%20and%20Server-Side%20Request%20Forgery%20Vulnerabilities%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2026-20034", "CVE-2026-20035"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to execute arbitrary code on or conduct server-side request forgery (SSRF) attacks through an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy Security Impact Rating: High CVE: CVE-2026-20034,CVE-2026-20035"}, {"published": "2026-05-06 18:00", "relative_age": "32 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-lite-agent-BCgSN8eb?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Enterprise%20Chat%20and%20Email%20Lite%20Agent%20File%20Upload%20Vulnerability%26vs_k=1", "topic_tag": "agent", "cves": ["CVE-2026-20172"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This vulnerability is due to inadequate validation of file contents during file upload operations. An attacker could exploit this vulnerability by uploading a file that contains malicious scripts or HTML code, which the application could make available to other users to access. A successful exploit could allow the attacker to execute the contents of that file in the browser of a user and conduct browser-based attacks. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-lite-agent-BCgSN8eb Security Impact Rating: Medium CVE: CVE-2026-20172"}, {"published": "2026-05-06 18:00", "relative_age": "32 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Identity Services Engine Authentication Bypass Vulnerabilities", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Authentication%20Bypass%20Vulnerabilities%26vs_k=1", "topic_tag": "authentication", "cves": ["CVE-2026-20193", "CVE-2026-20195"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to bypass authorization mechanisms or examine error messages to gain access to sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb Security Impact Rating: Medium CVE: CVE-2026-20193,CVE-2026-20195"}, {"published": "2026-05-06 18:00", "relative_age": "32 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Prime Infrastructure Information Disclosure Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-unauth-infodiscl-LFnLgmey?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Prime%20Infrastructure%20Information%20Disclosure%20Vulnerability%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2026-20189"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server. This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit this vulnerability by submitting a crafted URL request to an affected device. A successful exploit could allow the attacker to download sensitive log files that they would otherwise not have authorization to access. To exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-unauth-infodiscl-LFnLgmey Security Impact Rating: Medium CVE: CVE-2026-20189"}, {"published": "2026-05-06 18:00", "relative_age": "32 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Slido Insecure Direct Object Reference Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-slido-idor-CpsFmKxN?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Slido%20Insecure%20Direct%20Object%20Reference%20Vulnerability%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2026-20219"], "vendor": "Cisco", "cvss": null, "risk_level": "medium", "item_type": "cve", "summary": "A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed because of the presence of an insecure direct object reference. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by sending a crafted request to the vulnerable API endpoint. A successful exploit could have allowed the attacker to view the social profiles of other users or affect quiz and poll results. As mentioned, Cisco has addressed this vulnerability in the Slido service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-slido-idor-CpsFmKxN Security Impact Rating: Medium CVE: CVE-2026-20219"}, {"published": "2026-05-06 18:00", "relative_age": "32 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco IoT Field Network Director Vulnerabilities", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20IoT%20Field%20Network%20Director%20Vulnerabilities%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2026-20167", "CVE-2026-20168", "CVE-2026-20169"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "Multiple vulnerabilities in the web-based management interface of Cisco IoT Field Network Director Software could allow an authenticated, remote attacker to access files, execute commands, and cause denial of service (DoS) conditions on managed routers. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u Security Impact Rating: High CVE: CVE-2026-20167,CVE-2026-20168,CVE-2026-20169"}, {"published": "2026-05-06 18:00", "relative_age": "32 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20SG350%20and%20SG350X%20Series%20Managed%20Switches%20SNMP%20Denial%20of%20Service%20Vulnerability%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2026-20185"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches (SG350X) firmware could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when parsing response data for a specific SNMP request. An attacker could exploit this vulnerability by sending a specific SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMPv2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMPv3, the attacker must have valid SNMP user credentials for the affected system. Cisco has not released and will not release software updates that address this vulnerability because the affected products are past the date for End of Software Maintenance Releases. The Cisco Product Security Incident Response Team (PSIRT) will continue to evaluate and disclose security vulnerabilities that affect these products until the Last Date of Support is reached. There are no workarounds that address this vulnerability. However, there is a mitigation. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj Security Impact Rating: High CVE: CVE-2026-20185"}, {"published": "2026-05-05 20:21", "relative_age": "32 d", "source": "Cisco PSIRT", "category": "security", "title": "Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities", "link": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Stored%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1", "topic_tag": "cisco", "cves": ["CVE-2025-20204", "CVE-2025-20205"], "vendor": "Cisco", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG Security Impact Rating: Medium CVE: CVE-2025-20204,CVE-2025-20205"}, {"published": "2026-04-15 09:00", "relative_age": "53 d", "source": "Fortinet PSIRT", "category": "security", "title": "Out-Of-Bounds Write in administrative interface", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-127", "topic_tag": "administrative", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 6.7 An out-of-bounds write vulnerability [CWE-787] in FortiWeb CGI daemon may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests. Revised on 2026-04-15 00:00:00"}, {"published": "2026-04-14 09:00", "relative_age": "54 d", "source": "Fortinet PSIRT", "category": "security", "title": "Arbitrary directory delete on vmimages delete feature", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-115", "topic_tag": "arbitrary", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 6.2 An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in FortiSandbox, FortiSandbox Cloud, FortiSandbox PaaS and FortiSandbox Cloud WEB UI may allow a privileged attacker with super-admin profile and CLI access to delete an arbitrary directory via HTTP crafted requests. Revised on 2026-04-14 00:00:00"}, {"published": "2026-04-14 09:00", "relative_age": "54 d", "source": "Fortinet PSIRT", "category": "security", "title": "Clear-text credentials retrievable with IP modification for LDAP", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-105", "topic_tag": "clear", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 4.1 A Storing Passwords in a Recoverable Format vulnerability [CWE-257] in FortiSOAR may allow an authenticated remote attacker to retrieve Service account password via server address modification in LDAP configuration. Revised on 2026-04-14 00:00:00"}, {"published": "2026-04-14 09:00", "relative_age": "54 d", "source": "Fortinet PSIRT", "category": "security", "title": "Clear-text credentials retrievable with IP modification for connectors", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-104", "topic_tag": "clear", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 4.1 A Storing Passwords in a Recoverable Format vulnerability [CWE-257] in FortiSOAR may allow an authenticated remote attacker to retrieve passwords for multiple installed connectors via server address modification in connector configuration. Revised on 2026-04-14 00:00:00"}, {"published": "2026-04-14 09:00", "relative_age": "54 d", "source": "Fortinet PSIRT", "category": "security", "title": "Cleartext Credentials in response for API endpoints", "link": "https://fortiguard.fortinet.com/psirt/FG-IR-26-106", "topic_tag": "cleartext", "cves": [], "vendor": "Cisco", "cvss": 3.0, "risk_level": "low", "item_type": "advisory", "summary": "CVSSv3 Score: 6.2 A Cleartext Transmission of Sensitive Information vulnerability [CWE-319] in FortiSOAR may allow an authenticated attacker to view cleartext password in response for Secure Message Exchange and Radius queries, if configured Revised on 2026-04-14 00:00:00"}, {"published": "2023-11-03 21:15", "relative_age": "946 d", "source": "NVD (National Vulnerability Database)", "category": "security", "title": "CVE-2022-44569", "link": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-44569", "topic_tag": "2022", "cves": ["CVE-2022-44569"], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication."}, {"published": "2023-11-03 02:15", "relative_age": "947 d", "source": "NVD (National Vulnerability Database)", "category": "security", "title": "CVE-2017-7252", "link": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7252", "topic_tag": "2017", "cves": ["CVE-2017-7252"], "vendor": "", "cvss": null, "risk_level": "low", "item_type": "cve", "summary": "bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password."}]