Category of intelligence

Vulnerabilities

News about security failures, exploits and vulnerabilities in systems

Stories published: 742 Showing up 9 articles per page

Vulnerability security alert CVE-2026-39987 in Marimo allows remote execution and deployment of NKAbuse via Hugging Face Spaces

Vulnerabilities

April 16, 2026 5 min de lectura 119

Vulnerability security alert CVE-2026-39987 in Marimo allows remote execution and deployment of NKAbuse via Hugging Face Spaces

In a matter of days, a wave of take-off on critical vulnerability was unleashed in Marimo, an interactive Python environment oriented to reactive notebooks, and the attackers have…

Google uses Gemini to stop maldumping and block millions of malicious ads

Vulnerabilities

April 16, 2026 4 min de lectura 103

Google uses Gemini to stop maldumping and block millions of malicious ads

Google has recognized that it is increasingly using its Gemini models to identify and block malicious ads within its advertising networks, as scammers refine techniques to overcom…

Vulnerabilities

April 16, 2026 4 min de lectura 105

Cisco Alert Four critical vulnerabilities in ISE and Webex Services that allow remote code execution identity supplanting and node drop update patches now

Cisco has published corrections for four critical vulnerabilities that affect its Identity Services (ISE) services and Webex Services related functions. These failures potentially…

The campaign coming in by mshta: deception, LNK files and system tools to infiltrate hospitals in Ukraine

Vulnerabilities

April 16, 2026 5 min de lectura 117

The campaign coming in by mshta: deception, LNK files and system tools to infiltrate hospitals in Ukraine

A new wave of intrusions that has hit public agencies and health centres - especially clinics and emergency hospitals - again shows how attackers mix traditional techniques with m…

Critical alert: nginx-ui allows you to take full control of Nginx without credentials (CVE-2026-33032)

Vulnerabilities

April 16, 2026 4 min de lectura 175

Critical alert: nginx-ui allows you to take full control of Nginx without credentials (CVE-2026-33032)

A critical vulnerability in the Nginx management web component known as nginx-ui - specifically in its support of the Model Context Protocol (MCP) protocol - is being exploited in…

AgingFly the threat that comes by mail is made up in real time from the C2 and points to local governments and hospitals

Vulnerabilities

April 15, 2026 4 min de lectura 103

AgingFly the threat that comes by mail is made up in real time from the C2 and points to local governments and hospitals

Ukraine's incident response teams recently identified a new malware family that have baptized as AgingFly, deployed in campaigns directed against local authorities and health cent…

The dark face of automation and how n8n becomes phishing and malware channel

Vulnerabilities

April 15, 2026 5 min de lectura 108

The dark face of automation and how n8n becomes phishing and malware channel

Automation tools that promise to save time and connect apps in seconds are being reused by attackers to put phishing and malware into mail boxes. According to a recent report from…

The campaign that turned a PUP into a back door capable of disabling defenses

Vulnerabilities

April 15, 2026 6 min de lectura 98

The campaign that turned a PUP into a back door capable of disabling defenses

Security researchers have uncovered a worrying campaign in which a set of programs listed in principle as potentially unwanted software (PUP) not only showed ads: it hid an update…

CISA alert critical failure in Windows that allows you to climb privileges and take control of the computer

Vulnerabilities

April 15, 2026 4 min de lectura 97

CISA alert critical failure in Windows that allows you to climb privileges and take control of the computer

The US Agency for Infrastructure and Cybersecurity. U.S. (CISA) has alerted government agencies for critical vulnerability on Windows that, if not remedied, allows a local attacke…

Explore RadarBytes

Vulnerabilities

Vulnerability security alert CVE-2026-39987 in Marimo allows remote execution and deployment of NKAbuse via Hugging Face Spaces

Google uses Gemini to stop maldumping and block millions of malicious ads

Cisco Alert Four critical vulnerabilities in ISE and Webex Services that allow remote code execution identity supplanting and node drop update patches now

The campaign coming in by mshta: deception, LNK files and system tools to infiltrate hospitals in Ukraine

Critical alert: nginx-ui allows you to take full control of Nginx without credentials (CVE-2026-33032)

AgingFly the threat that comes by mail is made up in real time from the C2 and points to local governments and hospitals

The dark face of automation and how n8n becomes phishing and malware channel

The campaign that turned a PUP into a back door capable of disabling defenses

CISA alert critical failure in Windows that allows you to climb privileges and take control of the computer

Disable your ad blocker

Vulnerabilities

Manage your cookies