Category of intelligence

Malware

News about viruses, Ransomware, Trojans and other malicious software

Stories published: 540 Showing up 9 articles per page

CVE-2026-42897: the vulnerability of Exchange that allows XSS in OWA and session theft

Malware

May 15, 2026 3 min de lectura 45

CVE-2026-42897: the vulnerability of Exchange that allows XSS in OWA and session theft

Microsoft has confirmed critical vulnerability in Exchange Server identified as CVE-2026-42897 that allows the execution of code in the browser context through a cross-site scribi…

Critical alert CVE-2026-20182 in Cisco SD-WAN already in operation and at risk of taking full control

Malware

May 15, 2026 4 min de lectura 36

Critical alert CVE-2026-20182 in Cisco SD-WAN already in operation and at risk of taking full control

The inclusion by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) of the vulnerability CVE-2026-20182 in its "Known Exploited Vulnerabilities" catalogue requires t…

Security alert: CVE-2026-8181 allows WordPress administrators to take control via Burst Statistics (200,000 sites at risk)

Malware

May 14, 2026 4 min de lectura 35

Security alert: CVE-2026-8181 allows WordPress administrators to take control via Burst Statistics (200,000 sites at risk)

A critical failure in the Burst Statistics plugin (CVE-2026-8181) is being exploited to get access with administrator privileges on WordPress, which turns sites that use this plug…

Critical alert: CVE-2026-20182 allows to supplant peers and take administrative control at Catalyst SD-WAN

Malware

May 14, 2026 4 min de lectura 40

Critical alert: CVE-2026-20182 allows to supplant peers and take administrative control at Catalyst SD-WAN

Cisco has confirmed that a critical vulnerability is being exploited in active attacks at Catalyst SD-WAN Controller, registered as CVE-2026-20182 (CVSS 10.0) which allows to skip…

CVE-2026-42945 alert in NGINX: the memory overflow that could cause DoS and remote code execution

Malware

May 14, 2026 4 min de lectura 43

CVE-2026-42945 alert in NGINX: the memory overflow that could cause DoS and remote code execution

A critical memory failure in NGINX, identified as CVE-2026-42945 again shows that even massively deployed software projects can drag historical defects with current impact. Vulner…

CVE 2026 44338 exposes PraisonAI with disable authentication and untouched access to agents

Malware

May 14, 2026 4 min de lectura 41

CVE 2026 44338 exposes PraisonAI with disable authentication and untouched access to agents

In recent weeks it was confirmed that malicious actors began to exploit, within hours, an authentication failure in PraisonAI, an open source framework for multiple agent orchestr…

KongTuke redefines the IAB with rapid and persistent intrusions into corporate networks through Teams

Malware

May 14, 2026 4 min de lectura 39

KongTuke redefines the IAB with rapid and persistent intrusions into corporate networks through Teams

An initial access corridor (IAB) identified as KongTuke has changed its delusion vector to Microsoft Teams, in some cases achieving a persistent intrusion into corporate networks …

YellowKey and GreenPlasma Amend Windows with BitLocker Bypass and Pride Elevation

Malware

May 14, 2026 5 min de lectura 43

YellowKey and GreenPlasma Amend Windows with BitLocker Bypass and Pride Elevation

An anonymous researcher who signs as Chaotic Eclipse / Nightmare -Eclipse has once again shaken the Windows ecosystem with two new zero- days - baptized by him as YellowKey and Gr…

Critical Alert: Exim with GnuTLS exposed to remote execution by failure use-after-free in BDAT (CVE-2026-45185)

Malware

May 12, 2026 4 min de lectura 61

Critical Alert: Exim with GnuTLS exposed to remote execution by failure use-after-free in BDAT (CVE-2026-45185)

Exim has published a critical update that corrects a post-memory-release vulnerability (use-after-free) in the analysis of the BDAT message body when the TLS battery is implemente…

Explore RadarBytes

Malware

CVE-2026-42897: the vulnerability of Exchange that allows XSS in OWA and session theft

Critical alert CVE-2026-20182 in Cisco SD-WAN already in operation and at risk of taking full control

Security alert: CVE-2026-8181 allows WordPress administrators to take control via Burst Statistics (200,000 sites at risk)

Critical alert: CVE-2026-20182 allows to supplant peers and take administrative control at Catalyst SD-WAN

CVE-2026-42945 alert in NGINX: the memory overflow that could cause DoS and remote code execution

CVE 2026 44338 exposes PraisonAI with disable authentication and untouched access to agents

KongTuke redefines the IAB with rapid and persistent intrusions into corporate networks through Teams

YellowKey and GreenPlasma Amend Windows with BitLocker Bypass and Pride Elevation

Critical Alert: Exim with GnuTLS exposed to remote execution by failure use-after-free in BDAT (CVE-2026-45185)

Disable your ad blocker

Malware

Manage your cookies