17Articles
5Categories
2026-02-04Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
4 FebZDI-26-061: NVIDIA Triton Inference Server EVBufferToJson Uncaught Exception Denial-of-Service VulnerabilityThis vulnerability allows remote attackers to create a denial-of-service condition on affected installations of NVIDIA Triton Inference Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned…ZERODAYINITIATIVE.COM
4 FebZDI-26-060: NVIDIA Megatron-LM load_base_checkpoint Deserialization of Untrusted Data Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of NVIDIA Megatron-LM. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS ra…ZERODAYINITIATIVE.COM
⚠️ VULNERABILITY DISCLOSURE 7[−]
4 FebCritical Cybersecurity Updates: Fortinet, Docker, and Android MalwareIn this episode of Cybersecurity Today, Jim Love covers major vulnerabilities and security threats, including the exposure of over 3 million Fortinet devices, a critical flaw in Docker's AI assistant, and a sophisticated Android malware campaign using Hugging Face repositories. D…CYBERSECURITYTODAY.LIBSYN.COM
4 FebOfferUp scammers are out in force: Here’s what you should knowThe mobile marketplace app has a growing number of users, but not all of them are genuine. Watch out for these common scams.WELIVESECURITY.COM
4 Feb[remote] Redis 8.0.2 - RCERedis 8.0.2 - RCEEXPLOIT-DB.COM
4 Feb[remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCEIngress-NGINX Admission Controller v1.11.1 - FD Injection to RCEEXPLOIT-DB.COM
4 Feb[webapps] aiohttp 3.9.1 - directory traversal PoCaiohttp 3.9.1 - directory traversal PoCEXPLOIT-DB.COM
4 Feb[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code ExecutionFortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code ExecutionEXPLOIT-DB.COM
4 FebRisky Business #823 -- Humans impersonate clawdbots impersonating humansPatrick Gray and Adam Boileau are joined by the newest guy on the Risky Business Media team, James WIlson. They discuss the week’s cybersecurity news, including: Notepad++ update supply chain attack has been attributed to China The AI agent future is even more stupid than expecte…RISKY.BIZ
🔥 INCIDENT REPORTING 1[−]
4 FebWeekly Update 489Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite This week I'm in Hong Kong, and the day after recording, I gave the talk shown in the image above at INTERPOL's Cybercrime Ex…TROYHUNT.COM
🕵️ THREAT INTELLIGENCE 3[−]
4 FebNews alert: MomentProof brings cryptographic proof to insurance claims as AI manipulation risesWASHINGTON, Feb. 4, 2026, CyberNewswire — MomentProofShow us, Inc., a provider of AI-resilient digital asset certification and verification technology, today announced the successful deployment of MomentProof Enterprise for AXA, enabling cryptographically authentic, tamper-proof …LASTWATCHDOG.COM
4 FebNews alert: One Identity brings in new CTO to modernize legacy platforms for SaaS-first customersALISA VIEJO, Calif., Feb. 4, 2026, CyberNewswire — One Identity , a leader in unified identity security , today announced the appointment of Gihan Munasinghe as Chief Technology Officer. Munasinghe brings more than 15 years of experience leading global engineering … (more…)…LASTWATCHDOG.COM
4 FebNew Year, New Program, New OpportunitiesPalo Alto Networks is evolving its NextWave Partner Program in 2026, unifying it with the value exchange framework for clearer, more scalable growth. The post New Year, New Program, New Opportunities appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
📡 INFOSEC NEWS 4[−]
4 FebRublevka Team: Anatomy of a Russian Crypto Drainer OperationRublevka Team exemplifies the industrialization of crypto scams. Learn how traffer teams and wallet drainers enable high-volume theft.RECORDEDFUTURE.COM
4 Feb[remote] windows 10/11 - NTLM Hash Disclosure Spoofingwindows 10/11 - NTLM Hash Disclosure SpoofingEXPLOIT-DB.COM
4 Feb[webapps] OctoPrint 1.11.2 - File UploadOctoPrint 1.11.2 - File UploadEXPLOIT-DB.COM
4 Feb[local] Docker Desktop 4.44.3 - Unauthenticated API ExposureDocker Desktop 4.44.3 - Unauthenticated API ExposureEXPLOIT-DB.COM