16Articles
3Categories
2026-05-17Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
17 May KEVNGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCEA newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck. The vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buffer overflow in ngx_http_rewr…THEHACKERNEWS.COM
17 MaySECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter JDownloader site hacked to replace installers with Python RAT malware     New TrickMo Variant: Device Take …SECURITYAFFAIRS.COM
⚠️ VULNERABILITY DISCLOSURE 9[−]
17 MayPwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million TotalPwn2Own Berlin 2026 ended with 47 zero-days and $1.29M in payouts, as DEVCORE dominated the competition across all categories. Pwn2Own Berlin 2026 ended after three intense days, with participants discovering 47 unique zero-days, and earning $1,298,250 in total payouts. Pwn2Own B…SECURITYAFFAIRS.COM
17 MayGrafana GitHub Token Breach Led to Codebase Download and Extortion AttemptGrafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its codebase. "Our investigation has determined that no customer data or personal information was accessed during this inciden…THEHACKERNEWS.COM
17 MayWeek in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploitedHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security…HELPNETSECURITY.COM
17 MayGitHub Actions Cache Poisoning is eating open sourcesubmitted by codeinabox to security 3 points | 0 comments https://neciudan.dev/github-actions-poisoningPROGRAMMING.DEV
17 MayPwn2Own Berlin 2026 concludes with $1.29 million paid for 47 zero-daysPwn2Own Berlin 2026 wrapped up with another string of successful enterprise-targeted exploits, bringing the contest’s final tally to $1,298,250 awarded for 47 unique zero-day vulnerabilities discovered over three days. DEVCORE secured the “Master of Pwn” title with 50.5 points an…CYBERINSIDER.COM
17 MaySecurity Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITIONA new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers exploit Funnel Buil…SECURITYAFFAIRS.COM
17 May KEVAttackers exploit Funnel Builder bug to inject e-skimmers into e-storesAttackers are exploiting a critical flaw in the WordPress Funnel Builder plugin to inject skimming code into WooCommerce checkout pages. A critical vulnerability in the WordPress Funnel Builder plugin is being actively exploited to inject malicious JavaScript into WooCommerce che…SECURITYAFFAIRS.COM
17 MayiodéOS review: Privacy-focused Android that doesn’t get in your wayiodéOS is a privacy-oriented Android operating system developed by the French company iodé, based on the Android Open Source Project (AOSP). The project focuses on reducing user tracking and dependence on Google services while still maintaining broad Android app compatibility and…CYBERINSIDER.COM
17 MayDebian 13.5 point release lands with security fixes, bug patchesDebian 13.5 is the fifth point release for the stable distribution “trixie.” The update folds in roughly 100 Debian Security Advisories and corrections for more than 130 source packages, covering everything from the Linux kernel and Apache HTTP Server to OpenSSH, sudo…HELPNETSECURITY.COM
🎙️ PODCASTS 1[−]
17 MayFrom cyberspace to space-cyber.For years, in-space internet capabilities were rarely worth the hassle. Now, that’s changing. In today’s episode, ⁠Maria Varmazis⁠ and ⁠Ethan Cook⁠ sit down to discuss how internet data moves through space systems and its recent advancements. For decades, GEO satellites made up m…THECYBERWIRE.COM