Skip to content
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Ravie LakshmananApr 22, 2026Vulnerability / Cryptography Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS… 

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Ravie LakshmananApr 22, 2026Cyber Espionage / Malware Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector. “The backdoor communicates with a… 

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

Ravie LakshmananApr 22, 2026Vulnerability / Container Security A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3… 

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control (C2 or C&C) server…