Skip to content
Security News, Assessments & Alerts Page 6

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

What Changes When Your Software Supply Chain Includes AI Writing Your Code?

What Changes When Your Software Supply Chain Includes AI Writing Your Code?

The Hacker NewsJul 07, 2026AI Security / Software Supply Chain Software supply chain security was hard enough. Then AI joined the build pipeline. For five years, “software supply chain security” meant one question: what’s in… 

Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities

Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities

A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign. The activity involves the exploitation… 

CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware

CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware

Ravie LakshmananJul 07, 2026 Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices’ web management interfaces, the… 

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

Ravie LakshmananJul 07, 2026Vulnerability / Enterprise Security BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers… 

Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

An Iranian hacking group affiliated with Iran’s Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations. The activity, which has primarily… 

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux’s KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed ‘Januscape‘ and tracked as CVE-2026-53359, the flaw sits… 

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Ravie LakshmananJul 06, 2026Vulnerability / DevOps Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS score:…