Author: cyberknight
-
Google Chrome zero-day vulnerability (CVE-2026-11645)
CVE-2026-11645 is a high-severity vulnerability in the Google Chrome V8 JavaScript engine.Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability is an actively exploited in the wild, making this a zero-day vulnerability,…
-
Booking.com data breach confirmed in April 2026: millions of data exfiltrated to package fraudulent phishing attacks
On April 13, 2026, Booking.com confirmed a security incident in which unauthorized third parties accessed customers’ booking information. The company began notifying affected users via email as early as April 12, warning them of the potential exposure of personal and reservation details. The data breach primarily affected booking information. The exposed data reportedly pertains to…
-
Ivanti Endpoint Manager Mobile (EPMM) zero-day vulnerabilities (CVE-2026-1281 and CVE-2026-1340)
CVE-2026-1281 is a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager Mobile (EPMM). It stems from a code injection flaw in the product’s web services that allows an unauthenticated attacker to send crafted requests and execute arbitrary code on a vulnerable system without needing to log in. CVE-2026-1340 is also a critical code…
-
Global Alert: React2Shell (CVE-2025-55182) Exploitation Escalated
On 16 December 2025, after several days its public disclosure, the critical React2Shell vulnerability (CVE-2025-55182) continues to be widely exploited worldwide, with both the breadth of compromised systems and the number of threat actors involved rising sharply. Researchers have tracked at least 30 confirmed organizational breaches attributed to this flaw and estimate that tens of…
-
React2Shell vulnerability (CVE-2025-55182) Widely Exploited
React2Shell is a critical unauthenticated remote code execution vulnerability tracked as CVE-2025-55182 in React Server Components and related frameworks like Next.js. The flaw arises because unsafe de-serialization in the internal Flight protocol allows attackers, without logging in or valid credentials, to send a specially crafted HTTP request that gets executed on the server. This gives…
-
React Server Components (RSC) security vulnerability (React2Shell) (CVE-2025-55182)
CVE-2025-55182 is a critical pre-authentication remote code execution vulnerability in React Server Components. It affects specifically versions 19.0.0, 19.1.0, 19.1.1 and 19.2.0 of RSC packages: and frameworks that use these affected packages, including Next.js 15.x and 16.x using the App Router. The vulnerability has a maximum severity rating of CVSS 10.0. The vulnerable code unsafely…
-
Scattered LAPSUS$ Hunters (SLH)
Scattered LAPSUS$ Hunters (SLH) is a federated cybercriminal alliance that publicly emerged in early August 2025. It unites three previously distinct but well-known hacker groups—Scattered Spider, LAPSUS$, and ShinyHunters—under a shared brand and operational umbrella. Rather than functioning as a single hierarchical organization, SLH operates as a brand-level coalition, centralizing extortion operations, recruitment, and public…
-
Jaguar Land Rover cyberattack
In late August 2025, Jaguar Land Rover (JLR) suffered a major cyberattack that forced an emergency shutdown of critical IT systems and halted production at all UK plants. On 31 August, the company proactively powered down key systems to contain the breach. Dealers were unable to register new vehicles, parts supply systems were offline, and…
-
AI-Driven Malware
Malware that leverages artificial intelligence (AI) marks a shift in cyber-threat methodology: rather than purely static payloads, these threats incorporate aspects of generative or adaptive AI (such as large language models) as part of their execution logic. While traditional malware evolution (polymorphism, obfuscation) has progressed incrementally over decades, the embedding of AI into malware reflects…
-
NVIDIA security vulnerability (CVE-2025-23352)
CVE-2025-23352 is a vulnerability identified in NVIDIA’s vGPU software, specifically in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. If exploited successfully, it can lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Affected versions include all releases prior to and including version 19.1,…
-
Oracle E-Business Suite security vulnerability (CVE-2025-61884)
CVE-2025-61884 is a high-severity security vulnerability in the Oracle E-Business Suite (EBS), specifically in the Oracle Configurator product’s Runtime UI component. The flaw allows an unauthenticated attacker with network access via HTTP to compromise Oracle Configurator and gain unauthorized access to sensitive data. Because the affected component is often exposed to internal and external networks,…
-
Vulnerabilities of Zero Trust Security: Critical Points and the Role of AI Agents
Zero Trust Security (ZTS) Zero Trust Security (ZTS) is a cybersecurity model in which no user, device, network location or system component is implicitly trusted. Instead, every access request to a resource must be verified continuously — based on identity, device posture, access context, and risk-signals. According to the National Institute of Standards and Technology…