Browsing Category
Security
62 posts
Cybersecurity news, software supply chain risk, privacy threats, and practical security guidance.
LiteLLM Exploit Puts AI Gateways on a June 22 Patch Deadline
CISA’s June 22 remediation deadline for CVE-2026-42271 puts LiteLLM AI gateways on the security team’s priority list. The flaw affects MCP test endpoints, can expose model-provider credentials, and may become unauthenticated RCE when chained with a Starlette host-header bypass.
DeepMind’s AI Control Roadmap Makes Agent Security a Runtime Problem
Google DeepMind’s AI Control Roadmap treats powerful internal AI agents as systems that need monitoring, access limits, response plans, and shutdown paths. The framework is a signal for enterprises moving from chatbots to tool-using agents: alignment claims are no longer enough if the agent can touch code, data, infrastructure, or security workflows.
FortiSandbox Exploits Put Fortinet Appliances on a Patch Clock
Attackers are probing three critical FortiSandbox vulnerabilities that can expose Fortinet malware-analysis appliances to authentication bypass and command execution. Security teams should verify FortiSandbox 4.4 and 5.0 patch levels, check whether management interfaces are reachable, and review logs for exploit attempts rather than treating the April and June fixes as routine maintenance.
AryStinger Botnet Turns Old Routers Into Attack Proxies
Security researchers say AryStinger has compromised more than 4,300 legacy routers, turning aging home and small-office gear into proxy and reconnaissance infrastructure. The campaign is a reminder that end-of-life routers are not just slow or outdated; they can become someone else’s attack platform.
Microsoft Defender RoguePlanet Zero-Day Leaves Windows Teams Waiting for a Patch
Microsoft has acknowledged RoguePlanet, a Microsoft Defender elevation-of-privilege flaw tracked as CVE-2026-50656, but a patch is still in development. The public proof of concept turns Defender’s own file-handling workflow into a path to SYSTEM privileges, so Windows teams should tighten execution controls and monitoring while they wait for Microsoft’s fix.
Cisco ISE Flaws Put Network Access Control on a Patch Clock
Cisco patched two Identity Services Engine flaws that can expose hashed credentials and let an authenticated attacker run commands on the underlying operating system. The urgency is highest for teams running ISE 3.4, ISE 3.5, or ISE-PIC, especially because one Cisco ISE 3.5 fix is not due in the normal patch stream until August.
Gravity SMTP Exploit Puts WordPress Mail API Keys at Risk
Attackers are actively exploiting CVE-2026-4020 in the Gravity SMTP WordPress plugin, a flaw that can expose mail-service API keys, OAuth tokens, plugin versions, and server details. Site owners should update to Gravity SMTP 2.1.5 or later, check logs, and rotate affected email credentials.
Apple’s Beats Studio Buds Patch Fixes a Bluetooth Eavesdropping Risk
Apple’s Beats Firmware Update 1B211 fixes CVE-2025-20701, a Bluetooth pairing flaw that could let a nearby attacker listen through unpaired Beats Studio Buds while they are seeking pairing requests. Here is what changed and how to check your firmware.
AWS AgentCore Turns Enterprise AI Agents Into an Operations Stack
AWS used its New York Summit to expand Bedrock AgentCore, launch AWS Context and AWS Continuum, and push AI agents deeper into enterprise operations. The real story is not another chatbot layer, but a managed stack for grounding, governing, testing, and remediating agent behavior.
SearchLeak Shows How Microsoft 365 Copilot Search Can Become a Data Leak
Varonis disclosed SearchLeak, a patched Microsoft 365 Copilot Enterprise Search vulnerability chain that could turn one trusted-looking Microsoft link into a path for stealing emails, files, calendar data, and MFA codes.