Skip to main content

Coverage

Vulnerabilities

903 articles on vulnerability disclosures and exploits

Advertisement

CVE-2026-48558: SimpleHelp OIDC Authentication Bypass & Malware
CRITICAL
Vulnerabilities

CVE-2026-48558: SimpleHelp OIDC Authentication Bypass & Malware

Threat actors are actively exploiting CVE-2026-48558, a critical SimpleHelp OpenID Connect authentication bypass vulnerability, to deploy TaskWeaver and Djinn Stealer

Runtime Rebel Intel
5 min read·Jun 30, 2026
Critical Flaw Exposes Indian Government Data in National Portal
CRITICAL
Vulnerabilities

Critical Flaw Exposes Indian Government Data in National Portal

A critical vulnerability and several others exposed private data within Indian government systems, allowing potential takeover of a national portal.

Runtime Rebel Intel
4 min read·Jun 30, 2026
Djinn Stealer Targets Cloud & AI Credentials via SimpleHelp CVE-2026-48558
CRITICAL
Malware

Djinn Stealer Targets Cloud & AI Credentials via SimpleHelp CVE-2026-48558

Analysis of Djinn Stealer, an infostealer delivered via critical SimpleHelp CVE-2026-48558, targeting cloud and AI development credentials.

Runtime Rebel Intel
4 min read·Jun 30, 2026
VU
CRITICAL
Vulnerabilities

Critical SimpleHelp Vulnerability Exploited for Malware Delivery

A critical vulnerability in SimpleHelp is actively exploited to deploy malware, targeting credentials, SSH keys, and crypto wallets. Immediate patching is essential.

Runtime Rebel Intel
4 min read·Jun 30, 2026
CVE-2026-8037: Progress Kemp LoadMaster Pre-Auth RCE Threat
CRITICAL
Vulnerabilities

CVE-2026-8037: Progress Kemp LoadMaster Pre-Auth RCE Threat

A critical pre-authentication RCE (CVE-2026-8037) in Progress Kemp LoadMaster allows unauthenticated attackers to execute root commands via a crafted API request. Patch

Runtime Rebel Intel
4 min read·Jun 30, 2026
VU
CRITICAL
Vulnerabilities

CVE-2024-2821: Critical RCE in Daktronics Controllers — Patch Now

Critical vulnerabilities (CVE-2024-2821, CVE-2024-2822, CVE-2024-2823) in Daktronics Venus 1500 and Vanguard controllers allow remote hacking of highway signs and

Runtime Rebel Intel
3 min read·Jun 30, 2026
DA
HIGH
Data Breach

ShinyHunters Breach NAIC via PeopleSoft Zero-Day: Public Data Stolen

ShinyHunters exploited an Oracle PeopleSoft zero-day to breach NAIC, exfiltrating public data, logs, and configuration files. Review PeopleSoft security.

Runtime Rebel Intel
3 min read·Jun 30, 2026
DA
HIGH
Data Breach

Nissan Breach: Oracle PeopleSoft Zero-Day Exploited by ShinyHunters

Nissan discloses a data breach impacting current and former employees, attributed to an exploited Oracle PeopleSoft zero-day vulnerability linked to the ShinyHunters

Runtime Rebel Intel
5 min read·Jun 30, 2026
VU
HIGH
Vulnerabilities

Weak RSA Keys with Many Zeros Found In-the-Wild: Factoring Risk

New research reveals a class of weak RSA keys containing many zero bits, making them vulnerable to factoring. These keys are present in TLS, SSH, and PGP deployments,

Runtime Rebel Intel
5 min read·Jun 29, 2026
VU
HIGH
Vulnerabilities

DirtyClone: Linux Kernel Privilege Escalation via Page Cache Manipulation

DirtyClone, a variant of DirtyFrag, allows unprivileged local users to exploit a Linux kernel flaw to manipulate the page cache and achieve root privileges.

Runtime Rebel Intel
4 min read·Jun 29, 2026
libssh2 1.11.1 RCE via CVE-2026-55200 — Mitigation Guide
CRITICAL
Vulnerabilities

libssh2 1.11.1 RCE via CVE-2026-55200 — Mitigation Guide

Exploit analysis and mitigation for CVE-2026-55200, a critical client-side RCE in libssh2 affecting versions up to 1.11.1. Public PoC now available.

Runtime Rebel Intel
3 min read·Jun 29, 2026
Declining Confidence in Autonomous Penetration Testing: 2024 Analysis
INFO
Threat Intel

Declining Confidence in Autonomous Penetration Testing: 2024 Analysis

Security leaders are re-evaluating autonomous penetration testing due to accuracy concerns, shifting focus toward human-led automated security validation.

Runtime Rebel Intel
3 min read·Jun 27, 2026