Patches cover "Debian, Ubuntu, Alma Linux, and many others. However, some newer distributions that run the latest Linux 7.0 kernel, such as Ubuntu 26.04 LTS, do not appear to be affected by this vulnerability."9to5Linux: Copy Fail Linux Kernel Vulnerability Now Patched in Debian, Ubuntu, and Others https://9to5linux.com/copy-fail-linux-kernel-vulnerability-now-patched-in-debian-ubuntu-and-others @9to5linux @mariusnestor #Linux #infosec #vulnerability #Ubuntu

Your encrypted data just got stolenYour encrypted messages feel safe. They are not.https://www.youtube.com/shorts/7VhvhLbHBF4#cybersecurity #linuxkernel #datasecurity #infosec #patchnow #hacking #cve #vulnerability #threatintel #security

THREAT INTEL | or-technology.com🟢 Actor "stormous" claims UndisclosedAllegedly exposed• Financial records• Project files• Corporate data️ Unverified claimhttps://www.yazoul.net/intel/claim/2026-05-03-or-technology-ransomware-claim-by-stormous-may-2026#DarkWeb #DataBreach #ThreatIntel #CyberSecurity #InfoSec

New security advisory:CVE-2026-42403 affects Apache Neethi.• Impact: Significant security breach potential• Risk: Unauthorized access or data exposure• Mitigation: Apply patches within 24-48 hoursFull breakdown:https://www.yazoul.net/advisory/cve/cve-2026-42403-apache-neethi-stack-overflow-via-circular-refs#InfoSec #ZeroDay #ThreatIntel

Debunkage de la vidéo sur les mots de passe de Fabien Olicard : mémorabilité, densité et entropie irréconciliables ?https://docs.numerique.gouv.fr/docs/4805aabe-79e1-4101-9efe-f18496a11dec/Nouvel article argumentant notamment que toute structure dans une mot de passe nuit à sa qualité !#infosec #olicard #fabienolicard #password #motdepasse

HTTP Request Smuggling is not just a WAF bypass trick.Most people miss the real issue:The vulnerability comes from differences in how HTTP requests are parsed between:* reverse proxy (frontend)* backend serverCL.TE / TE.CL are only the basic cases. The deeper issues are more subtle:* HTTP/2 to HTTP/1.1 translation ambiguity* parsing inconsistencies across proxy chains* cache poisoning via request desynchronization* session hijacking without traditional auth or RCE bugsCore idea:One request can be interpreted as two different requests depending on which layer processes it.The exploit happens in that mismatch.It is not an application bug in the usual sense.It is a systemic parsing disagreement across the HTTP stack.#infosec #pentesting #websecurity #bugbounty

NEW:Yesterday, the USAO in Maryland issued a press release stating that Matthew Bathula, a clinical pharmacy specialist, had been charged with unauthorized access and ID theft involving patients at "Company A" -- a medical system in Maryland. 195 patients have been notified. If you read the DOJ presser, it alleges a lot of activities that go waaaay beyond the usual insider "snooping." A little digging revealed that "Company A" is the University of Maryland Medical Center, where Bathula was employed during the years of alleged wrongdoing. Read the presser and more at:https://databreaches.net/2026/05/02/maryland-pharmacist-indicted-on-unauthorized-computer-access-related-to-u-maryland-medical-center/#databreach #IDtheft #HIPAA #infosec #insider #healthsec

ASN: AS2518Location: Chiba, JPAdded: 2026-04-29T01:04#shodansafari #infosec

CRITICAL: CVE-2026-42779 in Apache MINA (2.1.0 – 2.1.11 & 2.2.0 – 2.2.6) enables remote code execution via deserialization of untrusted data. Upgrade to 2.1.12/2.2.7 now! https://radar.offseq.com/threat/cve-2026-42779-cwe-502-deserialization-of-untruste-d7661188 #OffSeq #ApacheMINA #Vuln #Infosec

[CISA-2026:0501] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0501)CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.️ CVE-2026-31431 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-31431)- Name: Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability- Action: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Linux- Product: Kernel- Notes: https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260501 #cisa20260501 #cve_2026_31431 #cve202631431

ASN: AS199503Location: Lidzbark Warmiński, PLAdded: 2026-04-28T20:09#shodansafari #infosec

"[AI] Agents can now create Cloudflare accounts, buy domains, and deploy"#infosec #cybersecurity #threatintel https://blog.cloudflare.com/agents-stripe-projects/

Once again, my professional recommendation in response to the latest Linux kernel vulnerability in the news is that you should gather up all your electronic devices, cast them into the sea, and retreat to the woods.Each night, gather your children and tell them tales of the Before Times when the hubris of humanity grew so large that we made idols of sand and spoke to them as equals. Remind them that the sand, of course, did not speak or think, but we imagined it could, and let it guide us to folly.Should a stranger ever come to your village with a glowing rectangle, encourage the youth to beat them with sticks.#infosec

New ransom group blog post!Group name: shinyhuntersPost title: Aman Resorts (aman.com)Info: https://cti.fyi/groups/shinyhunters.html#ransomware #cti #threatintelligence #cybersecurity #infosec

ASN: AS6128Location: New City, USAdded: 2026-04-29T00:57#shodansafari #infosec

New ransom group blog post!Group name: chaosPost title: cadencepetroleum.comInfo: https://cti.fyi/groups/chaos.html#ransomware #cti #threatintelligence #cybersecurity #infosec

ICYMI: IrisQL, our new query language, makes it easier than ever to share logic across teams and ticketing systems. Explore how to optimize your security stack here: https://www.domaintools.com/blog/supercharge-your-threat-investigations-with-irisql#ThreatHunting #IrisQL #Infosec #DataScience

[CISA-2026:0428] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0428)CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.️ CVE-2024-1708 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-1708)- Name: ConnectWise ScreenConnect Path Traversal Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: ConnectWise- Product: ScreenConnect- Notes: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1708️ CVE-2026-32202 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-32202)- Name: Microsoft Windows Protection Mechanism Failure Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Windows- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32202#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260428 #cisa20260428 #cve_2024_1708 #cve_2026_32202 #cve20241708 #cve202632202

CVE-2026-3854: any authenticated GitHub user could RCE the backend with a git push. Unsanitized semicolons in push options → X-Stat header injection → sandbox bypass → code execution.Same day, a survey of 18 months of supply chain attacks all tracing back to GitHub Actions.Same structural problem at two layers.New post: https://alexreed.srht.site/blog/github-rce-actions-weakest-link.html#infosec #supplychain #github #CVE

When I'm bored I like to call in sick to places I don't work.I'm getting written up at the Olive Garden. #Cybersecurity #infosec #womeninstem