PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
What's new: A critical vulnerability identified as CVE-2026-44338, with a CVSS score of 9.8, has been disclosed in PraisonAI's web...
nsamag
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
What's new: The threat actor known as UNC1151 (also referred to as Ghostwriter) has launched a phishing campaign targeting Ukrainian...
NSAuditor AI EE 0.6.0 Milestone — NEW Plugin 1160 AWS VPC Endpoints / PrivateLink Auditor Opens v0.6.x Line With Plugin-Breadth Expansion (Plugin Count 20 → 21)
What's new: Nsasoft US LLC has shipped NSAuditor AI Enterprise Edition 0.6.0 — the minor-version milestone bump opening the v0.6.x...
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
What's new: A critical vulnerability, CVE-2026-42945, has been identified in NGINX's rewrite module, allowing unauthenticated remote code execution (RCE). This...
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
What's new: Three malicious versions of the Node-IPC package (versions 11.10.2, 11.10.3, and 11.10.4) have been identified, containing a stealer...
