Last updated: July 6, 2026 at 12:53 AM UTC
All 559 Vulnerability 199 Breach 107 Threat 246 Defense 7

Attackers drive LLM agent for post-exploitation after Marimo CVE-2026-39987 RCE - AWS Secrets Manager to PostgreSQL exfil in minutes

Sysdig has documented a real-world intrusion in which a threat actor used an LLM agent to drive post-exploitation after compromising an internet-reachable Marimo notebook via CVE-2026-39987, a pre-authentication RCE affecting all Marimo versions up to 0.20.4 (fixed in 0.23.0). The attacker extracted two cloud credentials from the host, replayed them through a fanned-out egress pool to pull an SSH private key from AWS Secrets Manager, then used it to open eight short SSH sessions against a downstream bastion. The bastion phase exfiltrated the full schema and contents of an internal PostgreSQL database in under two minutes. The May 10 incident shows attackers operationalizing AI agents for hands-on-keyboard work.

Check
Inventory Marimo notebook deployments and confirm version is 0.23.0 or later. Check whether any are internet-reachable. Audit AWS Secrets Manager access logs and bastion SSH sessions since early May.
Affected
All Marimo versions up to and including 0.20.4 (pre-auth RCE, fixed in 0.23.0). Internet-reachable notebooks with access to cloud credentials and SSH keys are at highest risk.
Fix
Upgrade Marimo to 0.23.0+. Remove notebooks from public internet exposure. Rotate cloud credentials and SSH keys reachable from compromised hosts. Tighten Secrets Manager IAM scoping and add anomaly alerts.

FortiClient EMS CVE-2026-35616 actively exploited to deploy EKZ infostealer - disguised as endpoint update via VPN scripting

Arctic Wolf has observed active exploitation of CVE-2026-35616, an authentication-bypass flaw in FortiClient Enterprise Management Server (EMS), to deliver an undocumented credential stealer called EKZ. Attackers abuse the endpoint APIs to perform administrative actions without authentication, then modify EMS configuration and VPN policies to inject malicious scripts. Seconds after endpoints establish an IPsec tunnel to a Fortinet-managed gateway, EKZ is pushed disguised as an endpoint update via VPN scripting workflows. Fortinet released emergency hotfixes for versions 7.4.5 and 7.4.6 in early April and CISA ordered federal agencies to patch the same week; Shadowserver tracked 2,000 internet-exposed EMS instances at the time.

Check
Inventory FortiClient EMS deployments and confirm patch level. Search for unauthorized EMS configuration or VPN policy changes since early April. Look for EKZ stealer behavior on endpoints.
Affected
FortiClient EMS versions before the 7.4.5 and 7.4.6 hotfixes. Internet-exposed instances are at highest risk; Shadowserver counted 2,000 exposed in April when CISA mandated federal patching.
Fix
Apply the Fortinet hotfixes. Audit EMS admin actions and VPN policy modifications since April. Rotate credentials and certificates that EMS managed. Apply Arctic Wolf EKZ IoCs.

Gogs unpatched zero-day argument-injection RCE affects all default-configured instances; open registration plus rebase-merge toggle is the chain

Rapid7's Jonah Burgess has disclosed an unpatched argument-injection RCE in Gogs, the self-hosted Git service often used as a GitLab/GitHub Enterprise alternative. The flaw affects Gogs 0.14.2 and 0.15.0+dev and requires authentication, but Gogs ships with open registration enabled by default (DISABLE_REGISTRATION = false) and no repository creation limits, so any internet-facing default-configured instance is effectively unauthenticated-exploitable: an attacker creates an account and repo, enables rebase merging in settings, and the entire exploit chain runs without third-party interaction. Code execution lands as the Gogs server-process user. No CVE has been assigned and no patch is available; mitigations involve disabling open registration.

Check
Inventory Gogs and Forgejo instances. Check whether DISABLE_REGISTRATION is true and MAX_CREATION_LIMIT is positive. Audit recently-created accounts and repositories on default-configured instances.
Affected
Gogs 0.14.2 and 0.15.0+dev. Any instance with default config (open registration, no creation limit) is effectively unauthenticated. No CVE assigned, no patch available yet.
Fix
Disable open registration (DISABLE_REGISTRATION = true) and set strict MAX_CREATION_LIMIT. Restrict instances to authenticated VPN access. Monitor for unexpected new accounts and rebase-merge toggle changes.

Microsoft denounces uncoordinated zero-day disclosures after Chaotic Eclipse (Nightmare Eclipse) drops 6 CVEs - GitHub and GitLab accounts removed

Microsoft has come out strongly against uncoordinated zero-day disclosures after researcher Chaotic Eclipse (also Nightmare-Eclipse) dropped technical details of six Windows zero-days over the past month, citing a breakdown in Microsoft's disclosure process. The CVEs include BlueHammer (CVE-2026-33825), RedSun (CVE-2026-41091), UnDefend (CVE-2026-45498), YellowKey (CVE-2026-45585), GreenPlasma, and MiniPlasma; BlueHammer, RedSun, and UnDefend are now under active exploitation. GitHub removed the researcher's account; a GitLab re-upload account was also blocked. Microsoft is urging coordinated vulnerability disclosure but the researcher publicly disputes Microsoft's responsiveness, citing months of waiting for fixes. The incident highlights ongoing friction between solo researchers and large vendor PSIRTs.

Check
Apply the Microsoft patches for BlueHammer (CVE-2026-33825), RedSun (CVE-2026-41091), UnDefend (CVE-2026-45498), and YellowKey (CVE-2026-45585) immediately. Monitor for further leaked PoC code.
Affected
Windows endpoints unpatched against the six Nightmare Eclipse zero-days. Three (BlueHammer, RedSun, UnDefend) are confirmed under active exploitation. GreenPlasma and MiniPlasma also have public details.
Fix
Patch all six CVEs via current Windows updates. Block known exploit-PoC mirrors at egress. Watch GitHub/GitLab for re-uploaded code and add the corresponding hashes to detection rules.

Gitea CVE-2026-27771 (CVSS 8.2) lets unauthenticated attackers pull private container images - ~30,000 deployments exposed for four years, Forgejo affected

Noscope has disclosed CVE-2026-27771 (CVSS 8.2), a flaw in the self-hosted Gitea version-control platform that lets unauthenticated remote attackers pull private container images with no account, password, or prior access. The 'private' designation on a container repository simply failed to enforce. It affects all Gitea versions before 1.26.2 and went undetected for nearly four years; Noscope estimates 30,000+ exposed deployments across 30+ countries, with most exposure in China, the US, Germany, France, and the UK, spanning healthcare, aerospace, retail, and ISPs. Forgejo is confirmed affected, and any Gitea fork should be treated as vulnerable until verified. Technical details were withheld to allow patching.

Check
Inventory self-hosted Gitea and Forgejo instances and confirm version. Check whether the container registry is internet-exposed. Review registry pull logs for unauthenticated access to private images.
Affected
All Gitea versions before 1.26.2 and confirmed-affected Forgejo, plus unverified Gitea forks. ~30,000 exposed deployments across 30+ countries in healthcare, aerospace, retail, and ISP sectors.
Fix
Upgrade Gitea to 1.26.2 immediately. Temporary workaround: set [service].REQUIRE_SIGNIN_VIEW=true (unsuitable if some containers must stay public). Rotate any secrets baked into exposed private images.

CISA adds three to KEV: TanStack CVE-2026-45321 and Nx Console CVE-2026-48027 (TeamPCP) plus Daemon Tools Lite CVE-2026-8398

CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog based on active-exploitation evidence. Two formally recognize the TeamPCP supply-chain wave that dominated mid-May: CVE-2026-45321 (TanStack) and CVE-2026-48027 (Nx Console embedded malicious code), the latter tied to the trojanized VS Code extension that led to GitHub's own 3,800-repo internal breach. The third, CVE-2026-8398, is an embedded-malicious-code flaw in the Daemon Tools Lite disc-imaging utility. FCEB agencies must remediate all three by the BOD 22-01 deadline; CISA urges all organizations to prioritize them. The additions confirm the supply-chain compromises moved from disclosure to documented in-the-wild exploitation.

Check
Confirm TanStack (CVE-2026-45321) and Nx Console (CVE-2026-48027) remediation from the mid-May supply-chain wave is complete. Inventory Daemon Tools Lite installs for CVE-2026-8398.
Affected
Organizations exposed to the TeamPCP supply-chain compromises (TanStack, Nx Console) and any endpoint running a vulnerable Daemon Tools Lite disc-imaging build. Federal agencies bound by BOD 22-01.
Fix
Remediate all three by CISA's KEV deadline. Verify Nx Console is 18.100.0+ and TanStack dependencies are clean. Remove or update Daemon Tools Lite. Rotate credentials from the supply-chain incidents.

KnowledgeDeliver LMS zero-day CVE-2026-5426 deploys Godzilla web shell via ViewState deserialization - shared hardcoded ASP.NET machine keys across customers

Mandiant has disclosed that attackers exploited a zero-day in the KnowledgeDeliver learning management system (CVE-2026-5426) to deploy the Godzilla in-memory web shell and a custom-encrypted Cobalt Strike beacon. The flaw is a deserialization issue tied to identical pre-shared ASP.NET machine keys distributed in the vendor's default web.config across all customer deployments installed before February 24, 2026. With the shared machineKey, an attacker forges signed ViewState payloads and achieves unauthenticated RCE at the OS level. The threat actor escalated control to modify the platform's JavaScript files, prompting users to install a fake 'security authentication plugin' that delivered the Cobalt Strike payload.

Check
Inventory KnowledgeDeliver LMS installations and the deployment date. Check web.config for hardcoded machineKey values. Search IIS logs for unusual ViewState payloads since late 2025.
Affected
All KnowledgeDeliver LMS installations deployed before February 24, 2026. The hardcoded ASP.NET machineKey is shared across all customers, enabling forged ViewState attacks for unauthenticated RCE.
Fix
Rotate machineKey to unique per-deployment values immediately. Patch to the latest KnowledgeDeliver release. Hunt for Godzilla/BlueBeam in-memory web shells and Cobalt Strike beacons across IIS application pools.

CISA emergency directive: federal agencies must patch Drupal CVE-2026-9082 by midnight May 27; Imperva sees 15K attacks across 65 countries

CISA has given US federal civilian agencies a midnight Wednesday May 27 deadline to patch CVE-2026-9082, the highly critical Drupal SQL injection added to its Known Exploited Vulnerabilities catalog on Friday. Imperva says it has now observed 15,000+ attack attempts targeting nearly 6,000 individual Drupal sites across 65 countries since disclosure, with gaming and financial services taking almost half. Shadowserver tracks ~670 unpatched Drupal instances still exposed online (272 in North America, 273 in Europe). CISA's directive is mandatory only for FCEB agencies under BOD 22-01, but the agency strongly urges all organizations to patch immediately.

Check
Inventory Drupal sites by branch and version, especially PostgreSQL-backed deployments. FCEB agencies: confirm patch is applied by midnight May 27. Check Imperva and Shadowserver data for any of your IPs.
Affected
All supported Drupal 11.x and 10.x branches before the patched releases (11.3.10, 11.2.12, 11.1.10, 10.6.9, 10.5.10, 10.4.10). 6,000 sites already targeted across 65 countries.
Fix
Patch immediately. Apply WAF rules blocking Drupal SQL injection patterns. FCEB agencies must remediate by midnight tonight per BOD 22-01. Prioritize PostgreSQL-backed deployments.

Microsoft issues out-of-band SharePoint RCE patch CVE-2026-45659 for Subscription Edition, 2019, and 2016 servers

Microsoft has released an out-of-band patch for CVE-2026-45659, a remote code execution vulnerability in Microsoft SharePoint Server. The flaw is a deserialization issue and was reported privately by a researcher named MEOW; Microsoft says it is not currently aware of active exploitation but rates it 'less likely to be exploited.' Updates are available for SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. Last month's CVE-2026-32201 spoofing flaw was actively exploited and machine-key-theft attacks against SharePoint were widespread in 2025, so admins should treat this patch as priority despite the lower-likelihood rating.

Check
Inventory SharePoint deployments by edition (Subscription, 2019, 2016) and confirm patch level. Check for unusual deserialization activity in IIS logs since the patch ships.
Affected
Microsoft SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016 prior to the May 26 out-of-band updates.
Fix
Apply Microsoft's out-of-band CVE-2026-45659 patches across all SharePoint versions. Rotate machine keys after patching - prior SharePoint key-theft incidents enabled persistent post-patch access.

Forenser documents zero-click WhatsApp account takeover on iPhone iOS 16 - parallel session, no linked devices, used for wire-transfer scams

Italian digital forensics firm Forenser has documented an active zero-click WhatsApp account-takeover campaign targeting iPhone users on iOS 16. Victims (iPhone 8 through 14) reported messages requesting wire transfers being sent from their accounts to recent contacts, with no Linked Devices entries and no QR code interaction. Unified-log analysis shows continuous WhatsApp session-resync events - the signature of two endpoints competing for the same account, with the attacker bypassing the standard linked-device registration. The campaign exploits known iOS 16 vulnerabilities. Affected users do not see archived chats, suggesting the attacker has only recent-chat access. Forenser recommends upgrading to iOS 17 or later.

Check
Search MDM data for iPhones still on iOS 16. Check WhatsApp Linked Devices on possibly-affected handsets (will appear empty). Pull unified logs for continuous resync events if Forenser's IoCs apply.
Affected
iPhone users on iOS 16 (iPhone 8 through 14, including X, XR, XS, 11, SE, 12, 13). WhatsApp on these devices is susceptible to a zero-click parallel-session takeover.
Fix
Upgrade affected iPhones to iOS 17 or later immediately. Sign out and re-register WhatsApp accounts after the upgrade. Educate users to verify suspicious wire-transfer requests via a second channel.