soc

An attacker could have planted a malicious configuration to execute commands outside the sandbox. The post Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks appeared first on SecurityWeek.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2026-41940 WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of […]

Claroty researchers discovered two vulnerabilities that can be exploited for security bypass and remote code execution. The post EnOcean SmartServer Flaws Expose Buildings to Remote Hacking appeared first on SecurityWeek.

The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers. The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek.

Chinese Cybercrime Infrastructure Detected: Automated Exploitation & Harvesting Infrastructure SOCRadar Threat Research Team identified automated Chinese cybercrime infrastructure that blends large-scale exploitation with structured orchestration and monetization. The operation is coordinated through a centralized backend (referred to as ‘paperclip‘) and an agent-based workflow system OpenClaw, enabling operators to manage campaigns through structured missions. The system […]

Affecting the kernel’s authencesn cryptographic template, the vulnerability was introduced in 2017 and impacts all distributions. The post ‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover appeared first on SecurityWeek.

SAP Ecosystem Targeted: The Mini Shai-Hulud Supply Chain Attack A sophisticated npm supply-chain compromise dubbed “Mini Shai-Hulud” has recently emerged, creating an urgent risk for SAP CAP development teams and CI/CD environments. Threat actors leverage trusted packages to deliver an 11.7 MB credential stealer and self-propagating framework. Instead of simply disrupting services, this malware silently […]

It took the healthcare organization nearly one year to publicly disclose a data breach after it was targeted by Inc Ransom. The post Sandhills Medical Says Ransomware Breach Affects 170,000 appeared first on SecurityWeek.

25 Best SOC Tools: AI-Powered & Automated Security Guide Running a Security Operations Center (SOC) means drowning in tools, not lacking them. The harder problem is finding the right ones, deployed in the right combination, with enough integration to actually work together under pressure. This guide cuts through the noise. Below are 25 of the […]

What Is Dark Web Monitoring? Every day, stolen credentials, leaked records, and sensitive data show up in hidden corners of the internet. Most security tools never reach those places. Dark Web Monitoring does. In this guide, you will learn the Dark Web Monitoring meaning, how it works, the risks it detects, and why it is […]