CISA Adds Lantronix and UniFi OS Vulnerabilities to KEV

🔗 https://cybersecurefox.com/en/cisa-lantronix-eds5000-ubiquiti-unifi-os-kev

#CISA #KEV #Lantronix #EDS5000 #Ubiquiti #UniFi #OS #CVE-2025-67038

Understanding Langflow CVE-2026-55255, and why higher CVSS vulnerabilities aren't always the most exploited

On June 25, 2026, the first active exploitation of CVE-2026-55255, a critical CVSS 9.9 Langflow vulnerability, was documented. Langflow is an open-source framework for building AI agents and RAG pipelines. A single operator exploited both CVE-2026-55255 (cross-tenant IDOR) and CVE-2026-33017 (unauthenticated RCE, CVSS 9.3) against the same instance. Despite its lower score, the RCE has been exploited thousands of times and is listed in CISA KEV, while the IDOR showed no prior in-the-wild exploitation. The operator focused primarily on the RCE for code execution and implant delivery, using the IDOR opportunistically for credential theft across tenants. The financially motivated threat actor deployed a scripted loader to harvest AWS keys, environment files, and API credentials. This demonstrates that CVSS scores don't always correlate with real-world exploitation rates, as unauthenticated vulnerabilities require less effort than those needing authorization and disclosed object IDs.

Pulse ID: 6a3eefb892e3d749bcf92233
Pulse Link: https://otx.alienvault.com/pulse/6a3eefb892e3d749bcf92233
Pulse Author: AlienVault
Created: 2026-06-26 21:31:36

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AWS #CISA #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #RCE #Vulnerability #bot #AlienVault

CISA and FBI issue PSA:
Russian Intelligence Services Continue to Target Commercial Messaging Applications

https://www.ic3.gov/PSA/2026/PSA260626

#Cybersecurity #CISA #FBI #Encryption

> US Releases Anthropic’s ‘Mythos’ AI Model to Some US Companies

> Anthropic Accuses Alibaba of Illicitly Extracting Claude AI Model Capabilities

> China’s 360 Says It Developed Tools to Match Anthropic’s Mythos

> UK NCSC Warns Leaders of ‘AI Shift’ in Cyber Risk

> New Policy Memo Outlines Paths Toward AI Transparency

> New AWS ‘AITM’ Phishing Kit Discovered

> ‘Payouts the King’ Ransomware Operator Deploys New ‘EdgeCution’ Malware

> macOS ‘Gaslight’ Rust Backdoor Uses Prompt Injection Against Analysts

> WhatsApp VBS RMM Campaign Targets Users

> Polymarket Confirms $3.1 Million Theft via Third-Party Breach

> KDDI Data Breach Exposes Up to 14.2 Million Email Credentials

> Tata Electronics Hit by Cyberattack Claiming Theft of Apple, Tesla Trade Secrets

> Report: Israel Behind Cyberattack on Iranian Banks

> Mandiant Reveals How Cisco SD-WAN Zero-Day Attacks Gained Root Access

> Japan Defense Forces Used USB Drives with China-Linked Virus, Probe Finds

> U.S. Treasury Sanctions Entities Linked to Illicit Finance

> Meta Accidentally Let Employees Access Each Other’s Keystroke Data

> Russia-Linked Group Claims Cyberattack on Ukrainian Bank

> Algerian Man Extradited to U.S. for Role in Black Market Fraud Conspiracy

> Justice Department Seizes Infrastructure Used by Huione Group for Money Laundering

> Smart TV Apps Found with Residential Proxy SDKs

> CISA Sets Urgent Deadline to Fix Cisco Flaw Exploited in Attacks

> CISA Director Nominee Pledges Workforce Expansion at House Hearing:

> Trump Issues Executive Order with Post-Quantum Encryption Deadline

> European Commission Announces New Cyber Resilience Measures

> Ransomware and Data Breaches Drive Spike in Cyber Insurance Claims, Report Finds

> Security Operations for the Age of AI

#thecybersecurityclub #substack
#cybersecurity #technews #cybercrime #blackmarket
#fraud #polymarket #trump
#ai #EU #anthropic #mythos
#alibaba #china #cisa
#uk #ncsc #aws #randomware
#malware #360 #whatsapp
#kddi #tata #israel #iran
#mandiant #cisco #japan
#meta #russia #ukraine #algeria #quantumencryption

https://open.substack.com/pub/thecybersecurityclub/p/wk-26-hackers-stole-3m-from-polymarket

#CISA sets urgent deadline to fix #Cisco flaw exploited in attacks

https://www.bleepingcomputer.com/news/security/cisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks/

#cybersecurity

A critical shift in cyber warfare: Russian intelligence groups UNC5792 and UNC4221 are now specifically targeting Signal Backup Recovery Keys. They're not breaking Signal's strong end-to-end encryption, but rather exploiting a legitimate backup feature through sophisticated phishing. This allows them to access your *entire* message history, impacting government officials, journalists, and military…

https://www.tpp.blog/15fekz4

#cybersecurity #fbi #cisa

🤖 This post was AI-generated.

CISA Mandates Urgent Patching for Exploited Cisco Flaw

Don't wait until it's too late: Cisco has issued a critical patch for a vulnerability (CVE-2026-20230) in its Unified Communications Manager Server, and the US Cybersecurity and Infrastructure Security Agency (CISA) is requiring urgent remediation by June 28. Act now to protect your system from potential remote exploitation.

https://osintsights.com/cisa-mandates-urgent-patching-for-exploited-cisco-flaw?utm_source=mastodon&utm_medium=social

#Cisa #Cisco #Cve202620230 #ServersideRequestForgery #UnifiedCommunicationsManagerServer