F5 Fixes Flaws in NGINX Open Source Enabling Remote Code Execution

F5 has issued urgent security updates for NGINX products after discovering two critical flaws, CVE-2026-42530 and CVE-2026-42055, that could allow remote code execution. These vulnerabilities, rated 9.2 on the CVSS v4 scale, pose a significant threat and require immediate attention to prevent exploitation.

https://osintsights.com/f5-fixes-flaws-in-nginx-open-source-enabling-remote-code-execution?utm_source=mastodon&utm_medium=social

#RemoteCodeExecution #F5 #NginxOpenSource #Cve202642530 #Cve202642055

Crypto Clipper uses Tor and worm-like propagation for persistence and control

A Windows-based cryptocurrency clipper has been actively targeting users since February 2026, employing sophisticated techniques to steal digital assets. The malware propagates through malicious shortcut files on USB devices, creating a worm-like infection chain. Once deployed, it utilizes Windows Script Host and ActiveX to launch a bundled Tor proxy client, enabling anonymous communication with hidden-service command and control servers. The clipper performs high-frequency clipboard monitoring to intercept cryptocurrency wallet addresses, seed phrases, and private keys, replacing them with attacker-controlled alternatives. Additionally, it captures screenshots for context and maintains persistent access through scheduled tasks. The threat demonstrates advanced capabilities including remote code execution, making it more than a simple stealer by functioning as a lightweight backdoor. The malware employs multiple defense evasion techniques including multi-layer obfuscation, anti-analysis checks, and local S...

Pulse ID: 6a33628ba6068a0dfc61732a
Pulse Link: https://otx.alienvault.com/pulse/6a33628ba6068a0dfc61732a
Pulse Author: AlienVault
Created: 2026-06-18 03:14:19

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Clipboard #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #Proxy #RAT #RCE #RemoteCodeExecution #Troll #USB #Windows #Worm #bot #cryptocurrency #AlienVault

Google Cloud Vertex AI Vulnerability Exposes Cross-Tenant RCE Risk

A recent vulnerability in Google Cloud's Vertex AI Python SDK left the door open for cross-tenant attacks, allowing hackers in separate projects to hijack model uploads and potentially execute malicious code remotely. This flaw was fortunately patched in version 1.148.0, released on April 15, 2026.

https://osintsights.com/google-cloud-vertex-ai-vulnerability-exposes-cross-tenant-rce-risk?utm_source=mastodon&utm_medium=social

#GoogleCloud #VertexAi #CrosstenantVulnerability #RemoteCodeExecution #SupplyChain

Targets Education Sector with Oracle PeopleSoft Exploit

Between May 27 and June 9, 2026, UNC6240 (ShinyHunters) conducted an active compromise and extortion campaign targeting Oracle PeopleSoft application infrastructure. The threat actor exploited CVE-2026-35273, a critical remote code execution vulnerability (CVSS 9.8) in the Environment Management component, as a zero-day before Oracle's June 10, 2026 advisory. Over 100 organizations were potentially affected, with 68 percent operating in higher education and most based in the United States. Attackers deployed customized MeshCentral agents masquerading as Microsoft Azure services, established C2 infrastructure at azurenetfiles.net, and used lateral movement scripts to propagate across internal networks. The campaign culminated in data exfiltration and publication of stolen data on the ShinyHunters Data Leak Site on June 9, 2026. Compromised systems received defacement markers and extortion notices.

Pulse ID: 6a2b24138a34132bc69a0072
Pulse Link: https://otx.alienvault.com/pulse/6a2b24138a34132bc69a0072
Pulse Author: AlienVault
Created: 2026-06-11 21:09:39

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Azure #CyberSecurity #Education #Extortion #InfoSec #Microsoft #NET #OTX #OpenThreatExchange #RAT #RCE #RemoteCodeExecution #UnitedStates #Vulnerability #ZeroDay #bot #AlienVault

Splunk Enterprise Flaw Exposes Systems to Unauthenticated Code Execution

A critical vulnerability in Splunk Enterprise, rated 9.8 on the CVSS scale, leaves systems open to devastating attacks, allowing unauthenticated hackers to execute malicious code and wreak havoc. This shocking flaw, tracked as CVE-2026-20253, enables attackers to create or truncate files with ease,…

https://osintsights.com/splunk-enterprise-flaw-exposes-systems-to-unauthenticated-code-execution?utm_source=mastodon&utm_medium=social

#Cve202620253 #SplunkEnterprise #UnauthenticatedCodeExecution #RemoteCodeExecution #Vulnerability

LangGraph Flaw Chain Enables Remote Code Execution in Self-Hosted AI Agents

A critical flaw in LangGraph's system could let attackers take control of your self-hosted AI agents with just a single exploit, allowing for remote code execution. Thankfully, the vulnerability has been patched after being discovered by cybersecurity researchers Check Point and Yarden Porat.

https://osintsights.com/langgraph-flaw-chain-enables-remote-code-execution-in-self-hosted-ai-agents?utm_source=mastodon&utm_medium=social

#Langgraph #RemoteCodeExecution #SqlInjection #AiAgents #VulnerabilityChain

Fortinet, Ivanti, SAP Patch Critical Vulnerabilities

This week, Fortinet, Ivanti, and SAP issued urgent patch rollouts to fix critical vulnerabilities that could allow hackers to execute remote code or gain unauthorized access to sensitive systems. The flaws, affecting sandboxing infrastructure, mobile gateway software, and core enterprise apps, carry high severity scores and demand immediate…

https://osintsights.com/fortinet-ivanti-sap-patch-critical-vulnerabilities?utm_source=mastodon&utm_medium=social

#Fortinet #Ivanti #Sap #CriticalVulnerabilities #RemoteCodeExecution

⚠️ Critical Ivanti Sentry Flaw Exposed: Unauthenticated Remote Root Access Available

#CyberSecurityVulnerability #IvantiSentryVulnerability #OSCommandInjection #RemoteCodeExecution #RootLevelAccess #cve #cybersecurity #iso27001

Veeam Patches Backup Flaw That Enables Remote Code Execution

Veeam has urgently patched a critical backup flaw, CVE-2026-44963, that allowed remote code execution with just domain user credentials, scoring a severe 9.4 out of 10 in severity. The update to version 12.3.2.4854 fixes this vulnerability, preventing attackers from running malicious code on the Backup Server.

https://osintsights.com/veeam-patches-backup-flaw-that-enables-remote-code-execution?utm_source=mastodon&utm_medium=social

#RemoteCodeExecution #Veeam #Cve202644963 #BackupServer #SupplyChain

Veeam Vulnerability Enables RCE Attacks on Backup Servers

A newly discovered vulnerability in Veeam Backup & Replication could allow an authenticated domain user to launch a remote code execution attack on your backup server - a critical target for hackers. Patch now to protect your data: update to version 12.3.2.4854 or later to fix the flaw.

https://osintsights.com/veeam-vulnerability-enables-rce-attacks-on-backup-servers?utm_source=mastodon&utm_medium=social

#Veeam #Ransomware #RemoteCodeExecution #Cve202644963 #BackupServers