| Website | https://www.thehackerwire.com |
Bitrefill confirms a cyberattack linked to Lazarus/Bluenoroff.
Attack started from a compromised employee laptop β led to wallet draining and access to ~18.5K records.
https://www.thehackerwire.com/bitrefill-hack-linked-to-lazarus-group-exposes-18500-records/
Two critical SAP vulnerabilities (CVE-2026-0488, CVE-2026-0509) highlight risks in authorization handling inside enterprise platforms.
β’ SQL execution leading to database compromise
β’ Unauthorized background RFC execution
β’ High integrity and availability impact
Exposure discovery commonly focuses on internet-facing NetWeaver and Fiori interfaces using queries such as:
product:"SAP NetWeaver"
body="/sap/public/"
https://www.thehackerwire.com/vulnerability/CVE-2026-0509/
https://www.thehackerwire.com/vulnerability/CVE-2026-0488/
π CVE-2026-24763 - High (8.8)
OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices. Prior to 2026.1.29, a command injection vulnerability existed in OpenClawβs Docker sandbox execution mechanism due to unsafe handling of the PATH environment variable when constructing shell commands. An authe...
π https://www.thehackerwire.com/vulnerability/CVE-2026-24763/
π CVE-2026-24737 - High (8.1)
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properti...
π https://www.thehackerwire.com/vulnerability/CVE-2026-24737/
π΄ CVE-2026-25142 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.27, SanboxJS does not properly restrict __lookupGetter__ which can be used to obtain prototypes, which can be used for escaping the sandbox / remote code execution. This vulnerability is fixed in 0.8.27.
π https://www.thehackerwire.com/vulnerability/CVE-2026-25142/
π΄ CVE-2026-25137 - Critical (9.1)
The NixOs Odoo package is an open source ERP and CRM system. From 21.11 to before 25.11 and 26.05, every NixOS based Odoo setup publicly exposes the database manager without any authentication. This allows unauthorized actors to delete and download the entire database, including Odoos file store....
π https://www.thehackerwire.com/vulnerability/CVE-2026-25137/
π CVE-2026-20411 - High (7.8)
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5737.
π https://www.thehackerwire.com/vulnerability/CVE-2026-20411/
π CVE-2026-20412 - High (7.8)
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5733.
π https://www.thehackerwire.com/vulnerability/CVE-2026-20412/
π΄ CVE-2026-24071 - Critical (9.3)
It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses _xpc_connection_get_pid(arg2) as ar...
π https://www.thehackerwire.com/vulnerability/CVE-2026-24071/
π CVE-2026-24070 - High (8.8)
During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC ser...
π https://www.thehackerwire.com/vulnerability/CVE-2026-24070/
