Logo
  • NEWS
  • NVD
  • EXPLOITS
  • SECURITY
    • NCSC
    • SECURELIST
    • US-CERT
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap

  • AWS Continuum to Enable Agentic Code Security for Enterprises

    Amazon Web Services has recently introduced AWS Continuum, a new integrated security platform to automate the discovery, enforcement, and …

    16 July 2026
    Agents, Architecture & Design, Cloud, Cloud Security, Continuum
  • Claude for Chrome Flaw Puts Gmail at Risk From Rogue Extensions

    Researchers say a Claude for Chrome flaw lets rogue extensions trigger Gmail, Docs, and Calendar tasks, with greater risk in unattended …

    16 July 2026
    Artificial Intelligence, Browsers, Chrome, Claude, Cloud
  • The Biggest Data Breaches of 2026 So Far, Ranked by Impact

    The biggest data breaches of 2026 so far, ranked by impact, with details on exposed data, affected users, and what readers should do next. …

    16 July 2026
    Data Breaches, Impact, IT, News, Tech Industry
  • Microsoft is rebuilding its security business around AI, and cutting hundreds

    Microsoft is the biggest seller of cybersecurity software on the planet. Now it is tearing that business up and rebuilding it around …

    16 July 2026
    AI, Artificial Intelligence, Business, IT, United States
  • Oak raised $60M to give every user, machine, and AI agent one identity system

    Most companies still cannot say who, or what, has access to their systems at any given moment. Oak, an Israeli startup, has raised $60M to …

    16 July 2026
    AI, Artificial Intelligence, IT, Middle East, Oak
  • Two Scattered Spider Members Sentenced to 5.6 Years Over TfL Cyberattack

    Nearly two years after a cyberattack disrupted Transport for London’s (TfL) online services and exposed customer data, two members of the …

    16 July 2026
    IT, News, Scattered Spider, Transport for London
  • The UK won’t restrict VPNs after all, and its own research is why

    The UK looked set to crack down on VPNs as it tightens the rules for children online. Instead it has backed off, and its own research is …

    16 July 2026
    Apps, IT, Mobile, Social Media, VPNs
  • C’mon, just copy this text string and paste it into your macOS Terminal – it’ll fix your computer, honest

    Threat intel outfit Group-IB has detailed a previously undocumented macOS information stealer that doesn’t bother hunting for software …

    16 July 2026
    IT, News, Terminal
  • ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

    A lot of this week’s trouble starts with something that looks close enough. A familiar …

    16 July 2026
    Browsers, Cheats, Chrome, Cybercrime, Game
  • HelloNet campaign — new malicious modules launched through the ViPNet update system

    We identified targeted infection attempts against large Russian organizations using the ViPNet update system (a software suite for creating …

    16 July 2026
    APT, Malware Technologies, Targeted Attacks, VPN
  • Phishing Campaign Hides Lua Loader as TrueType Font File

    A large-scale phishing operation has been observed disguising a malicious script as a TrueType font file (.tff). Using the fake .ttf …

    16 July 2026
    Files, Fonts, Loader, Lua, Programming
  • n8n Token Exchange Flaw Could Let Attackers Log In as Users From Another Issuer

    n8n, the workflow automation platform, handed out the wrong accounts at login. On Enterprise instances configured to trust more than one …

    16 July 2026
    Attackers, Exchanges, Flaws, Let, Logs
{"loadingDistance":1200,"stickyPosts":[],"nextPageLink":"https://itts.at/page/2","queryId":0}

●●●

CookieFree

NVD

  • CVE-2026-23538 – A vulnerability was identified in the Feast Feature Server’s `/ws/chat` endpoint that …16 July 2026
  • CVE-2026-15907 – A flaw has been found in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown …16 July 2026
  • CVE-2026-15909 – A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to …16 July 2026
  • CVE-2026-1609 – A flaw was found in Keycloak. When the JSON Web Token (JWT) authorization grant preview …16 July 2026
  • CVE-2026-54526 – Argo Workflows is an open source container-native workflow engine for orchestrating …16 July 2026

EXPLOITS

  • Krayin CRM v2.2.x – Authenticated Remote Code Execution8 July 2026
  • Langflow 1.9.0 – RCE8 July 2026
  • Atarim WordPress Plugin 4.2.2 – Sensitive Information Exposure8 July 2026
  • Joomla Page Builder CK 3.5.10 – Arbitrary File Upload8 July 2026
  • MCPJam Inspector – Remote Code Execution7 July 2026

SECURELIST

  • HelloNet campaign — new malicious modules launched through the ViPNet update system16 July 2026
  • GoSerpent: a persistent threat evolves with sophisticated data collection and exfiltration16 July 2026
  • OkoBot: new sophisticated malware framework targets cryptocurrency users15 July 2026
  • Threat landscape for industrial automation systems. Q1 20267 July 2026
  • When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft we6 July 2026


Copyright © 2026 ITTS | Cookie-Free | Privacy Policy | We are not responsible for the content of external sites.