『DefSec Brief week in review, July 11 2026』のカバーアート

DefSec Brief week in review, July 11 2026

DefSec Brief week in review, July 11 2026

無料で聴く

ポッドキャストの詳細を見る
1. Langflow authorization bypass on KEV, plus the first fully autonomous LLM-driven ransomware campaign — CVE-2026-55255, CVE-2025-3248 — CISA KEV https://www.cisa.gov/known-exploited-vulnerabilities-catalog · Dark Reading https://www.darkreading.com/cyberattacks-data-breaches/jadepuffer-first-complete-llm-driven-ransomware-attack 2. Adobe ColdFusion path traversal added to KEV, actively exploited — CVE-2026-48282 — CISA KEV https://www.cisa.gov/known-exploited-vulnerabilities-catalog 3. CitrixBleed 2 chain confirmed as a path to Dragonforce ransomware — CVE-2025-5777, CVE-2023-4966, CVE-2026-4368 — Huntress https://www.huntress.com/blog/citrixbleed-2-dragonforce-ransomware 4. BeyondTrust patches critical pre-auth bypass flaws in Remote Support and PRA — CVE-2026-40138, CVE-2026-40139, CVE-2026-40140, CVE-2026-40141 — The Hacker News https://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html 5. Progress orders on-prem ShareFile customers to shut down Storage Zone Controllers — CVE not confirmed by vendor — The Hacker News https://thehackernews.com/2026/07/urgent-progress-tells-sharefile.html · Cyber Security News https://cybersecuritynews.com/progress-sharefile-admins-shut-down-servers/ 6. CISA adds four Joomla/WordPress extension file-upload flaws to KEV — CVE-2026-56291, CVE-2026-48939, CVE-2026-48908, CVE-2026-56290 — CISA KEV https://www.cisa.gov/known-exploited-vulnerabilities-catalog 7. Exposed WP-SHELLSTORM server reveals webshell brokerage hitting 1.4M sites — CVE-2026-48907, CVE-2026-3844 (among others) — The Hacker News https://thehackernews.com/2026/07/exposed-hacker-server-reveals-wp.html 8. Suspected China-aligned group exploits Roundcube flaws against university research departments — CVE-2024-42009, CVE-2025-49113 — CyberScoop https://cyberscoop.com/china-espionage-attacks-us-canada-universities-proofpoint/ · The Hacker News https://thehackernews.com/2026/07/suspected-china-aligned-hackers-exploit.html 9. Cisco patches RCE and file-read flaws in ISE and Catalyst Center — CVE-2026-20181, CVE-2026-20190, CVE-2026-20191 — Cisco PSIRT https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv · https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-file-read-wLH2vf8X 10. 16-year-old Linux KVM use-after-free lets a guest VM escape to the host — CVE-2026-53359 "Januscape" — The Hacker News https://thehackernews.com/2026/07/16-year-old-linux-kvm-flaw-lets-guest.html
adbl_web_anon_alc_button_suppression_t1
まだレビューはありません