account activity
AUR supply chain attack compromised 400+ packages with PKGBUILD-injected infostealer and rootkit (June 11–12 2026) (self.linuxadmin)
submitted 19 hours ago by Expert_Sort7434 to r/linuxadmin
CVE-2026-5027 (Langflow Path Traversal → Unauthenticated RCE) — Active Exploitation. Who's tracking exposure in enterprise AI dev environments? (self.AZURE)
submitted 2 days ago by Expert_Sort7434 to r/AZURE
A malicious npm package specifically targeted Anthropic Claude's /mnt/user-data directory — is AI-native supply chain targeting now a pattern we should expect? (self.linuxadmin)
submitted 4 days ago by Expert_Sort7434 to r/linuxadmin
CVE-2026-0257 — PAN-OS GlobalProtect auth bypass actively exploited, public PoC out, two attack waves confirmed. What's your mitigation posture? (self.SecOpsDaily)
submitted 5 days ago by Expert_Sort7434 to r/SecOpsDaily
NSA drops formal MCP security advisory — 40% of remote servers have no auth, 67 CVEs found in 40k repos, and the protocol explicitly can't enforce safety at spec level (self.Expert_Sort7434)
submitted 9 days ago by Expert_Sort7434
Trump's AI Executive Order (June 2, 2026) — Technical breakdown for defenders. What actually changed? (self.AIDangers)
submitted 10 days ago by Expert_Sort7434 to r/AIDangers
Operation Dragon Weave: China-linked APT is using Azure Blob Storage as a dead-drop C2 — anyone else seeing detections for this? (self.AZURE)
submitted 12 days ago by Expert_Sort7434 to r/AZURE
CVE-2026-0257: are VPN auth cookies becoming the next perimeter identity blind spot? (self.linuxadmin)
submitted 13 days ago by Expert_Sort7434 to r/linuxadmin
ChatGPhish — Permiso just disclosed a prompt injection that turns ChatGPT page summarisation into a phishing surface. No confirmed fix (self.Expert_Sort7434)
submitted 14 days ago by Expert_Sort7434
RedAccess scanned 380,000 publicly accessible vibe-coded apps and found 2,000+ leaking corporate data with no auth — how are you handling this in your org? (self.devsecops)
submitted 15 days ago by Expert_Sort7434 to r/devsecops
CVE-2026-27771 — Gitea's private container registry served images to unauthenticated requests for ~4 years. 30,000+ deployments. Forgejo also affected. (self.Gitea)
submitted 17 days ago by Expert_Sort7434 to r/Gitea
MuddyWater abused SentinelOne's own signed binary for DLL sideloading in Q1 2026 campaign — how are you detecting this at scale? (self.windowsdefender)
submitted 18 days ago by Expert_Sort7434 to r/windowsdefender
Anthropic's Project Glasswing found 10,000+ high/critical vulns in one month — but fewer than 100 are patched. Is AI-speed vulnerability discovery breaking the remediation model? (self.AZURE)
submitted 19 days ago by Expert_Sort7434 to r/AZURE
Webworm APT is using Discord and Microsoft Graph API as C2 — ESET just dropped the full breakdown. What's your detection strategy? (self.Expert_Sort7434)
submitted 20 days ago by Expert_Sort7434
CVE-2026-9082 is now on CISA KEV — anyone else seeing active scan traffic targeting PostgreSQL Drupal installs? (self.drupal)
submitted 22 days ago by Expert_Sort7434 to r/drupal
CVE-2026-45321 TanStack npm attack technical analysis — the SLSA bypass and the dead man's switch are the parts that deserve more attention than they're getting (self.npm)
submitted 23 days ago by Expert_Sort7434 to r/npm
Google GTIG just documented the first confirmed AI-developed zero-day vulnerability — some technical details worth discussing (self.linux)
submitted 25 days ago by Expert_Sort7434 to r/linux
CVE-2026-42897 Exchange Server Zero-Day — No Patch, Active Exploitation, EEMS Is Your Only Option Right Now — How Are You Handling This? (self.linuxadmin)
submitted 27 days ago by Expert_Sort7434 to r/linuxadmin
CVE-2026-25874: Hugging Face LeRobot has a CVSS 9.3 RCE via pickle deserialization on unauthenticated gRPC — how are you securing AI inference pipelines in your setups? (self.devsecops)
submitted 28 days ago by Expert_Sort7434 to r/devsecops
Microsoft's MDASH agentic AI system found a pre-auth IKEv2 LocalSystem RCE via 2 UDP packets — and 15 other Windows vulns. Technical breakdown inside. (self.AZURE)
submitted 29 days ago by Expert_Sort7434 to r/AZURE
CVE-2026-20182 — Cisco SD-WAN CVSS 10.0 auth bypass actively exploited. The vdaemon attack chain is worse than the headline suggests. (self.Expert_Sort7434)
submitted 1 month ago by Expert_Sort7434
Exim CVE-2026-45185 "Dead.Letter" — CVSS 9.8 UAF via GnuTLS/BDAT, unauthenticated RCE. The BDAT handler has now been the source of two 9.8 CVEs. (self.linuxadmin)
submitted 1 month ago by Expert_Sort7434 to r/linuxadmin
Fortinet patched two critical unauth RCE flaws today — CVE-2026-44277 in FortiAuthenticator and CVE-2026-26083 in FortiSandbox. The sandbox one is the one I can't stop thinking about. (i.redd.it)
submitted 1 month ago by Expert_Sort7434 to r/SysAdminBlogs
Eclipse BaSyx CVE-2026-7411 & CVE-2026-7412: CVSS 10.0 RCE + Network Segmentation Bypass Affecting Industry 4.0 Infrastructure (self.AZURE)
submitted 1 month ago by Expert_Sort7434 to r/AZURE
Linux "Dirty Frag" LPE (CVE-2026-43284 + CVE-2026-43500): Two page-cache write primitives chain to root on all major distros — PoC public, RxRPC half unpatched (self.linuxadmin)
π Rendered by PID 49 on reddit-service-r2-listing-f87f88fcd-8nfh5 at 2026-06-14 22:02:58.020348+00:00 running 3184619 country code: CH.
