latesthackingnews.com

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise's PostgreSQL sidecar service. An unauthenticated attacker can ...
SecurityWeek

Atlassian, Splunk Patch Critical Vulnerabilities

Atlassian and Splunk have released patches for critical vulnerabilities, including dozens of flaws in third-party ...
The Next Web

ShinyHunters published 45GB of Madison Square Garden data, including facial recognition surveillance records

ShinyHunters leaked 45GB of MSG data after a missed ransom deadline, exposing biometric surveillance records and triggering a class action lawsuit.
The Hacker News

âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...

With Just 1 Click, Researchers Figured Out How to Hijack Microsoft Copilot to Steal Your Data

A recent Microsoft Copilot exploit demonstrates how AI can make existing cybersecurity bugs even more virulent.
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
SecurityWeek

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. A critical Splunk Enterprise vulnerability is being exploited ...
LinkedIn

Millions of jobs and people hiring

With the Open To Work feature, you can privately tell recruiters or publicly share with the LinkedIn community that you are looking for new job opportunities. Sending messages to people you know is a ...