CIRCLE WITH A DOT

Ubuntu Security Notice USN-8226-1 https://packetstorm.news/files/220171 #advisory

FreeBSD Security Advisory - FreeBSD-SA-26:16.libnv https://packetstorm.news/files/220155 #advisory #advisory

Copy Fail: Linux Kernel Flaw Grants Root Access On All Major DistributionsA Linux kernel vulnerability called "Copy Fail" (CVE-2026-31431) allows unprivileged local users to gain root privileges with 100% reliability by corrupting the shared page cache. The flaw affects nearly all Linux distributions since 2017 and enables container escapes because the memory corruption does not modify files on disk.**If you run Linux servers, especially shared environments like Kubernetes clusters, CI/CD runners, or multi-tenant hosts, patch your kernel immediately to a version that includes the fix (mainline commit a664bf3d603d) for CVE-2026-31431. If you can't patch right away, disable the vulnerable module by running echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf followed by rmmod algif_aead, and for untrusted code environments block AF_ALG socket creation via seccomp as a long-term safeguard.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/copy-fail-linux-kernel-flaw-grants-root-access-on-all-major-distributions-w-l-v-0-c/gD2P6Ple2L

GitHub Patches Critical RCE Vulnerability in GitHub.com and GitHub Enterprise ServerGitHub patched a critical RCE vulnerability (CVE-2026-3854) in its internal git infrastructure that allowed authenticated users to compromise backend servers and access millions of repositories.**If you run GitHub Enterprise Server (version 3.19.1 or earlier), upgrade immediately to a patched version (3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.8, 3.19.4, 3.20.0, or later) since nearly 90% of instances are still unpatched. Also check your audit logs at `/var/log/github-audit.log` for push operations with unusual special characters in option values to spot any exploitation attempts; if you use GitHub.com or GitHub Enterprise Cloud, no action is needed since GitHub already fixed it.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/github-patches-critical-rce-vulnerability-in-github-com-and-github-enterprise-server-r-x-e-8-5/gD2P6Ple2L

Critical Unpatched RCE Vulnerability in Hugging Face LeRobot Robotics PlatformHugging Face's LeRobot robotics platform contains a critical unpatched vulnerability (CVE-2026-25874) that allows unauthenticated remote code execution via unsafe pickle deserialization. Attackers can exploit exposed gRPC endpoints to take full control of robotics servers and connected hardware.**If you're using Hugging Face LeRobot, make sure all robot devices and servers are isolated from the internet and accessible only from trusted networks. Until version 0.6.0 is released with a fix for CVE-2026-25874, run LeRobot as a non-root user inside restricted containers, and monitor for unusual processes or outbound traffic.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/critical-unpatched-rce-vulnerability-in-hugging-face-lerobot-robotics-platform-z-j-o-7-g/gD2P6Ple2L

Debian Security Advisory 6231-1 https://packetstorm.news/files/219990 #advisory

Microsoft Issues Emergency Patches for Critical ASP.NET Core Cryptographic FlawMicrosoft released emergency patches for a critical ASP.NET Core vulnerability (CVE-2026-40372) that allows unauthenticated attackers to forge authentication cookies and gain SYSTEM privileges. The flaw primarily affects applications on Linux and macOS using specific versions of the Data Protection NuGet package.**If you're running ASP.NET Core apps using the Microsoft.AspNetCore.DataProtection NuGet package (versions 10.0.0 through 10.0.6), especially on Linux or macOS, upgrade immediately to version 10.0.7 and redeploy your applications. After updating, rotate the DataProtection key ring to invalidate any forged tokens or sessions that may have been issued during the vulnerable window.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/microsoft-issues-emergency-patches-for-critical-asp-net-core-cryptographic-flaw-0-1-8-4-c/gD2P6Ple2L

#OT #Advisory VDE-2026-023Phoenix Contact: Several products are affected by vulnerabilities found in OpenSSLAttacks are possible when installing key files and digitally signed objects. These attacks can only be carried out if these files are uploaded and installed by a logged-in user with high privileges.#CVE CVE-2025-15467, CVE-2025-69419https://certvde.com/en/advisories/vde-2026-023/#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-023.json

Carney reveals new advisory council for Canada-U.S. tradePrime Minister Mark Carney has revealed who will be on the newly created committee — and the list includes voices from tariff-hit sectors and prominent former Conservative MPs.#Canada #Politics #CanadaUSMexicoAgreement #donaldtrumptariffs https://globalnews.ca/news/11810190/new-advisory-council-canada-us-trade/

Ubuntu Security Notice USN-8178-1 https://packetstorm.news/files/219070 #advisory

Ubuntu Security Notice USN-8175-1 https://packetstorm.news/files/218996 #advisory

Debian Security Advisory 6211-1 https://packetstorm.news/files/218974 #advisory

SUSE Security Advisory - SUSE-SU-2026:1312-1 https://packetstorm.news/files/218963 #advisory

GitHub Webhook Secret Exposure: Some Secrets Inadvertently Leaked in HTTP Headers Between September 2025 and January 2026A bug in GitHub's new webhook delivery platform (active Sept 2025–Jan 2026) inadvertently exposed webhook secrets in an HTTP header, potentially allowing attackers who obtained them to forge GitHub webhook payloads. GitHub has notified affected owners and urged them to immediately rotate their webhook secrets, purge any logs containing the exposed headers, and verify HMAC signature validation.**If you received a notification from GitHub about this webhook secret exposure, rotate your affected webhook secrets immediately and purge any HTTP request header logs on your receiving systems that may contain the leaked secrets. After rotating, verify that your endpoint is properly validating the X-Hub-Signature-256 header with the new secret to prevent forged payloads. If you are using CircleCI, check their advisory as well.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/github-webhook-secret-exposure-incident-secrets-inadvertently-leaked-in-http-headers-between-september-2025-and-january-2026-l-j-3-7-t/gD2P6Ple2L

SAP Security Patch Day April 2026: Critical SQL Injection and Authorization Flaws AddressedSAP's April 2026 security update addresses 20 vulnerabilities, including a critical SQL injection (CVE-2026-27681) in Business Warehouse and a high-severity authorization bypass (CVE-2026-34256) in S/4HANA.**If you are using SAP products, review the advisory in detail. Prioritize patching the critical SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse, then the high-severity missing authorization check in SAP ERP and SAP S/4 HANA. Then review the rest of the issues.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/sap-security-patch-day-april-2026-critical-sql-injection-and-authorization-flaws-addressed-e-i-m-l-c/gD2P6Ple2L

CISA Reports Active Exploitation of Four Microsoft Vulnerabilities, Including a 14-Year-Old FlawCISA flagged four actively exploited Microsoft vulnerabilities, spanning from 2012 to 2025 covering privilege escalation, remote code execution in Exchange Server, and insecure library loading, with at least one (CVE-2023-21529) tied to Storm-1175's Medusa ransomware campaigns. US Federal agencies must patch all four by April 27, 2026.**Most of these flaws are old. So if you haven't patched your systems for over a year - let alone 14 years, it's high time to do it today. Because hackers don't care how old a vulnerability is. It's still usable. If you're still running Exchange Server 2013, 2016, or 2019 on-premises, prioritize patching or migrating those immediately.**#cybersecurity #infosec #advisory #ransomwarehttps://beyondmachines.net/event_details/cisa-reports-active-exploitation-of-four-microsoft-vulnerabilities-including-a-14-year-old-flaw-f-v-f-p-4/gD2P6Ple2L