… The first zero-day, a broken access control vulnerability tracked as CVE-2026-49200 , can allow unauthenticated attackers to remotely access plaintext credentials stored in log archives. "The acer cgi.log file in the device firmware is accessible without authentication via the web interface. …
… However, Inditex noted that the attackers didn't gain access to affected customers' names, phone numbers, addresses, credentials, or payment information such as bank cards . …
… The threat actors used this access to export millions of consumer and business customer records from the company's Salesforce instance. …
… The agent located and emailed AWS IAM keys, database credentials, and SSH access details to an external Gmail account. …
… The flaw lies in the ‘cgroup release agent write ’ function of the cgroups v1 subsystem, which, due to insufficient authentication checks, can be abused by a local attacker to bypass namespace isolation, escalate privileges, and potentially escape from a container to gain root-level access on the h… …
… Download Now Related Articles: Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026 Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own Recently leaked Windows zero-days now exploited in attacks Windows BitLocker zero-day gives access to protected drives, PoC released New Wind… …
… Once access is obtained, it establishes persistence using systemd services, cron jobs, Redis cron rewrites, or privileged containers before continuing propagation. …
… The company started notifying 5,995,277 customers on Wednesday that threat actors stole their data in an April 10 breach after gaining access to some of its IT systems in a social engineering attack. …
… According to Silent Push researchers, the DriveSurge threat actor primarily functions as an initial access broker IAB operating on a pay-per-install PPI model, enabling follow-on attacks. …
… The researchers have found that the kit’s blocklist currently contains 230 vendor names and is constantly updated. eSentire recommends disabling the OAuth device code flow when not needed, restricting OAuth consent permissions, requiring admin approval for third-party apps, enabling Continuous Acce… …