SecurityWeek

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution.
Network World

Telnet vulnerability opens door to remote code execution as root

The flaw in a legacy Telnet implementation enables pre-auth remote code execution, exposing affected systems to full compromise.
The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

CNCERT warns OpenClaw AI agent has weak defaults enabling prompt injection and data leaks, prompting China to restrict use on government systems.
Microsoft

Help on the line: How a Microsoft Teams support call led to compromise

Read the new Microsoft Cyberattack Series report to learn more about on how deception and trusted tools can enable ...
CSO Online

Nine critical vulnerabilities in Linux AppArmor put over 12M enterprise systems at risk

Qualys researchers expose ‘CrackArmor’ flaws that allow unprivileged users to escalate privileges to root, break container isolation, and crash systems, with no CVE identifiers yet assigned.
The Hacker News

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.
InfoQ

AWS Launches Managed Openclaw on Lightsail amid Critical Security Vulnerabilities

AWS launched managed OpenClaw on Lightsail for AI agent deployment while security concerns mount. The 250k-star GitHub project is affected by CVE-2026-25253, which enables one-click RCE, with 17,500+ ...
Que.com on MSN

CVE-2026-32746 telnetd flaw enables unauthenticated root RCE via port 23

A newly disclosed security vulnerability tracked as CVE-2026-32746 is drawing serious attention across the security community due to its potential ...