Security news.
Today's security news highlights a critical unpatched RCE vulnerability in Telnetd, alongside Apple's new background security updates addressing a WebKit flaw. The cybersecurity landscape also saw a significant supply-chain attack impacting hundreds of code repositories and new sanctions from Europe against firms involved in cyberattacks.
Critical Unpatched Telnetd Flaw Enables Unauthenticated Root RCE
A critical out-of-bounds write vulnerability (CVE-2026-32746) in GNU InetUtils telnetd allows unauthenticated remote attackers to execute arbitrary code with root privileges via port 23.
Apple Pushes First Background Security Improvements Update for WebKit Flaw
Apple has released its initial Background Security Improvements update to fix a WebKit flaw (CVE-2026-20643) on iPhones, iPads, and Macs without requiring a full OS upgrade.
GlassWorm Malware Hits 400+ Code Repos on GitHub, npm, VSCode
The GlassWorm supply-chain campaign has resurfaced with a coordinated attack targeting hundreds of packages, repositories, and extensions across GitHub, npm, and VSCode/OpenVSX.
Europe Sanctions Chinese and Iranian Firms for Cyberattacks
The European Union Council has imposed sanctions on three entities and two individuals for their involvement in cyberattacks targeting critical infrastructure within the region.
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Researchers have detailed a new method for exfiltrating sensitive data from AI code execution environments using DNS queries, affecting platforms like Amazon Bedrock AgentCore Code Interpreter.
UK Companies House Exposed Details of Millions of Firms
A vulnerability in the UK government agency's systems could have allowed attackers to obtain company details and alter records for millions of firms.
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
The LeakNet ransomware operation has adopted the ClickFix social engineering tactic, using compromised websites to trick users into manually running malicious commands.
CISA Adds Wing FTP Server Vulnerability to KEV Catalog
CISA has added CVE-2025-47813, an information disclosure vulnerability in Wing FTP Server, to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.