Security news.
Today's security news highlights immediate threats with a critical PraisonAI vulnerability being exploited hours after disclosure and new Windows zero-days. We also see significant patching efforts from F5 and Linux distributions, alongside continued cyberattacks on the manufacturing sector and evolving tactics from AP
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Threat actors are actively exploiting a missing authentication vulnerability (CVE-2026-44338) in the PraisonAI open-source multi-agent orchestration framework, exposing sensitive endpoints.
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
Two new Windows zero-days, YellowKey (BitLocker bypass requiring physical access) and GreenPlasma (privilege escalation via CTFMON), have been disclosed by a cybersecurity researcher.
New Fragnesia Linux flaw lets attackers gain root privileges
Linux distributions are patching a high-severity kernel privilege escalation vulnerability, CVE-2026-46300 (Fragnesia), which allows attackers to achieve root privileges through page cache corruption.
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
A critical heap buffer overflow (CVE-2026-42945, CVSS 9.2) in NGINX's ngx_http_rewrite_module, undetected for 18 years, could lead to unauthenticated remote code execution or denial of service.
F5 Patches Over 50 Vulnerabilities
F5 has released its latest quarterly advisory, addressing over 50 high and medium-severity vulnerabilities across BIG-IP, BIG-IQ, and NGINX products.
KongTuke hackers now use Microsoft Teams for corporate breaches
Initial access broker KongTuke is leveraging Microsoft Teams for social engineering attacks, reportedly gaining persistent access to corporate networks in as little as five minutes.
Foxconn Attack Highlights Manufacturing's Cyber Crisis
A Nitrogen ransomware attack on Foxconn's North American facilities is part of a growing trend, with over 600 hits on manufacturers this year due to their low tolerance for downtime.
Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns
Chinese APT groups are expanding their targeting, with Salt Typhoon hitting an energy entity in Azerbaijan and Twill Typhoon deploying updated RATs against Asian organizations.