Security news.
Today's security news highlights critical threats, including active exploitation of vulnerabilities in Gitea Docker and the addition of two more CVEs to CISA's KEV catalog. Progress Software has issued an urgent warning to ShareFile customers regarding a "credible external security threat" and law enforcement continues to pursue ransomware actors, with one Ryuk member pleading guilty.
Progress Urges ShareFile Customers to Shut Down Storage Zone Controllers
Progress Software is advising ShareFile customers using Storage Zone Controllers to immediately shut down their Windows servers due to a "credible external security threat."
Hackers Actively Exploit Critical Auth Bypass in Gitea Docker Image
A critical vulnerability in the official Docker image for Gitea, a self-hosted Git service, is being actively exploited, allowing attackers to impersonate any user, including administrators.
CISA Adds Two New Exploited Vulnerabilities to KEV Catalog
CISA has added CVE-2026-48939 (iCagenda Unrestricted File Upload) and CVE-2026-56291 (Balbooa Forms Unrestricted File Upload) to its Known Exploited Vulnerabilities Catalog due to active exploitation.
Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages
Threat actors compromised the Injective Labs SDK's GitHub repository to publish a malicious npm package (@injectivelabs/[email protected]) designed to steal cryptocurrency wallet private keys and mnemonic seed phrases.
Ryuk Ransomware Member Pleads Guilty in US, Faces 15 Years
An Armenian national has pleaded guilty in the U.S. to hacking companies and deploying Ryuk ransomware, potentially facing 15 years in prison.
Third US Security Expert Sentenced for Helping Ransomware Gang
Angelo Martino, a former ransomware negotiator, was sentenced to 70 months in prison for aiding the BlackCat/Alphv ransomware group in attacks against U.S. companies.
Six New U-Boot Flaws Could Allow Devices to Crash or Run Malicious Code
Firmware security researchers discovered six new vulnerabilities in U-Boot, a bootloader used in various devices, with two critical flaws potentially allowing arbitrary code execution at boot.
Zimbra Urges Customers to Patch Critical Web Client XSS Flaw
Zimbra has issued an urgent advisory for customers to patch a critical cross-site scripting (XSS) vulnerability affecting the Classic Web Client in Zimbra Collaboration suite.