متاح الآن! بحث تيليغرام 2025 — أهم رؤى العام 
Vulnerability News
الذهاب إلى القناة على Telegram
Every day new posts about vulnerabilities and cybersecurity news. Get the latest news about the cyberspace! Group: @VulnerabilityNewsGroup
إظهار المزيد4 935
المشتركون
+124 ساعات
+287 أيام
+13330 أيام
جاري تحميل البيانات...
القنوات المماثلة
سحابة العلامات
الإشارات الواردة والصادرة
---
---
---
---
---
---
جذب المشتركين
يونيو '26
يونيو '26
+73
في 0 قنوات
مايو '26
+204
في 0 قنوات
Get PRO
أبريل '26
+187
في 0 قنوات
Get PRO
مارس '26
+254
في 0 قنوات
Get PRO
فبراير '26
+116
في 0 قنوات
Get PRO
يناير '26
+166
في 0 قنوات
Get PRO
ديسمبر '25
+134
في 0 قنوات
Get PRO
نوفمبر '25
+139
في 0 قنوات
Get PRO
أكتوبر '25
+8
في 0 قنوات
Get PRO
سبتمبر '25
+12
في 0 قنوات
Get PRO
أغسطس '25
+13
في 0 قنوات
Get PRO
يوليو '25
+11
في 0 قنوات
Get PRO
يونيو '25
+12
في 0 قنوات
Get PRO
مايو '25
+18
في 1 قنوات
Get PRO
أبريل '25
+14
في 0 قنوات
Get PRO
مارس '25
+21
في 0 قنوات
Get PRO
فبراير '25
+17
في 0 قنوات
Get PRO
يناير '25
+15
في 1 قنوات
Get PRO
ديسمبر '24
+262
في 1 قنوات
Get PRO
نوفمبر '24
+206
في 1 قنوات
Get PRO
أكتوبر '24
+166
في 0 قنوات
Get PRO
سبتمبر '24
+146
في 0 قنوات
Get PRO
أغسطس '24
+137
في 0 قنوات
Get PRO
يوليو '24
+96
في 1 قنوات
Get PRO
يونيو '24
+91
في 0 قنوات
Get PRO
مايو '24
+95
في 0 قنوات
Get PRO
أبريل '24
+104
في 0 قنوات
Get PRO
مارس '24
+149
في 0 قنوات
Get PRO
فبراير '24
+279
في 0 قنوات
Get PRO
يناير '24
+395
في 0 قنوات
Get PRO
ديسمبر '23
+327
في 0 قنوات
Get PRO
نوفمبر '23
+38
في 0 قنوات
Get PRO
أكتوبر '23
+32
في 0 قنوات
Get PRO
سبتمبر '23
+47
في 0 قنوات
Get PRO
أغسطس '23
+53
في 0 قنوات
Get PRO
يوليو '23
+51
في 0 قنوات
Get PRO
يونيو '23
+42
في 0 قنوات
Get PRO
مايو '23
+43
في 0 قنوات
Get PRO
أبريل '23
+67
في 0 قنوات
Get PRO
مارس '23
+65
في 0 قنوات
Get PRO
فبراير '23
+45
في 0 قنوات
Get PRO
يناير '23
+67
في 0 قنوات
Get PRO
ديسمبر '22
+62
في 0 قنوات
Get PRO
نوفمبر '22
+71
في 0 قنوات
Get PRO
أكتوبر '22
+70
في 0 قنوات
Get PRO
سبتمبر '22
+55
في 0 قنوات
Get PRO
أغسطس '22
+44
في 0 قنوات
Get PRO
يوليو '22
+54
في 0 قنوات
Get PRO
يونيو '22
+78
في 0 قنوات
Get PRO
مايو '22
+46
في 0 قنوات
Get PRO
أبريل '22
+77
في 0 قنوات
Get PRO
مارس '22
+105
في 0 قنوات
Get PRO
فبراير '22
+48
في 0 قنوات
Get PRO
يناير '22
+61
في 0 قنوات
Get PRO
ديسمبر '21
+99
في 0 قنوات
Get PRO
نوفمبر '21
+68
في 0 قنوات
Get PRO
أكتوبر '21
+170
في 0 قنوات
Get PRO
سبتمبر '21
+72
في 0 قنوات
Get PRO
أغسطس '21
+104
في 0 قنوات
Get PRO
يوليو '21
+72
في 0 قنوات
Get PRO
يونيو '21
+292
في 0 قنوات
Get PRO
مايو '21
+1 344
في 0 قنوات
| التاريخ | نمو المشتركين | الإشارات | القنوات | |
| 14 يونيو | +1 | |||
| 13 يونيو | +3 | |||
| 12 يونيو | +6 | |||
| 11 يونيو | +7 | |||
| 10 يونيو | +4 | |||
| 09 يونيو | +2 | |||
| 08 يونيو | +8 | |||
| 07 يونيو | +8 | |||
| 06 يونيو | +8 | |||
| 05 يونيو | +2 | |||
| 04 يونيو | +8 | |||
| 03 يونيو | +6 | |||
| 02 يونيو | +4 | |||
| 01 يونيو | +6 |
منشورات القناة
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
Anthropic said on Friday it will "abruptly disable" its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether inside or outside the U.S., citing national security concerns.
The AI company said it received an order at 5:21 p.m. ET, instructing it to suspend
https://thehackernews.com/2026/06/us-orders-anthropic-to-suspend-fable-5.html
| 2 | Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution.
The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system.
"In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary
https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html | 48 |
| 3 | Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls
Anthropic takes Fable 5 and Mythos 5 offline to comply with a directive from the Trump administration to prevent use by foreign nationals.
The post Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls appeared first on SecurityWeek.
https://www.securityweek.com/anthropic-says-it-has-taken-its-latest-ai-models-offline-to-comply-with-new-export-controls/ | 37 |
| 4 | NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks
By default, npm install will no longer execute scripts from dependencies, unless explicitly allowed.
The post NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks appeared first on SecurityWeek.
https://www.securityweek.com/npm-12-will-change-script-execution-behavior-to-prevent-supply-chain-attacks/ | 31 |
| 5 | US Gov asks Anthropic to ban 'foreign national' access to Fable, Mythos
The US government has ordered Anthropic to block all foreign nationals from accessing Fable 5 and Mythos 5, forcing the company to suspend both models worldwide. Anthropic is complying but disputes the basis, calling the cited jailbreak narrow and the capability widely available elsewhere. [...]
https://www.bleepingcomputer.com/news/security/us-gov-asks-anthropic-to-ban-foreign-national-access-to-fable-mythos/ | 22 |
| 6 | Chinese hackers hijack auth flow, spy on isolated network for a decade
Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. [...]
https://www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/ | 21 |
| 7 | Ex-school district employee jailed for hacks on former employer
A former IT employee at an Iowa school district was sentenced to 21 months in prison after conducting a prolonged cyberattack against the former employer that disrupted classroom operations, deleted accounts, and caused tens of thousands of dollars in damages. [...]
https://www.bleepingcomputer.com/news/security/ex-school-district-employee-jailed-for-hacks-on-former-employer/ | 26 |
| 8 | Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans.
The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant.
"The operation weaponized Gemini to help
https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html | 99 |
| 9 | Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them.
The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to hide itself. The AUR is Arch Linux's community package collection, and it is separate
https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html | 94 |
| 10 | CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.
Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates Based on Risk establishes vulnerability management requirements for Federal Civilian Executive Branch (FCEB) agencies, updating BOD 22-01. BOD 26-04 reinforces the importance of the KEV catalog and requires federal agencies to prioritize rapid remediation of high-risk vulnerabilities, specifically those identified by Common Vulnerabilities and Exposures (CVEs) listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog on publicly exposed assets that grant total control of the asset post-exploitation, while deferring action for lower-risk vulnerabilities. BOD 26-04 further establishes basic expectations for when agencies must check whether threat actors compromised the system before the patch was applied.
While BOD 26-04 applies only to FCEB agencies, CISA encourages all organizations to adopt risk-based vulnerability management and prioritize remediation of KEV catalog vulnerabilities. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Aware of an exploited vulnerability not currently listed in the KEV catalog? Submit for potential addition: KEV Nomination Form. Potential KEV additions must have a CVE ID, evidence of exploitation, and clear mitigation guidance.
https://www.cisa.gov/news-events/alerts/2026/06/12/cisa-adds-one-known-exploited-vulnerability-catalog | 79 |
| 11 | Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters
Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation.
The post Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters appeared first on SecurityWeek.
https://www.securityweek.com/google-confirms-exploitation-of-oracle-peoplesoft-zero-day-by-shinyhunters/ | 53 |
| 12 | Anthropic Disputes Fable 5 AI Jailbreak
An AI hacker claims to have achieved a prompt-based jailbreak shortly after Fable 5’s launch, but Anthropic says it’s not a real jailbreak.
The post Anthropic Disputes Fable 5 AI Jailbreak appeared first on SecurityWeek.
https://www.securityweek.com/anthropic-disputes-fable-5-ai-jailbreak/ | 50 |
| 13 | Chrome 149 Update Patches 28 Vulnerabilities
The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs.
The post Chrome 149 Update Patches 28 Vulnerabilities appeared first on SecurityWeek.
https://www.securityweek.com/chrome-149-update-patches-28-vulnerabilities/ | 32 |
| 14 | Ivanti Sentry Exploitation Attempts Hitting Honeypots
The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges.
The post Ivanti Sentry Exploitation Attempts Hitting Honeypots appeared first on SecurityWeek.
https://www.securityweek.com/ivanti-sentry-exploitation-attempts-hitting-honeypots/ | 30 |
| 15 | Iranian Cyber Group Handala Claims Cal Water Hack
The hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform.
The post Iranian Cyber Group Handala Claims Cal Water Hack appeared first on SecurityWeek.
https://www.securityweek.com/iranian-cyber-group-handala-claims-cal-water-hack/ | 32 |
| 16 | Industry Reactions to Claude Fable 5: Feedback Friday
Industry professionals comment on various aspects of Fable 5, including dual-use capabilities, safeguards, and tiered access.
The post Industry Reactions to Claude Fable 5: Feedback Friday appeared first on SecurityWeek.
https://www.securityweek.com/industry-reactions-to-claude-fable-5-feedback-friday/ | 29 |
| 17 | In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine
Other noteworthy stories that might have slipped under the radar: ICS device exposure remains flat as attack surface widens, Microsoft issues incident response playbook for AI, IBM and AT&T accused of hack cover-ups.
The post In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-google-security-layoffs-audia6-takedown-400-million-coupang-fine/ | 26 |
| 18 | Japanese energy firm loses drive with data of 10.9 million clients
Kyushu Electric Power Co., Inc. has disclosed a physical security incident that affects private data of more than 10 million customers. [...]
https://www.bleepingcomputer.com/news/security/japanese-energy-firm-loses-drive-with-data-of-109-million-clients/ | 22 |
| 19 | Over 73,000 French govt employees affected in Tchap messenger breach
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector. [...]
https://www.bleepingcomputer.com/news/security/french-govt-says-tchap-breach-affected-over-73-000-accounts/ | 23 |
| 20 | CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04. [...]
https://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/ | 21 |
