Marcus Lenngren

549 posts

Marcus Lenngren

Marcus Lenngren

@lenngrenm

CTO, CiSO, Engineer From startup to enterprise, always security, prefer fun, relaxed and goaldriven work to create efficiency

Stockholm, Sweden Katılım Aralık 2010
942 Takip Edilen324 Takipçiler
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade China-linked Velvet Ant group has been backdooring PAM and OpenSSH binaries on Linux systems since at least 2016 to steal credentials and maintain persistent access while evading d ht…
English
0
0
0
17
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Over 400 Arch Linux packages compromised to push rootkit, infostealer A threat actor compromised over 400 packages in the Arch User Repository by injecting a Linux rootkit and infostealer into build scripts. The malware uses eBPF to achieve kernel-le https://…
English
0
0
0
25
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: ‼️ CVE-2026-54420: LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn b... CVE-2026-54420 is a critical symlink mishandling vulnerability in LiteSpeed cPanel plugin versions before 2.4.8 and LiteSpeed WHM Plugin versions before 5.3.2.0. At…
English
0
0
0
104
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks Oracle released an emergency advisory for CVE-2026-35273, a critical unauthenticated RCE in PeopleSoft PeopleTools 8.61 and 8.62. ShinyHunters has reportedly exploited this vulnera https://…
English
0
0
0
83
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws Microsoft's June 2026 Patch Tuesday addresses 200 vulnerabilities including six zero-days. One zero-day is actively exploited in the wild; the other five are publicly disclosed. Af https://…
English
0
0
0
11
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Max severity Ivanti Sentry vulnerability now exploited in attacks Attackers are actively exploiting CVE-2026-10520, a maximum-severity OS command injection flaw in Ivanti Sentry security gateways. This vulnerability allows unauthenticated remote https://…
English
0
0
0
31
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public CVE-2026-23111 is a use-after-free in Linux kernel nf_tables code allowing unprivileged users to escalate to root and escape containers. Public exploits are now available. Unpatche http…
English
0
0
0
38
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE A critical command injection vulnerability (CVE-2026-42271) in LiteLLM AI gateway versions 1.74.2 through 1.83.7 is being actively exploited in the wild. Researchers have chained t ht…
English
0
0
0
51
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks Self-propagating worms named Miasma and Hades have compromised 100+ packages across NPM and PyPI repositories since May. These attacks steal credentials and API keys to propagate f https://…
English
0
0
0
12
Marcus Lenngren
Marcus Lenngren@lenngrenm·
Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges threatnoir.com /article/microsoft-defender-rogueplanet-zero-day-grants-system-privileges-3268bb #cybersecurity
Deutsch
0
0
0
11
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Check Point links VPN zero-day attacks to Qilin ransomware gang Check Point VPN authentication bypass vulnerability (CVE-2026-50751) in IKEv1 deployments is actively exploited by Qilin ransomware operators since May 7. A few dozen organizations https://…
English
0
0
1
101
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave 37 malicious Python packages across 19 PyPI repositories are delivering a worm that executes JavaScript payloads via the Bun runtime during installation. Any developer or CI/CD pip https…
English
0
0
0
15
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances VerdantBamboo, a China-nexus espionage group, is deploying BRICKSTORM backdoor variants alongside PLENET and AGENTPSD malware against Linux appliances, particularly targeting MSPs. https://…
English
0
0
0
25
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Cisco warns of unpatched SD-WAN zero-day exploited in attacks Cisco Catalyst SD-WAN Manager has an unpatched zero-day (CVE-2026-20245) being actively exploited to gain root access. Local attackers with netadmin privileges can bypass input val https://…
English
0
0
0
50
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 Cisco released CVE-2026-20245, a root RCE in Catalyst SD-WAN Manager affecting authenticated netadmin users through malicious file uploads. This is the seventh SD-WAN zero-day expl threatnoir.com/focus #
English
0
0
0
46
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available Cisco Catalyst SD-WAN Manager is under active exploitation due to CVE-2026-20245, a high-severity authentication bypass that allows local attackers to execute arbitrary comman…
English
0
0
0
30
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Critical Kirki flaw exploited to hijack WordPress admin accounts Critical privilege escalation flaw in Kirki WordPress plugin (CVE-2026-8206) allows unauthenticated attackers to reset any user account including admins via an unvalidated REST API https://…
English
0
0
0
43
Marcus Lenngren
Marcus Lenngren@lenngrenm·
⚠️ CRITICAL: Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited Google patched 124 Android vulnerabilities in June 2026, including CVE-2025-48595, a high-severity privilege escalation flaw (CVSS 8.4) in the Framework component that is actively https://…
English
0
0
0
41