Protecting Privacy Build Trust

Protecting Privacy Build Trust

Protecting Privacy Build Trust

Privacy Trust

on April 23, 2026 at 3:10 pm — UAT-4356’s Targeting of Cisco Firepower Devices

Leave a Comment / Uncategorized / Privacy Trust

Cisco Talos is aware of UAT-4356‘s continued active targeting of Cisco Firepower devices’ Firepower eXtensible Operating System (FXOS). UAT-4356 exploited n-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) to gain unauthorized access to vulnerable devices, where the threat actor deployed their custom-built backdoor dubbed “FIRESTARTER.” FIRESTARTER considerably overlaps with the technical capabilities of RayInitiator’s Stage 3 shellcode that […]

on April 23, 2026 at 3:10 pm — UAT-4356’s Targeting of Cisco Firepower Devices Read More »

on April 23, 2026 at 8:11 am — CVE-2026-27820 zlib: Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on April 23, 2026 at 8:11 am — CVE-2026-27820 zlib: Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption Read More »

on April 23, 2026 at 8:01 am — CVE-2026-35239

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on April 23, 2026 at 8:01 am — CVE-2026-35239 Read More »

on April 23, 2026 at 8:02 am — CVE-2026-34271

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on April 23, 2026 at 8:02 am — CVE-2026-34271 Read More »

on April 23, 2026 at 8:02 am — CVE-2026-35238

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on April 23, 2026 at 8:02 am — CVE-2026-35238 Read More »

on April 22, 2026 at 8:01 am — CVE-2026-5928 Static buffer overflow in deprecated nis_local_principal

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on April 22, 2026 at 8:01 am — CVE-2026-5928 Static buffer overflow in deprecated nis_local_principal Read More »

on April 22, 2026 at 8:01 am — CVE-2026-5958 Race Condition in GNU Sed

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on April 22, 2026 at 8:01 am — CVE-2026-5958 Race Condition in GNU Sed Read More »

on April 22, 2026 at 8:46 am — CVE-2025-14821 Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on April 22, 2026 at 8:46 am — CVE-2025-14821 Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows Read More »

on April 22, 2026 at 2:00 pm — CVE-2026-26171 .NET Denial of Service Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

The CVE was updated to include Powershell 7.6 and 7.5

on April 22, 2026 at 2:00 pm — CVE-2026-26171 .NET Denial of Service Vulnerability Read More »

on April 21, 2026 at 2:00 pm — CVE-2026-40372 ASP.NET Core Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

on April 21, 2026 at 2:00 pm — CVE-2026-40372 ASP.NET Core Elevation of Privilege Vulnerability Read More »