Sponsor of the Day:
Jerkmate
https://thehackernews.com/2026/04/new-php-composer-flaws-enable-arbitrary.html
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Two Composer flaws (CVE-2026-40176, CVE-2026-40261) allow command execution via Perforce configurations, prompting urgent updates.
arbitrary command executionnew phpflaws enablecomposerpatches
https://thehackernews.com/2025/07/critical-dahua-camera-flaws-enable.html
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Critical RCE flaws in Dahua smart cameras affect 9 models; threat enables device hijack over LAN/Internet.
flaws enablefile uploadcriticaldahuacamera
https://hothardware.com/news/runc-flaws-enables-hackers-to-exploit-docker-containers
Alarming runC Flaws Enable Hackers To Exploit Docker Containers For Root Access | HotHardware
Nov 10, 2025 - A trio of security flaws enables attackers to get direct access to host machines utilizing runC.
flaws enabledocker containersroot accessalarmingrunc
https://thehackernews.com/2025/08/cyberark-and-hashicorp-flaws-enable.html
CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials
Vault Fault and ReVault flaws in CyberArk, HashiCorp, and Dell expose systems to takeover risks.
flaws enablecyberarkhashicorpremotevault
https://thehackernews.com/2026/01/three-flaws-in-anthropic-mcp-git-server.html
Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some cases, lead to RCE.
anthropic mcpgit serverfile accesscode executionthree