User Seeks Repository or Documentation for CTF Questions and Answers The post asks if there is a GitHub repository or documented source containing common Capture The Flag (CTF) questions along with their flag answers. The user is seeking a database-like resource that compiles these challenges. No specific repositories or documents are mentioned in the post.

📌 User Seeks Repository or Documentation for CTF Questions and Answers www.cyberhub.blog/article/24325-user-seeks...

CVE-2026-40116 PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream WebSocket endpoint in PraisonAI's call module accepts connections from any client without authentication or Twilio signature validation. Each connection opens an authenticated session to OpenAI's Realtime API using the serv

📌 CVE-2026-40116 - PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream WebSocket endpoint in PraisonAI's call module accepts connections from an... https://www.cyberhub.blog/cves/CVE-2026-40116

Researchers Demonstrate Vulnerability in Apple’s AirTag Location-Tracking System Researchers have demonstrated that Apple’s AirTag location-tracking system can be manipulated by replaying Bluetooth Low Energy (BLE) signals to inject false location reports into the Find My network. The attack exploits the reliance of AirTags on BLE advertisements, which are broadcast to nearby Apple devices and relayed over the internet to falsify an AirTag’s reported position. This method allows attackers to deceive the system into displaying locations where the AirTag has never physically been present. The vulnerability affects the core functionality of AirTags, which are designed to help users track lost items via Apple’s device network. No specific patches, CVE IDs, or dates for mitigation were mentioned in the report.

📌 Researchers Demonstrate Vulnerability in Apple’s AirTag Location-Tracking System www.cyberhub.blog/article/24322-researcher...

Hackers Exploit Unpatched Windows Defender Vulnerabilities to Attack Organizations A security researcher disclosed details of three unpatched security vulnerabilities in Windows Defender, along with exploit code. Cybersecurity firms have since observed hackers actively exploiting these flaws in real-world attacks targeting organizations. The vulnerabilities affect Microsoft’s built-in antivirus software, though no specific CVE IDs, affected versions, or exact exploitation methods were provided. The attacks leverage the publicly available exploit details to compromise systems. No timeline for patch availability or mitigation steps was mentioned in the report.

📌 Hackers Exploit Unpatched Windows Defender Vulnerabilities to Attack Organizations www.cyberhub.blog/article/24320-hackers-ex...

HAProxy HTTP/3 -> HTTP/1 Desync: Cross-Protocol Smuggling via a Standalone QUIC FIN (CVE-2026-33555) The post describes a security researcher’s investigation into a request smuggling vulnerability in HAProxy, specifically involving HTTP/3 to HTTP/1 desynchronization via a standalone QUIC FIN. The researcher credits inspiration from u/albinowax’s work on request smuggling and mentions prior experience in web security, including SQLi, XSS, and access control flaws. The discovery resulted from deeper exploration into networking protocols and HAProxy’s code implementation. The post also notes the use of AI in the research process.

📌 HAProxy HTTP/3 -> HTTP/1 Desync: Cross-Protocol Smuggling via a Standalone QUIC FIN (CVE-2026-33555) www.cyberhub.blog/article/24321-haproxy-ht...

Anthropic's Claude Mythos Preview Uncovers Major Software Vulnerabilities, Raising Concerns Over Corporate Control Anthropic released *Claude Mythos Preview*, an AI model capable of identifying and exploiting software vulnerabilities, but restricted its access to around 50 organizations—including Microsoft, Apple, Amazon Web Services, and CrowdStrike—under *Project Glasswing*. The model uncovered thousands of vulnerabilities across major operating systems and browsers, including a 27-year-old bug in OpenBSD and a 16-year-old flaw in FFmpeg, and weaponized Firefox vulnerabilities into 181 usable attacks (compared to two by Anthropic’s previous model). Security contractors agreed with Mythos’ severity ratings 198 times, achieving 89% alignment, though the model’s false-positive rate remains undisclosed. OpenAI similarly announced *GPT-5.4-Cyber*, another AI model deemed too dangerous for public release. Security firm Aisle replicated many of Mythos’ findings using smaller, publicly available AI models. The article highlights concerns over unilateral corporate control of such technologies and calls for greater transparency and independent auditing.

📌 Anthropic's Claude Mythos Preview Uncovers Major Software Vulnerabilities, Raising Concerns Over Cor... www.cyberhub.blog/article/24261-anthropics...

Operation PowerOFF Seizes 53 DDoS-for-Hire Domains, Arrests Four Suspects Operation PowerOFF, an international law enforcement action, seized 53 domains linked to DDoS-for-hire services used by over 75,000 cybercriminals. Authorities arrested four suspects and dismantled infrastructure supporting these services, which enabled distributed denial-of-service (DDoS) attacks. The operation uncovered databases containing data on more than 3 million criminal user accounts associated with the seized domains. No specific dates or technical details such as CVE IDs were provided in the report. The impact included disrupting DDoS-for-hire platforms and exposing a large-scale criminal network.

📌 Operation PowerOFF Seizes 53 DDoS-for-Hire Domains, Arrests Four Suspects www.cyberhub.blog/article/24319-operation-...

AI Amplifying Existing Vulnerabilities Rather Than Creating New Ones The article states that AI is amplifying existing vulnerabilities rather than creating new ones, increasing their risk and exploitability. No specific technical details, CVE IDs, dates, or affected systems are mentioned beyond this general observation. The core impact described is the heightened danger posed by legacy security flaws due to AI-driven exploitation methods. The discussion focuses on the broader trend of AI exacerbating known weaknesses in cybersecurity. No explicit "who" or "when" details are provided in the extracted content.

📌 AI Amplifying Existing Vulnerabilities Rather Than Creating New Ones www.cyberhub.blog/article/24317-ai-amplify...

AI Discovers Thousands of Zero-Day Vulnerabilities, Challenging Traditional Patching 💬 AI uncovered thousands of zero-day vulnerabilities for every major operating system and browser. Including a bug dating back to 1996 in OpenBSD. Patch everything is officially obsolete. The post states that an AI system named Claude Mythos autonomously discovered thousands of zero-day vulnerabilities without human direction, including remote code execution (RCE) flaws. It claims engineers with no security training could use the AI to generate working exploits. The volume of newly discovered CVEs is expected to surge, while organizations can only patch about 10% of existing vulnerabilities. The post suggests that traditional patching is no longer a viable solution.

📌 AI Discovers Thousands of Zero-Day Vulnerabilities, Challenging Traditional Patching www.cyberhub.blog/article/24318-ai-discove...

Introduction to Netwatch: Real-Time Network Diagnostics Tool for Terminal The post introduces *netwatch*, a tool designed for real-time network diagnostics directly within a terminal environment. It is linked from *Terminal Trove*, a website that appears to feature or catalog terminal-based utilities. No additional technical details or use cases are provided in the post.

📌 Introduction to Netwatch: Real-Time Network Diagnostics Tool for Terminal www.cyberhub.blog/article/24262-introducti...

NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities The National Institute of Standards and Technology (NIST) has revamped its Common Vulnerabilities and Exposures (CVE) framework to prioritize high-impact software vulnerabilities. The change aims to improve vulnerability remediation by focusing on flaws with the greatest potential risk. No specific technical details, dates, or CVE IDs were provided in the announcement. The update reflects NIST's shift in strategy to streamline the handling of critical security issues. The effort is led by NIST as part of its broader cybersecurity initiatives. The source of this information is Dark Reading.

📌 NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities www.cyberhub.blog/article/24316-nist-revam...

New Mirai Variant Nexcorium Targets DVR Systems for DDoS Attacks Cybersecurity researchers at Fortinet’s FortiGuard Labs identified Nexcorium, a new variant of the Mirai malware specifically targeting TBK digital video recorder (DVR) systems. The malware hijacks these IoT devices to assemble a botnet capable of launching distributed denial-of-service (DDoS) attacks. No specific CVE IDs, infection numbers, or attack timelines were disclosed in the report. The discovery highlights the ongoing exploitation of vulnerable IoT hardware by Mirai-based threats. The primary impact involves the weaponization of compromised DVR devices for large-scale DDoS campaigns.

📌 New Mirai Variant Nexcorium Targets DVR Systems for DDoS Attacks www.cyberhub.blog/article/24314-new-mirai-...

Smart TVs as Nodes in the AI Data-Scraping Economy The Reddit post links to an article discussing how smart TVs are being used as part of the AI data-scraping ecosystem. It highlights concerns about these devices collecting and transmitting user data for AI training purposes. The post references an external source but does not provide additional details.

📌 Smart TVs as Nodes in the AI Data-Scraping Economy www.cyberhub.blog/article/24315-smart-tvs-...

CVE-2026-33778 An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS). If an affected device receives a

📌 CVE-2026-33778 - An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX ... https://www.cyberhub.blog/cves/CVE-2026-33778

Adware "Dragon Boss" Update Disables Antivirus Protections Globally In March 2025, an update distributed by the adware strain "Dragon Boss" established persistence on infected systems via scheduled tasks and configured Windows Defender exclusions to bypass detection for future malicious payloads. The campaign targeted global users under the guise of a benign software update. No specific CVE IDs or victim counts were disclosed. The primary impact involved disabling antivirus protections to facilitate subsequent attacks. Technical details included the use of Windows Defender exclusions and scheduled tasks for persistence.

📌 Adware "Dragon Boss" Update Disables Antivirus Protections Globally www.cyberhub.blog/article/24313-adware-dra...

Conceptual Overlap Between Hacking and Web Scraping The article highlights that for end users, the effects of hacking and web scraping can appear similar, despite differing underlying methods. Web scraping is closely tied to business logic, and limiting it should be considered a standard practice. No specific technical details, dates, or vulnerabilities (such as CVE IDs) were mentioned in the provided content. The discussion focuses on the conceptual overlap between hacking and scraping rather than concrete incidents or impacts. The source does not provide explicit examples of affected entities or quantifiable data breaches.

📌 Conceptual Overlap Between Hacking and Web Scraping www.cyberhub.blog/article/24311-conceptual...

Open Dataset: 100k+ Multimodal Prompt Injection Samples with Academic Sourcing This dataset contains 101,032 samples, evenly split between 50,516 attack and 50,516 benign examples. The attack samples cover 27 categories sourced from over 55 published papers and disclosed vulnerabilities, including classical injection, adversarial suffixes, cross-modal delivery, and emerging agentic attacks. The methodology is documented with scope definition, construction layers, label assignment, and known limitations. The dataset is reproducible, with deterministic generators and verifiable academic references for each attack sample.

📌 Open Dataset: 100k+ Multimodal Prompt Injection Samples with Academic Sourcing www.cyberhub.blog/article/24312-open-datas...

CVE-2026-33350 LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, a SQL injection has been identified in some code sections for the MRI feedback popup window of the imaging browse

📌 CVE-2026-33350 - LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging r... https://www.cyberhub.blog/cves/CVE-2026-33350

Google Ends Support for Android 13 Google has ended support for Android 13, the operating system version released in 2022. The discontinuation of support occurred at the beginning of March. This decision affects millions of devices running Android 13, leaving them without further security updates or patches. No specific vulnerabilities (e.g., CVE IDs) or technical impacts were detailed in the announcement. The article does not specify regional or device-specific limitations beyond the general Android 13 user base.

📌 Google Ends Support for Android 13 www.cyberhub.blog/article/24310-google-end...

AI-on-AI Cybersecurity Threats and Quantum Computing Implications The article highlights the emergence of a new cybersecurity battleground where artificial intelligence (AI) systems are both attackers and defenders, emphasizing that AI-on-AI threats are no longer a distant concern. It warns organizations against waiting for a major quantum-related security incident to occur before taking action. The discussion includes the implications of quantum computing on encryption, referencing post-quantum cryptography and frameworks like the *AI Act* and *Cyber Resilience Act*. Key stakeholders mentioned include CISOs, C-level executives, and entities like NIST, which are involved in shaping defenses against AI-driven and quantum-enabled threats. The focus extends to risks such as botnets, ransomware, and phishing, exacerbated by generative AI. No specific technical details, dates, or CVE IDs are provided in the available content.

📌 AI-on-AI Cybersecurity Threats and Quantum Computing Implications www.cyberhub.blog/article/24308-ai-on-ai-c...

The Library: Ten Years of Building What Cybersecurity Training Actually Needs Simulations Labs has spent over a decade developing a library of over 2,100 cybersecurity training challenges, covering disciplines like web security, forensics, and cloud misconfigurations. The platform provides ready-to-use, professionally designed simulations for instructors, enterprises, and competition organizers, eliminating the need to build scenarios from scratch. Challenges are categorized by difficulty, maintained to reflect evolving threats, and can be customized for specific training needs. The library supports pre-built content, bespoke scenarios, or hybrid programs through a unified interface.

📌 The Library: Ten Years of Building What Cybersecurity Training Actually Needs www.cyberhub.blog/article/24309-the-librar...

Multiple Vulnerabilities Discovered in Google Chrome 📌 Multiple vulnerabilities were discovered in Google Chrome on April 16, 2026, as reported by CERT-FR. The flaws allow an attacker to trigger unspecified security issues, though the exact impact or exploitation methods are not detailed by the vendor. No specific technical details, such as CVE identifiers or affected versions, were provided in the notice. The advisory originates from the French government’s cybersecurity agency (ANSSI) via its CERT division. The vulnerabilities were disclosed without additional context on attack vectors or mitigation steps.

📌 Multiple Vulnerabilities Discovered in Google Chrome www.cyberhub.blog/article/24267-multiple-v...

U.S. Lawmakers Divided Over Reforms to Section 702 Surveillance Law U.S. lawmakers are divided over reforms to Section 702, a surveillance law set to expire in April 2026, following years of reported abuses across multiple administrations. The law, part of the Foreign Intelligence Surveillance Act (FISA), permits warrantless surveillance of non-U.S. persons but has been criticized for incidental collection of Americans' communications. Despite its expiration, the government’s broader spy powers will not automatically terminate. Debates focus on whether to impose stricter protections, such as requiring warrants for accessing Americans' data. No specific technical or numerical details about surveillance methods or impacted systems were provided in the report.

📌 U.S. Lawmakers Divided Over Reforms to Section 702 Surveillance Law www.cyberhub.blog/article/24307-us-lawmake...

OpenSSL 4.0 Introduces Support for Encrypted Client Hello (ECH) and Deprecates Legacy Options 📌 OpenSSL 4.0 is a major new release that introduces support for Encrypted Client Hello (ECH), a privacy-enhancing feature for TLS. The update also includes the removal or deprecation of legacy options to improve security and modernize the codebase. No specific release date, CVE IDs, or detailed technical impacts were provided in the announcement. The changes target OpenSSL users and developers relying on the library for secure communications. The article does not mention any vulnerabilities addressed in this version.

📌 OpenSSL 4.0 Introduces Support for Encrypted Client Hello (ECH) and Deprecates Legacy Options www.cyberhub.blog/article/24304-openssl-40...

TPM 2.0 Enhances Security with Hardware Attestation for Bare-Metal Server Fleets The Reddit post shares a blog link discussing the use of TPM 2.0 for hardware attestation in bare-metal server fleets. It highlights the benefits of TPM 2.0 in enhancing security for such environments. The post references an external article for further details.

📌 TPM 2.0 Enhances Security with Hardware Attestation for Bare-Metal Server Fleets www.cyberhub.blog/article/24306-tpm-20-enh...

CVE-2026-35523 Strawberry GraphQL is a library for creating GraphQL APIs. Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connection_init handshake has been completed before processin

📌 CVE-2026-35523 - Strawberry GraphQL is a library for creating GraphQL APIs. Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket ... https://www.cyberhub.blog/cves/CVE-2026-35523

Webinar to Address Evolving Cyberattacks and Phishing Threats Cyberattacks are evolving at a pace exceeding the defensive capabilities of many managed service providers (MSPs) and corporate security teams. Phishing is identified as a primary driver of current cybercrime activity. An upcoming webinar will address strategies to integrate security and recovery measures to mitigate risk and ensure business continuity. The event targets MSPs and organizations seeking to adapt their defenses against modern threats. No specific technical details, dates, or quantitative impacts were provided in the notice.

📌 Webinar to Address Evolving Cyberattacks and Phishing Threats www.cyberhub.blog/article/24303-webinar-to...

Cisco Fixes Four Critical Vulnerabilities in ISE and Webex Platforms Cisco addressed four critical vulnerabilities in its Identity Services Engine (ISE) and Webex platforms that could enable arbitrary code execution and user impersonation. The flaws pose severe security risks by allowing attackers to compromise affected services without authentication. No specific CVE identifiers, affected version ranges, or patch release dates were disclosed in the notice. The vulnerabilities impact Cisco’s identity management and collaboration tools, though the exact scope of deployment exposure remains unquantified. The fixes were implemented to mitigate potential exploitation leading to unauthorized access or privilege escalation.

📌 Cisco Fixes Four Critical Vulnerabilities in ISE and Webex Platforms www.cyberhub.blog/article/24300-cisco-fixe...

v2.14.2 This release introduces server-side pagination for the SIEM log viewer, enhancing navigation of large log volumes. It also migrates application logging to Pino structured logging and refactors authentication with unified wrappers. Additionally, the welcome PR message now includes contribution sta...

OopsSec Store - v2.14.2 is out!

🤝 Contribute: good first issues available!

🔗 Release notes

TPM 2.0 for Hardware Attestation in Bare-Metal Server Fleets The Reddit post shares a blog link discussing the use of TPM 2.0 for hardware attestation in bare-metal server fleets. It highlights TPM 2.0’s capabilities in verifying the integrity of physical hardware. The post references an external article as the source of this information.

📌 TPM 2.0 for Hardware Attestation in Bare-Metal Server Fleets www.cyberhub.blog/article/24301-tpm-20-for...