category_news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	H1:3773293	curl: curl/libcurl 8.20.0 NOPROXY bypass via uppercase-hex IPv4 aliases leaks off-proxy Basic credentials to the configured proxy_H1:3773293 ## Summary: curl/libcurl 8.20.0 fails to enforce `CURLOPT_NOPROXY`, `--noproxy`, and `NO_PROXY` consistently for uppercase-hex IPv4 aliases such as...	N/A	N/A	May 31, 2026	HACKERONE
NONE	MALWAREBYTES:85...	These convincing copyright notices are designed to steal Google logins_MALWAREBYTES:85EC87F7CBD6CC83B7BF9E5573AE598C A new scam is targeting people who publish Chrome extensions. The scam arrives as an official-looking "copyright removal request" claiming your e...	N/A	N/A	Jun 2, 2026	MALWAREBYTES
HIGH 8.4	THN:5042E49AA00...	Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited_THN:5042E49AA00F0CB8BDF02D51DF7758F5 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgu6SfsDfrb_dr_5DP0MiwOMy86maTi3XyrtkQLw-sHAGlBZbhZ0uEfRkamwFqXGT4qNmVIqg6LQtaaRVLr_o...	N/A	N/A	Jun 2, 2026	THN
CRITICAL 9.8	AVLEONOV:68E701...	May Linux Patch Wednesday_AVLEONOV:68E7010A21B0F3420D3F6FE77C9479F4 ![May Linux Patch Wednesday](https://avleonov.com/wp-content/uploads/2026/06/[email protected]) May Linux Patch Wednesday. A total of 1,638 vu...	N/A	N/A	Jun 2, 2026	AVLEONOV
NONE	MSSECURE:B9ED78...	Microsoft Build 2026: Securing code, agents, and models across the development lifecycle_MSSECURE:B9ED7816138DDCF9595DC80BC4BD5769 In this article 1. Secure your code 2. Secure your agents 3. Trust agents with your data 4. Secure your models 5. Trust starts with secu...	N/A	N/A	Jun 2, 2026	MSSECURE
NONE	HACKREAD:04E55A...	Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware_HACKREAD:04E55A6848EC05ADD19EF1203CE058E7 Fake ChatGPT desktop app ads pushed password-stealing malware by abusing trusted AI links, hiding from scanners, and tricking users into downloads.	N/A	N/A	Jun 2, 2026	HACKREAD
NONE	WIRED:CAC1E18E4...	Android Is Fighting Phone Scams With a New Feature to Prove Who’s Calling_WIRED:CAC1E18E4DDE17F26161566540D00A57 Available for Android 12 and later, the anti-scam feature is baked into Google Dialer, which sends a silent “confirmation signal” to ensure whoever...	N/A	N/A	Jun 2, 2026	WIRED
HIGH 7.5	THN:1DB8C609A00...	Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation_THN:1DB8C609A0019C07637C95FF2CBAEDDE ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyTRAA7jrm-wO7d39ZhI2e75GnwqNE6t-CKpScXYfVikGGVRC4fYajbw5kn3aHqZc9rmbdjIqft5nwFLWAxC...	N/A	N/A	Jun 2, 2026	THN
HIGH 8.8	THN:EC1CA545F49...	Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine_THN:EC1CA545F493C8BBF09867DC93311116 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIWYqVAlf5o0isz1fGZ_KcAkqIAroOtFMRAvlOMseZrj7e5iLaZ47_92-zoFzN4rtQHJpmGHjMaOShanlb01...	N/A	N/A	Jun 2, 2026	THN
NONE	QUALYSBLOG:1BBF...	The HazyBeacon Protocol – How Malware Weaponizes Amazon Web Services (AWS) Lambda Function URLs_QUALYSBLOG:1BBF6B5B1C7D340BAA7806C60697CFB8 #### Key Takeaways * HazyBeacon (CL-STA-1020) targets Southeast Asian government networks by abusing AWS Lambda Function URLs configured wit...	N/A	N/A	Jun 2, 2026	QUALYSBLOG