category_news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	MS:CVE-2026-39830	Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh_MS:CVE-2026-39830 {“lastseen”:”2026-05-29T09:14:58″,”description”:””,”published”:”2026-05-27T08:12:...	N/A	N/A	May 27, 2026	MSCVE
HIGH 7.5	MS:CVE-2026-46597	Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh_MS:CVE-2026-46597 {“lastseen”:”2026-05-29T09:14:58″,”description”:””,”published”:”2026-05-27T08:13:...	N/A	N/A	May 27, 2026	MSCVE
CRITICAL 9.1	MS:CVE-2026-39834	Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh_MS:CVE-2026-39834 {“lastseen”:”2026-05-29T09:14:58″,”description”:””,”published”:”2026-05-27T08:15:...	N/A	N/A	May 27, 2026	MSCVE
CRITICAL 9.1	MS:CVE-2026-39832	Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent_MS:CVE-2026-39832 {“lastseen”:”2026-05-29T09:14:58″,”description”:””,”published”:”2026-05-27T08:16:...	N/A	N/A	May 27, 2026	MSCVE
CRITICAL 9.1	MS:CVE-2026-42508	Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts_MS:CVE-2026-42508 {“lastseen”:”2026-05-29T09:14:58″,”description”:””,”published”:”2026-05-27T08:18:...	N/A	N/A	May 27, 2026	MSCVE
CRITICAL 9.2	MS:CVE-2026-9256	NGINX ngx_http_rewrite_module vulnerability_MS:CVE-2026-9256 {“lastseen”:”2026-05-29T09:14:58″,”description”:””,”published”:”2026-05-27T08:18:...	N/A	N/A	May 27, 2026	MSCVE
NONE	THN:C4034E31C0B...	Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets_THN:C4034E31C0B48BD77241B947551DF108 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUbmZyAOVZRXrWddG8PMuXbVyex9s5HPD2cH8rDjYP6EHuVadkyj72NdN9PreAnGX9iOCVGxWI2YmSLu818V...	N/A	N/A	May 29, 2026	THN
NONE	SECURELIST:0F39...	What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant_SECURELIST:0F3916E88E9B5224259BBAC39D5963A2 ![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2026/05/28143737/SL-container-security-01-featured-scaled-1-990x400.jpg) ## ...	N/A	N/A	May 29, 2026	SECURELIST
NONE	THN:542858AF03A...	Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels_THN:542858AF03AD63381599625C01317BB6 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJfUl1K-os1XyLN-SBt6PgMia_jFG03ArRa3H0FI2hsiUqNa3lqSWY2NJcvOhY33TArSKJxeookUpkATdERU...	N/A	N/A	May 29, 2026	THN
NONE	MSSECURE:7DF62C...	Typosquatted npm packages used to steal cloud and CI/CD secrets_MSSECURE:7DF62CBD211C4009099D29D730CB02CF In this article 1. Attack chain overview 1. The lure: typosquats and spoofed metadata 2. Execution: npm lifecycle hook abuse 3. G...	N/A	N/A	May 29, 2026	MSSECURE