Skip to content
Hawkeye Cybersecurity
Menu
  • Home
  • Services
  • About Us
  • Cybersecurity News
  • Contact

Category: Apps

Home » Apps » Page 9
Apps

Critical LiteLLM SQL Injection Vulnerability Exploited in the Wild

A critical pre-authentication SQL injection vulnerability in LiteLLM, a widely used open-source AI gateway with over 22,000 GitHub stars, is actively being exploited in the wild. Tracked as CVE-2026-42208, this …

Apps

Notepad++ Vulnerability Allows Attackers to Crash Application, Leak Memory Data

A security vulnerability has been identified in Notepad++, one of the most widely used open-source text editors among developers and IT professionals. The vulnerability CVE-2026-3008, which could allow a remote …

Apps

ClickUp’s Hardcoded API Key Exposes 959 Emails from Fortune 500 Giants

A publicly accessible JavaScript file on ClickUp’s homepage has been silently leaking nearly a thousand corporate and government email addresses, including employees from Fortinet, Home Depot, Tenable, Mayo Clinic, and …

Apps

Critical Gemini CLI Vulnerability Enables Remote Code Execution Attacks

Google has fixed a critical security flaw in the Gemini CLI that could allow attackers to execute remote code in certain automated workflows. The issue affects the npm package @google/gemini-cli and the google-github-actions/run-gemini-cli GitHub …

Apps

New Vidar Malware Campaign Uses Fake YouTube Software Downloads to Steal Corporate Credentials

A credential-stealing malware named Vidar has quietly emerged as one of the most active threats targeting corporate employees in early 2026. Threat actors are using fake software downloads promoted through …

Apps

New Malware Uses Obfuscation and Staged Payload Delivery to Evade Detection

A newly discovered malware campaign is targeting government employees in Pakistan using carefully crafted spear-phishing emails that combine obfuscation and staged payload delivery to stay hidden from security tools. The …

Apps

73 Open VSX Sleeper Extensions Linked to GlassWorm Activate New Malware Campaign

The GlassWorm supply chain attack targeting the Open VSX marketplace has escalated with the discovery of 73 new “sleeper” extensions. Identified in April 2026, this cluster marks a dangerous shift …

Apps

Litecoin Zero-Day Vulnerability Exploited in DoS Attack, Disrupts Major Mining Pools

A critical zero-day vulnerability in the Litecoin network was actively exploited to launch a denial-of-service (DoS) attack, temporarily disrupting operations across major mining pools before developers issued a full patch. …

Apps

New Windows RPC Vulnerability Lets Attackers Escalate Privileges Across All Windows Versions

PhantomRPC, a newly identified architectural vulnerability in Windows Remote Procedure Call (RPC) that enables local privilege escalation to SYSTEM-level access, potentially affecting every version of Windows. The research was presented …

Apps

CISA Warns of Multiple SimpleHelp Vulnerabilities Exploited in Attack

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding two actively exploited vulnerabilities in SimpleHelp remote support software. Remote access tools are highly valued targets for …

Posts navigation

Older posts
Newer posts

Recent Posts

  • Gunra Ransomware Expands RaaS Operations After Shifting From Conti-Based Locker
  • OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack
  • Shai-Hulud Worm Steals npm, GitHub, AWS, and Kubernetes Secrets From Developers
  • Hackers Abuse OAuth Device Authorization Flow to Steal Microsoft 365 Tokens
  • Microsoft Edge, Windows 11 and LiteLLM Hacked in Pwn2Own Berlin 2026

Archives

  • May 2026
  • April 2026
  • March 2026

Categories

  • Apps
Let's Connect!
Copyright © 2026 Hawkeye Cybersecurity. Veteran Owned and Operated.