InfoSecBulletin Cybersecurity for mankind
Palo Alto fixes multiple flaws, including CVE-2026-0232 which impacts the Cortex XDR Agent on Windows computers. There is an issue with a safety feature that lets a local Windows admin turn off the agent completely.
Another vulnerability, tracked as CVE-2026-0233, allows a local Windows user to “execute arbitrary code with NT AUTHORITY\SYSTEM privileges”.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
Thirdly, the flaw known as CVE-2026-0234 (CVSS 7.2), is worrying because it lets anyone without a login get into and change protected information. By avoiding signature checks, a hacker could insert themselves into secure chats or alter platform data.
Companies are encouraged to quickly install these updates to keep their defenses strong.
Ivanti
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert about a critical flaw (CVE-2026-1340) in Ivanti Endpoint Manager Mobile that is actively being exploited.
They added it to their Known Exploited Vulnerabilities catalog on April 8, 2026, and ordered U.S. federal agencies to fix it within 3 days (by April 11).
CISA urges all organizations to act just as quickly: apply patches immediately, follow Ivanti’s guidance, and if mitigation isn’t possible, disconnect the affected system until it’s secured.
GitLab
GitLab released urgent updates (18.10.3, 18.9.5, 18.8.9) to fix multiple vulnerabilities. High-severity issues include:
CVE-2026-5173: Authenticated command execution via WebSockets
CVE-2026-1092: Unauthenticated DoS via Terraform API
CVE-2025-12664: Unauthenticated DoS via GraphQL
Medium-severity flaws include:
CVE-2026-1516: Code injection leaking user IPs
CVE-2026-1403: CSV import crash (Sidekiq)
CVE-2026-4332: Malicious JavaScript in dashboards
CVE-2026-1101: DoS via GraphQL input validation
All administrators are strongly advised to upgrade immediately to prevent exploitation.
SonicWall
SonicWall warned of serious problems with its SMA 1000 devices. They found four issues that could let someone gain higher access, bypass multi-factor authentication, and find out user details.
Key CVEs:
CVE-2026-4112: SQL injection leading to admin-level access
CVE-2026-4113: User credential enumeration without authentication
CVE-2026-4114: TOTP MFA bypass for administrators
CVE-2026-4116: TOTP MFA bypass for users
Users are urged to apply the latest hotfixes immediately to mitigate risks.
