DirtyClone (CVE-2026-43503): JFrog's catch on the DirtyFrag fix regression, with a detectable PoC
Updated:
Executive Summary
[object Object]
Analysis
Originally published by r/cybersecurity on Jun 26, 2026.
Related Threats
NVD CRITICAL: CVE-2026-58053 — Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow...
Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging options such as --pid=host, --cap-add, and --security-opt unchanged. A user who can run a workflow on a Docker-backed runner can create a job container with
Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in Ukraine, Europe, and the U.S. The systematic cyber attacks aimed at stealing sensitive
Chinese Framework Powers 200,000 Scam Sites
Threat actors are selling investment scam templates created using the legitimate DCloud Uni-App toolkit. The post Chinese Framework Powers 200,000 Scam Sites appeared first on SecurityWeek .