NCSC-CH pre-event cyber advisory for the G7 Évian summit (DDoS/intel-collection/mobile targeting)

All cited sources (83)

• access.redhat.cominlineRed Hat RHSB-2026-003https://access.redhat.com/security/vulnerabilities/RHSB-2026-003
  cited in 2026-W19, 2026-05-11
• advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0159, 2026-05-15https://advisories.ncsc.nl/advisory?id=NCSC-2026-0159
  source profile · cited in 2026-05-16
• attack.mitre.orginlineT1068 Exploitation for Privilege Escalationhttps://attack.mitre.org/techniques/T1068/
  cited in 2026-W19
• attack.mitre.orginlineT1548.001 Setuid and Setgid Abusehttps://attack.mitre.org/techniques/T1548/001/
  cited in 2026-W19
• bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/drupal-critical-sql-injection-flaw-now-targeted-in-attacks/
  source profile · cited in 2026-05-23
• bleepingcomputer.cominlineBleepingComputer, 2026-05-13https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-rce-flaws-in-fortisandbox-and-fortiauthenticator/
  source profile · cited in 2026-05-13
• bleepingcomputer.cominlineBleepingComputer, 2026-05-07https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/
  source profile · cited in 2026-W19
• bleepingcomputer.cominlineBleepingComputer, 2026-05-13https://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/
  source profile · cited in 2026-05-15
• bsi.bund.deinlineBSI advisory 2026-05-07https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2026/2026-211476-1032.html
  cited in 2026-05-09
• ccb.belgium.beinlineCCB Belgium, 2026-05-08https://ccb.belgium.be/advisories/warning-dirty-frag-new-linux-local-privilege-escalation-vulnerability-was-disclosed
  source profile · cited in 2026-05-11
• cert.europa.euinlineCERT-EU Advisory 2026-005, 2026-04-30https://cert.europa.eu/publications/security-advisories/2026-005/
  source profile · cited in 2026-W19
• cert.ssi.gouv.frinlineCERTFR-2026-ACT-016 agentic-AI advisoryhttps://www.cert.ssi.gouv.fr/actualite/CERTFR-2026-ACT-016/
  source profile · cited in 2026-05-12
• cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0552, 2026-05-07https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0552/
  source profile · cited in 2026-W19, 2026-05-09
• cloud.google.cominlineoriginal Adversarial Misuse of Generative AI reporthttps://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai
  source profile · cited in 2026-05-12
• cloud.google.cominlineGoogle Cloud Threat Intelligence — AI vulnerability exploitation initial access, 2026-05-11https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access
  source profile · cited in 2026-05-12
• crowdstrike.cominlineCrowdStrike bloghttps://www.crowdstrike.com/en-us/blog/crowdstrike-2026-financial-services-threat-landscape-report/
  source profile · cited in 2026-05-21
• crowdstrike.cominlineCrowdStrike press releasehttps://www.crowdstrike.com/en-us/press-releases/crowdstrike-2026-financial-services-threat-landscape-report/
  source profile · cited in 2026-05-21
• csoonline.cominlineCSO Online, 2026-05-20https://www.csoonline.com/article/4175329/drupal-admins-rushing-to-patch-maximum-severity-sql-injection-vulnerability.html
  cited in 2026-05-21
• depthfirst.cominlinedepthfirst "NGINX Rift" technical writeup, 2026-05-13https://depthfirst.com/research/nginx-rift-achieving-nginx-rce-via-an-18-year-old-vulnerability
  source profile · cited in 2026-05-15
• docu.ilias.deinlineILIAS Security Blog, 2026-05-27https://docu.ilias.de/go/blog/15821
  cited in 2026-05-28
• downloads.seppmail.cominlineSEPPmail v15.0 release noteshttps://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security
  cited in 2026-W19, 2026-05-09
• drupal.orginlineDrupal PSA, 2026-05-18https://www.drupal.org/psa-2026-05-18
  cited in 2026-05-21
• drupal.orginlineDrupal Security Team, 2026-05-22https://www.drupal.org/sa-core-2026-004
  cited in 2026-05-23, 2026-05-21
• drupal.orginlineDrupal Steward WAFhttps://www.drupal.org/steward
  cited in 2026-05-21
• fortiguard.fortinet.cominlineFortinet PSIRT FG-IR-26-128, 2026-05-12https://fortiguard.fortinet.com/psirt/FG-IR-26-128
  cited in 2026-05-13
• fortiguard.fortinet.cominlineFortinet PSIRT FG-IR-26-136, 2026-05-12https://fortiguard.fortinet.com/psirt/FG-IR-26-136
  cited in 2026-05-13
• github.cominlineResearcher write-up (V4bel), 2026-05-07https://github.com/V4bel/dirtyfrag/blob/master/assets/write-up.md
  source profile · cited in 2026-05-09
• github.cominlineGitHub GHSA-gcgv-v5gf-c543https://github.com/advisories/GHSA-gcgv-v5gf-c543
  source profile · cited in 2026-05-15
• heise.deinlineHeise, 2026-05-27https://www.heise.de/news/Roundcube-Webmail-Instanzen-mit-Schadcode-attackierbar-11307545.html
  source profile · cited in 2026-05-28
• helpnetsecurity.cominlineHelp Net Security — European Commission Ivanti EPMM vulnerabilities, 2026-02-09https://www.helpnetsecurity.com/2026/02/09/european-commission-ivanti-epmm-vulnerabilities/
  source profile · cited in 2026-W19
• helpnetsecurity.cominlineHelp Net Security, 2026-05-08https://www.helpnetsecurity.com/2026/05/08/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500/
  source profile · cited in 2026-05-09
• helpnetsecurity.cominlineHelp Net Security, 2026-05-08https://www.helpnetsecurity.com/2026/05/08/ivanti-epmm-zero-day-cve-2026-6973/
  source profile · cited in 2026-W19
• helpnetsecurity.cominlineHelp Net Security, 2026-05-14https://www.helpnetsecurity.com/2026/05/14/sophos-2026-identity-breach-costs-report/
  source profile · cited in 2026-05-15
• helpnetsecurity.cominlineHelp Net Security, 2026-05-26https://www.helpnetsecurity.com/2026/05/26/sharepoint-vulnerability-cve-2026-45659/
  source profile · cited in 2026-05-28
• imperva.cominlineImperva, 2026-05-21https://www.imperva.com/blog/imperva-customers-protected-against-cve-2026-9082-in-drupal-core/
  cited in 2026-05-23
• ivanti.cominlineIvanti — May 2026 EPMM Security Updatehttps://www.ivanti.com/blog/may-2026-epmm-security-update
  cited in 2026-W19
• labs.watchtowr.cominlinewatchTowr Labs — CVE-2026-41940https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/
  source profile · cited in 2026-W19
• microsoft.cominlineMicrosoft Security Blog, 2026-05-08https://www.microsoft.com/en-us/security/blog/2026/05/08/active-attack-dirty-frag-linux-vulnerability-expands-post-compromise-risk/
  source profile · cited in 2026-05-11, 2026-05-09
• msrc.microsoft.cominlineMicrosoft MSRC, 2026-05-14https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-42897
  source profile · cited in 2026-05-16
• msrc.microsoft.cominlineMicrosoft MSRChttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45659
  source profile · cited in 2026-05-28
• my.f5.cominlineF5 PSIRT advisory K000161019https://my.f5.com/manage/s/article/K000161019
  cited in 2026-05-18
• ncsc.gov.ukinlineNCSC-UK blog, 2026-05-11https://www.ncsc.gov.uk/blogs/10-questions-ask-using-ai-models-find-vulnerabilities
  source profile · cited in 2026-05-13
• noscope.cominlineNoScope, 2026-05-25https://www.noscope.com/blog/gitea-instances-exposing-private-container
  cited in 2026-05-28
• onapsis.cominlineOnapsis, 2026-05-12https://onapsis.com/blog/sap-security-patch-day-may-2026/
  cited in 2026-05-13
• panelica.cominlinePanelica, 2026-05-08https://panelica.com/blog/cpanel-cve-2026-29201-29202-29203-may-2026-tsr-advisory
  cited in 2026-W19, 2026-05-10
• roundcube.netinlineRoundcube Project, 2026-05-24https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
  cited in 2026-05-28
• sec.cloudapps.cisco.cominlineCisco PSIRT, 2026-05-20https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy
  source profile · cited in 2026-05-22
• security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12558, 2026-05-12https://security-hub.ncsc.admin.ch/#/posts/12558
  source profile · cited in 2026-05-13
• security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12565, 2026-05-12https://security-hub.ncsc.admin.ch/#/posts/12565
  source profile · cited in 2026-05-13
• security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12569, 2026-05-13https://security-hub.ncsc.admin.ch/#/posts/12569
  source profile · cited in 2026-05-13
• security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12574, 2026-05-14https://security-hub.ncsc.admin.ch/#/posts/12574
  source profile · cited in 2026-05-15
• security-hub.ncsc.admin.chinlineNCSC-CH Security Hub post #12575https://security-hub.ncsc.admin.ch/#/posts/12575
  source profile · cited in 2026-05-18, 2026-05-15
• security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12577, 2026-05-15https://security-hub.ncsc.admin.ch/#/posts/12577
  source profile · cited in 2026-05-16
• security-hub.ncsc.admin.chinlineNCSC-CH, 2026-05-22https://security-hub.ncsc.admin.ch/#/posts/12584
  source profile · cited in 2026-05-23, 2026-05-21
• security-hub.ncsc.admin.chinlineNCSC-CH Security Hub, 2026-05-21https://security-hub.ncsc.admin.ch/#/posts/12588
  source profile · cited in 2026-05-22
• security-hub.ncsc.admin.chinlineNCSC-CH post 12594https://security-hub.ncsc.admin.ch/#/posts/12594
  source profile · cited in 2026-05-28
• security-hub.ncsc.admin.chinlineNCSC-CH, 2026-05-27https://security-hub.ncsc.admin.ch/#/posts/12596
  source profile · cited in 2026-05-28
• security-hub.ncsc.admin.chinlineNCSC-CH, 2026-05-27https://security-hub.ncsc.admin.ch/#/posts/12599
  source profile · cited in 2026-05-28
• security-hub.ncsc.admin.chinlineNCSC-CH 12547https://security-hub.ncsc.admin.ch/api/posts/12547/details
  source profile · cited in 2026-W19, 2026-05-11, 2026-05-09
• security-hub.ncsc.admin.chinlineNCSC-CH 12548, 2026-05-08https://security-hub.ncsc.admin.ch/api/posts/12548/details
  source profile · cited in 2026-W19, 2026-05-09
• security-hub.ncsc.admin.chinlineNCSC-CH 12550, 2026-05-08https://security-hub.ncsc.admin.ch/api/posts/12550/details
  source profile · cited in 2026-W19, 2026-05-10
• security-hub.ncsc.admin.chinlineNCSC-CH 12551https://security-hub.ncsc.admin.ch/api/posts/12551/details
  source profile · cited in 2026-W19, 2026-05-09
• securityaffairs.cominlineSecurity Affairs, 2026-05-14https://securityaffairs.com/192132/hacking/nginx-rift-an-18-year-old-flaw-in-the-worlds-most-deployed-web-server-just-came-to-light.html
  source profile · cited in 2026-05-18
• securityweek.cominlineSecurityWeek, 2026-05-19https://www.securityweek.com/drupal-to-patch-highly-critical-vulnerability-at-risk-of-quick-exploitation/
  source profile · cited in 2026-05-21
• securityweek.cominlineSecurityWeek, 2026-05-12https://www.securityweek.com/sap-patches-critical-s-4hana-commerce-vulnerabilities/
  source profile · cited in 2026-05-13
• slcyber.ioinlineSearchlight Cyber write-uphttps://slcyber.io/research-center/keys-to-the-kingdom-anonymous-sql-injection-in-drupal-core-cve-2026-9082/
  source profile · cited in 2026-05-23
• stepsecurity.ioinlineStepSecurity analysis, 2026-05-11https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem
  cited in 2026-05-13
• tanstack.cominlineTanStack post-mortem, 2026-05-12https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
  cited in 2026-05-13
• techcommunity.microsoft.cominlineMicrosoft Exchange Team, 2026-05-14https://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498
  source profile · cited in 2026-05-16
• thehackernews.cominlineThe Hacker News, 2026-05-09https://thehackernews.com/2026/05/cpanel-whm-patch-3-new-vulnerabilities.html
  cited in 2026-W19, 2026-05-10
• thehackernews.cominlineThe Hacker News, 2026-05-27https://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html
  cited in 2026-05-28
• thehackernews.cominlineVulnCheck honeypot telemetry confirmed active exploitation of CVE-2026-42945 on 2026-05-17https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html
  cited in 2026-05-18
• thehackernews.cominlineThe Hacker News, 2026-05-15https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html
  cited in 2026-05-16
• theregister.cominlineThe Register, 2026-05-13https://www.theregister.com/security/2026/05/13/disgruntled-researcher-releases-two-more-microsoft-zero-days/5239758
  cited in 2026-05-15
• theregister.cominlineThe Register, 2026-05-21https://www.theregister.com/security/2026/05/21/cisco-serves-up-yet-another-perfect-10-bug-with-secure-workload-admin-flaw/5244012
  cited in 2026-05-22
• ubuntu.cominlineUbuntu — Dirty Frag fixes-availablehttps://ubuntu.com/blog/dirty-frag-linux-vulnerability-fixes-available
  cited in 2026-W19
• unit42.paloaltonetworks.cominlineUnit 42 — Copy Failhttps://unit42.paloaltonetworks.com/cve-2026-31431-copy-fail/
  source profile · cited in 2026-W19
• vulnerability.circl.luinlineCIRCL vulnerability.circl.luhttps://vulnerability.circl.lu/vuln/cve-2026-44128
  cited in 2026-W20
• wid.cert-bund.deinlineBSI WID-SEC-2026-1232https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232
  source profile · cited in 2026-W19
• wid.cert-bund.deinlineBSI WID-SEC-2026-1536, 2026-05-14https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1536
  source profile · cited in 2026-05-16
• wid.cert-bund.deinlineBSI CERT-Bund WID-SEC-2026-1689, 2026-05-27https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1689
  source profile · cited in 2026-05-28
• wiz.ioinlineWiz Research, 2026-05-08https://www.wiz.io/blog/dirty-frag-linux-kernel-local-privilege-escalation-via-esp-and-rxrpc
  source profile · cited in 2026-W19, 2026-05-09
• wiz.ioinlineWiz, 2026-05-12https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
  source profile · cited in 2026-05-13