Docker Patches Critical 'DockerDash' Flaw in Ask Gordon AI Assistant

Docker patched a critical vulnerability called DockerDash in its Ask Gordon AI assistant that allowed attackers to execute remote code or steal sensitive environment data via malicious Docker image metadata.

**Treat all AI-processed metadata as untrusted code and ensure you update Docker Desktop and Docker CLI to version 4.50.0 to enable mandatory user confirmation for AI actions. This update prevents automated attacks that turn simple AI queries into dangerous system commands.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/docker-patches-critical-dockerdash-flaw-in-ask-gordon-ai-assistant-9-d-u-d-c/gD2P6Ple2L

SQL Injection Vulnerability Reported in Quiz and Survey Master WordPress Plugin

A SQL injection vulnerability (CVE-2025-67987) in the Quiz and Survey Master WordPress plugin affects over 40,000 sites, allowing authenticated users with Subscriber-level access to extract sensitive database information.

**If you are using the Quiz and Survey Master plugin, plan a quick update to version 10.3.2. Even low-level user accounts can exploit this flaw, so do not assume your site is safe just because you trust your registered users.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sql-injection-vulnerability-reported-in-quiz-and-survey-master-wordpress-plugin-k-x-8-0-b/gD2P6Ple2L

Critical Authentication Bypass in End-of-Life Synectix LAN 232 TRIO Adapters

Synectix LAN 232 TRIO adapters contain a critical vulnerability (CVE-2026-1633) that allows unauthenticated remote attackers to take full control of the device. Because the manufacturer is out of business, no patches will be released.

**If you use these Synectix adapters, isolate them from the internet immediately because they have no password protection and will never be patched. Since the company is out of business, plan a replacement of the devices.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-end-of-life-synectix-lan-232-trio-adapters-j-r-d-l-z/gD2P6Ple2L

Drinking water advisory lifted for Hay River, Enterprise, Kátł'odeeche First Nation & Kakisa, N.W.T.
The chief environmental health officer  said in November that residents should take precautions because of elevated levels of disinfection byproducts called trihalomethanes (...
#water #advisory #health #HayRiver #Enterprise #KátłodeecheFirstNation
https://www.cbc.ca/news/canada/north/drinking-water-advisory-lifted-for-hay-river-enterprise-katl-odeeche-first-nation-kakisa-n-w-t-9.7073191?cmp=rss

Ubuntu Security Notice USN-8008-1 https://packetstorm.news/files/214848 #advisory

Ubuntu Security Notice USN-7997-1 https://packetstorm.news/files/214847 #advisory

SUSE Security Advisory - SUSE-SU-2026:0360-1 https://packetstorm.news/files/214820 #advisory

openSUSE Security Advisory - openSUSE-SU-2026:20151-1 https://packetstorm.news/files/214819 #advisory

NationStates Suffers Major Security Breach via Application Vulnerability

NationStates took its platform offline after an attacker exploited a double-parsing vulnerability in the Dispatch Search feature to achieve remote code execution and steal user data.

**Never use MD5 for password storage because it is trivial to crack with modern hardware, leaving your users vulnerable to credential stuffing. If you are a user of a breached service, immediately change that password everywhere else you use it to stay ahead of automated attacks.**
#cybersecurity #infosec #advisory #databreach
https://beyondmachines.net/event_details/nationstates-suffers-major-security-breach-via-double-parsing-vulnerability-0-w-c-8-7/gD2P6Ple2L

OpenSSL Patches 12 Vulnerabilities Including One Critical RCE

OpenSSL has patched 12 vulnerabilities, including a critical stack buffer overflow (CVE-2025-15467) that allows unauthenticated remote code execution via crafted CMS messages.

**Review your OpenSSL libraries, and start planning a patch. Prioritize 3.x versions since they are exposed to the critical flaw.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/openssl-patches-12-vulnerabilities-including-one-critical-rce-m-6-5-1-y/gD2P6Ple2L

Okanagan Nation Alliance among Indigenous groups issuing travel advisory to U.S.
Indigenous travellers crossing the border into the United States are being warned to exercise extreme caution amid an increasingly tense political climate.
#Indigenous #travel #advisory #politicalclimate #UnitedStates #Canada
https://globalnews.ca/news/11649576/okanagan-nation-alliance-issues-travel-advisory-to-united-states/

Okanagan Nation Alliance among Indigenous groups issuing travel advisory to U.S.
Indigenous travellers crossing the border into the United States are being warned to exercise extreme caution amid an increasingly tense political climate.
#Indigenous #travel #advisory #politicalclimate #UnitedStates #Canada
https://globalnews.ca/news/11649576/okanagan-nation-alliance-issues-travel-advisory-to-united-states/

Okanagan Nation Alliance among Indigenous groups issuing travel advisory to U.S.
Indigenous travellers crossing the border into the United States are being warned to exercise extreme caution amid an increasingly tense political climate.
#Indigenous #travel #advisory #politicalclimate #UnitedStates #Canada
https://globalnews.ca/news/11649576/okanagan-nation-alliance-issues-travel-advisory-to-united-states/

Debian Security Advisory 6117-1 https://packetstorm.news/files/214711 #advisory

openSUSE Security Advisory - openSUSE-SU-2026:10122-1 https://packetstorm.news/files/214710 #advisory

openSUSE Security Advisory - openSUSE-SU-2026:0035-1 https://packetstorm.news/files/214704 #advisory

SUSE Security Advisory - SUSE-SU-2026:0346-1 https://packetstorm.news/files/214703 #advisory

Red Hat Security Advisory 2026-1719-03 https://packetstorm.news/files/214686 #advisory

#OT #Advisory VDE-2026-006
Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service

The PIT User Authentication Service is affected by multiple vulnerabilities in included third-party components.
#CVE CVE-2025-31650, CVE-2025-48988, CVE-2025-12383, CVE-2025-61795

https://certvde.com/en/advisories/vde-2026-006/

#CSAF https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2026/ppsa-2026-001.json

Key features:
• Integrates #AgriStack portals, ICAR- Indian Council of Agricultural Research best practices, and AI-driven insights.
• Supports multiple Indian languages for accessibility to non-English speakers.
• Provides #advisory on crop choices, weather risks, pest management, and market prices to reduce losses and boost yields.
• Part of the budget's tech push to make farming smarter and more resilient.
• With over 80% of #farmers being smallholders, tools like this could bridge