The Canadian Centre for Cyber Security issued a daily digest highlighting critical security updates for GitLab, MongoDB, and VMware Fusion. Notably, MongoDB addressed an undefined behavior vulnerability (CVE-2026-8053) in timeseries collections, and Broadcom patched a privilege escalation flaw (CVE-2026-41702) in VMware Fusion.
MongoDB
2 posts
Cyber Centre Daily Advisory Digest — 2026-05-14 (3 advisories) PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale SentinelLABS discovered PCPJack, a cloud-focused worm designed to harvest credentials at scale while actively evicting artifacts of a rival threat actor, TeamPCP. The framework targets exposed cloud services like Docker, Kubernetes, and Redis for propagation and lateral movement, notably omitting cryptomining payloads in favor of credential theft and Sliver C2 deployment.