🇸🇦 Saudi Cyber Daily Digest

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to SQL Injection via the JSON Import in all versions up to, and including, 5.2.7 due to insufficient validation on the user-supplied JSON data. This makes it possible for authe…

A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated management user's browser when they click on a specially crafted link. This vulnerability affects Fireware OS 12.7 up to an…

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the store_data() and get_chatgpt_api_key() functions in all versions up to, and including, 2.7.5. This m…

Latin America's Cybersecurity Turning Point: From Reactive Defense to Threat Intelligence Latin America faces escalating cyber threats including PIX payment fraud, ransomware, and targeted attacks that overwhelm reactive security approaches. Organizations r…

Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit Google Threat Intelligence Group discovered 'Coruna', a sophisticated exploit kit targeting iPhone devices running iOS versions 13.0 through 17.2.1. The kit contains five exploits and represents a sign…