98
CVEs
104
Threats
0
News
16
Critical
5
CISA KEV
🛡 Security Vulnerabilities (CVE)
Omnissa Workspace One UEM — CVE-2021-22054
Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vulnerability that could allow a malicious actor with network access to UEM to send their requests without authentication …
Fortinet FortiClient EMS — CVE-2026-35616
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Required Action: Apply mitigations per vendor instructio…
Google Chromium V8 — CVE-2026-3910
Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could …
CVE-2026-33017
Langflow Code Injection Vulnerability Allows Unauthenticated Flow Execution
01:52 KSA
Langflow Langflow — CVE-2026-33017
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or di…
A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os …
CVE-2026-28268
Vikunja Password Reset Token Reuse Vulnerability Enables Persistent Account Takeover
09:21 KSA
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a failure to invalidate tokens upo…
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated a…
Ajenti is a Linux and BSD modular server admin panel. Prior to version 2.2.13, an unauthenticated user could gain access to a server to execute arbitrary code on this server. This is fixed in the version 2.2.13.
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the …
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password cha…
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated session.
The vendor was notifie…
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.
Please consider upgrading to Fre…
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026.
NOTE: The vendor was contacted early …
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026.
NOTE: The vendor was contacted early about this di…
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly sanitize the user_role parameter. This …
Google Skia — CVE-2026-3909
Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other pro…
CVE-2026-35029
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/updat
17:55 KSA
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configura…
CVE-2026-5144
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including
22:47 KSA
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user inpu…
CVE-2026-5687
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the f
02:23 KSA
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has b…
CVE-2026-5686
A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic
23:58 KSA
A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit …
CVE-2026-5685
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/
17:55 KSA
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available …
CVE-2026-35020
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helpe
17:55 KSA
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helper and deep-link terminal launcher that allows local attackers to execute arbitrary commands by manipulating the TERMINAL environment variable. Attackers can inj…
CVE-2026-35394
Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobile_open_url tool in mobile-
17:55 KSA
Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobile_open_url tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD…
CVE-2026-5684
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilt
17:55 KSA
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access t…
CVE-2026-21373
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21374
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validatio
05:45 KSA
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
CVE-2026-21375
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21376
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
CVE-2026-21378
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
CVE-2026-21380
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
05:45 KSA
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
CVE-2026-21382
Memory Corruption when handling power management requests with improperly sized input/output buffers.
11:54 KSA
Memory Corruption when handling power management requests with improperly sized input/output buffers.
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the prompt editor invocation utility that allows attackers to execute arbitrary commands by crafting malicious file paths. Attackers can inject shell metacharacters such as $() or back…
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal_exr_undo_piz() advances the working wavelet pointer with signed 32-bit arithmeti…
CVE-2026-21381
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood aware
05:45 KSA
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, the getClientIP() function in lib/admin/session.ts trusted the first (leftmost) entry of the X-Forwarded-For header, which is fully controlled by the client. An attacker could forge their s…
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification did not validate the certificate trust chain (checkChain: false). Any email signed with a self-signed or untrusted certificate was displayed as having a valid …
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The attac…
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The …
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The expl…
A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/checklogin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The atta…
A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This vulnerability affects unknown code of the file /login.php of the component Parameter Handler. Such manipulation of the argument Password leads to sql injecti…
CVE-2026-5672
A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Affected by this issue is some unknown f
17:55 KSA
A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /edit-category.php of the component Parameter Handler. The manipulation of the argument cat_id leads to sql injection. It is possible t…
A vulnerability was identified in Totolink A8000R 5.9c.681_B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is p…
CVE-2026-34217
SandboxJS Scope Modification Vulnerability via New Operator (CVE-2026-34217)
14:16 KSA
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sandboxjs. The vulnerability allows untrusted sandboxed code to leak internal interpreter objects through the new operator, exposing sandbox scope objects in the sc…
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.2. This is due to insufficient input sanitization and output escaping on the use…
CVE-2026-5809
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. Th
22:47 KSA
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topic_add() and topic_edit() action handlers accept arbitrary user-supplied data[*] arrays from $_REQUEST and store them…
CVE-2026-33791
An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a l
10:03 KSA
An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the syst…
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools.fs.workspaceOnly restrictions. Attackers can traverse sandbox bridge mounts outside the workspace to read files that other filesystem tools would reject.
OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforcing sender and pairing policy validation. Attackers can trigger unauthorized pre-authentication computation by sending crafted DM messages, enabling denial of se…
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in the HTTP /sessions/:sessionKey/history route that skips operator.read scope validation. Attackers can access session history without proper operator read permissions by sending HTTP requests to the vulner…
OpenClaw before 2026.3.22 contains an authentication bypass vulnerability in the X-Forwarded-For header processing when trustedProxies is configured, allowing attackers to spoof loopback hops. Remote attackers can inject forged forwarding headers to bypass canvas authentication a…
OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted senders to execute action handlers. Attackers can bypass sender authorization checks by dispatching callbacks before normal security validation co…
OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability treats explicit empty allowlists as unset during reconciliation, silently undoing int…
OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to r…
CVE-2021-47960
A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows
19:18 KSA
A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access files within the installation directory via a local HTTP server bound to the loopback interface. By leveraging user interaction with …
An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it.
When an SRX device is provis…
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).…
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service (DoS).
On EX4k, and QF…
A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service (DoS).
In a DHCP…
A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS).
If colored SRTE policy tunnels a…
OpenClaw before 2026.3.23 contains a replay identity vulnerability in Plivo V2 signature verification that allows attackers to bypass replay protection by modifying query parameters. The verification path derives replay keys from the full URL including query strings instead of th…
CVE-2026-35621
OpenClaw Privilege Escalation via /allowlist Command Scope Validation Bypass
21:42 KSA
OpenClaw before 2026.3.24 contains a privilege escalation vulnerability where the /allowlist command fails to re-validate gateway client scopes for internal callers, allowing operator.write-scoped clients to mutate channel authorization policy. Attackers can exploit chat.send to …
OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where session_status resolves sessionId to canonical session keys before enforcing visibility checks. Sandboxed child sessions can exploit this to access parent or sibling sessions that…
OpenClaw before 2026.3.22 fails to enforce operator.admin scope on mutating internal ACP chat commands, allowing unauthorized modifications. Attackers without admin privileges can execute mutating control-plane actions by directly invoking affected ACP commands to bypass authoriz…
The Ultimate FAQ Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via FAQ content in all versions up to, and including, 2.4.7. This is due to the plugin calling html_entity_decode() on post_content during rendering in the set_display_variables() functio…
CVE-2026-2305
The AddFunc Head & Footer Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `aFhfc_head_cod
14:54 KSA
The AddFunc Head & Footer Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `aFhfc_head_code`, `aFhfc_body_code`, and `aFhfc_footer_code` post meta values in all versions up to, and including, 2.3. This is due to the plugin outputting these meta value…
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 12.8.9 This is due to insufficient input sanitization and output escaping in the gspb_greenShift_block_script_assets() function. …
The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and missing capabilities checks in the 'webling_admin_save_form' and 'webling_admin_save…
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'clientId' block attribute in all versions up to, and including, 2.2.15. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated atta…
A vulnerability has been found in JeecgBoot up to 3.9.1. This impacts an unknown function of the component SysAnnouncementController. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be us…
A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedetailsfromstudent.php?eno=146891650. Executing a manipulation of the argument fname can lead to sql injection. The attack may be performed from remote. The exploi…
A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /del1.php. This manipulation of the argument toolname causes sql injection. Remote exploitation of the attack is possible. The exploit has been publis…
A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknown functionality of the file /OnlineClassroom/takeassessment2.php?exid=14. Performing a manipulation of the argument Q1 results in sql injection. Remote exploita…
A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematology_print.php. Executing a manipulation of the argument hem_id can lead to sql injection. It is possible to launch the attack remotely. The…
A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been…
A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and coul…
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient output escaping on user-supplied URL paths in the get_current_url() function, which a…
The Royal WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpr_pending_template' parameter in all versions up to, and including, 1.0.16 due to insufficient input validation. This makes it possible for unauthenticated …
CVE-2026-35622
OpenClaw Google Chat Webhook Authentication Bypass via Non-Deployment Principals
10:03 KSA
OpenClaw before 2026.3.22 contains an improper authentication verification vulnerability in Google Chat app-url webhook handling that accepts add-on principals outside intended deployment bindings. Attackers can bypass webhook authentication by providing non-deployment add-on pri…
OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicting tool identity hints from rawInput and metadata. Attackers can spoof tool identities through rawInput parameters to suppress dangerous-tool prompting and bypa…
A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of the component assertPublicHostname Handler. Executing a manipulation can lead to server-side request forgery. The attack c…
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).
When a sp…
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).
When a specific 's…
CVE-2026-3358
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized private course e
08:16 KSA
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized private course enrollment in all versions up to, and including, 3.9.7. This is due to missing post_status validation in the `enroll_now()` and `course_enrollment()` functions. …
The WP-Optimize plugin for WordPress is vulnerable to unauthorized access of functionality due to missing capability checks in the `receive_heartbeat()` function in `includes/class-wp-optimize-heartbeat.php` in all versions up to, and including, 4.5.0. This is due to the Heartbea…
OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fa…
OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated attackers to force resource-intensive parsing operations. Remote attackers can send malicious webhook requests to trigger denial of service by exhausting server res…
A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the library lib/util.js. This manipulation of the argument timestamp causes inefficient regular expression complexity. It is possible to initiate the attack remotel…
A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file agent/memory/service.py of the component API Memory Content Endpoint. This manipulation of the argument filename causes path traversal. The attack can be initi…
CVE-2026-4664
WooCommerce Customer Reviews Plugin Authentication Bypass via Empty Key Comparison
12:36 KSA
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.103.0. This is due to the `create_review_permissions_check()` function comparing the user-supplied `key` parameter against the order's `ivole_s…
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct …
OpenClaw before 2026.3.22 contains an unauthenticated resource exhaustion vulnerability in voice call webhook handling that buffers request bodies before provider signature checks. Attackers can send large or malicious webhook requests to exhaust server resources without authenti…
OpenClaw before 2026.3.22 contains an unbounded memory allocation vulnerability in remote media HTTP error handling that allows attackers to trigger excessive memory consumption. Attackers can send crafted HTTP error responses with large bodies to remote media endpoints, causing …
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows unauthorized senders to record session feedback. Attackers can bypass sender allowlist checks via feedback invoke endpoints to trigger unauthorized feedback re…
OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation…
OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where authorizeCanvasRequest() unconditionally allows local-direct requests without validating bearer tokens or canvas capabilities. Attackers can send unauthenticated loopback HTTP an…
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to blind Server-Side Request Forgery in all versions up to, and including, 1.2.58. This is due to insufficient URL origin validation in the pro…
⚠️ Threat Intelligence
104 threats
rss:Recorded Future
—
02:28 KSA
Critical React2Shell Vulnerability Under Active Exploitation by Chinese Threat Actors
A critical vulnerability in React Server Components is being actively exploited by multiple Chinese threat actors. Recorded Future urges organizations to immediately patch thei…
rss:Recorded Future
—
02:28 KSA
When the Digital World Turns Physical: The Expanding Role of Threat Intelligence in Executive Protection
Converged threat intelligence is increasingly critical for executive protection against cyber-enabled physical threats including deepfakes, doxxing, and digi…
rss:Recorded Future
—
02:28 KSA
The Hidden Cascade: Why Law Firm Breaches Destroy More than Data
Law firm breaches expose decades of sensitive M&A intelligence, client confidential data, and privileged legal strategies, creating cascading risks across multiple organizations. Proactive vendor r…
rss:Malwarebytes Lab
—
02:28 KSA
Killer robots are here. Now what? (Lock and Code S07E07)
Discussion on autonomous weapons systems and their cybersecurity implications. Explores the risks of AI-powered military systems and potential security vulnerabilities in autonomous weapons platforms.
Sou…
rss:Malwarebytes Lab
—
02:28 KSA
That dream job offer from Coca-Cola or Ferrari? It’s a trap for your passwords
Phishing campaign impersonating Coca-Cola and Ferrari job offers targeting Google and Facebook credentials. Attackers use fake recruitment schemes to steal user authentication data an…
rss:Malwarebytes Lab
—
02:28 KSA
Blocking children from social media is a badly executed good idea
Analysis of government-imposed age restrictions on social media platforms and their cybersecurity implications. Discusses privacy concerns and potential security risks associated with age verifica…
rss:SecurityWeek
—
02:28 KSA
Coruna iOS Exploit Kit Likely an Update to Operation Triangulation
Coruna iOS exploit kit contains an updated kernel exploit from Operation Triangulation, a sophisticated APT campaign from three years ago. This represents a continued threat to iOS devices throug…
rss:SecurityWeek
—
02:28 KSA
CISA Flags Critical PTC Vulnerability That Had German Police Mobilized
CISA flagged a critical vulnerability (CVE-2026-4681) in PTC Windchill software that prompted German police to physically visit organizations to warn them. The severity of this flaw necessita…
rss:SecurityWeek
—
02:28 KSA
Cisco Patches Multiple Vulnerabilities in IOS Software
Cisco released patches for multiple high and medium-severity vulnerabilities in IOS Software that could enable denial-of-service attacks, secure boot bypass, information disclosure, and privilege escalation.…
rss:Dark Reading
—
02:27 KSA
Fraud Rockets Higher in Mobile-First Latin America
Cybercriminals are rapidly exploiting compromised mobile devices to execute account takeovers and fraudulent fund transfers in Latin America's mobile-first market. Financial institutions struggle to respond quic…
rss:Dark Reading
—
02:27 KSA
Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus
Full Sail University is launching an IBM Cyber Defense Range on campus, powered by AWS and Cloud Range infrastructure. This initiative aims to provide hands-on cybersec…
rss:Dark Reading
—
02:27 KSA
Niobium Introduces The Fog
Niobium has introduced a new product or service called 'The Fog'. Without additional context, this appears to be a technology announcement potentially related to cybersecurity solutions or infrastructure.
Source: https://www.darkreadi…
rss:The Hacker News
—
02:27 KSA
New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
A new Chaos malware variant is targeting misconfigured cloud deployments, expanding the botnet's attack surface beyond traditional targets. This development poses significant risks to or…
rss:The Hacker News
—
02:27 KSA
Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
Masjesu botnet, advertised as a DDoS-for-hire service on Telegram since 2023, targets IoT devices globally for distributed denial-of-service attacks. The stealthy botnet represents a gr…
rss:The Hacker News
—
02:27 KSA
APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
Russian APT28 group launched a spear-phishing campaign against Ukraine and NATO allies deploying PRISMEX malware. The sophisticated malware suite uses advanced steganography and componen…
rss:BleepingComputer
—
02:27 KSA
When attackers already have the keys, MFA is just another door to open
Stolen credentials compromise multi-factor authentication systems, turning them into attack vectors. Biometric authentication solutions that verify the user rather than the session can block …
rss:BleepingComputer
—
02:27 KSA
Webinar: From noise to signal - What threat actors are targeting next
Threat actors often reveal their intentions through dark web activity, access-broker listings, and credential requests before launching attacks. Proactive monitoring of these early warning sig…
rss:BleepingComputer
—
02:27 KSA
Eurail says December data breach impacts 300,000 individuals
European rail pass provider Eurail B.V. disclosed a December 2025 data breach affecting over 300,000 individuals. Attackers successfully stole personal information from the company's systems covering 3…
rss:CISA Advisories
—
02:26 KSA
PX4 Autopilot
Critical vulnerability in PX4 Autopilot v1.16.0 allows attackers with MAVLink interface access to execute arbitrary shell commands without authentication. This poses significant risks to drone and autonomous vehicle systems used in critical infrast…
rss:CISA Advisories
—
02:26 KSA
PTC Windchill Product Lifecycle Management
Critical remote code execution vulnerability (CVE-2026-4681) affects multiple versions of PTC Windchill PDMLink (11.0_M030, 11.1_M020). Successful exploitation allows attackers to execute arbitrary code remotely, threat…
rss:Recorded Future
—
01:18 KSA
November 2025 CVE Landscape: 10 Critical Vulnerabilities Show 69% Drop from October
November 2025 saw 10 critical exploited vulnerabilities, representing a 69% decrease from October. Fortinet and Samsung vulnerabilities require immediate patching due to active e…
rss:Recorded Future
—
01:18 KSA
GrayBravo’s CastleLoader Activity Clusters Target Multiple Industries
GrayBravo threat actor is conducting CastleLoader malware campaigns targeting multiple industries. The activity clusters indicate coordinated attacks across various sectors requiring enhanced …
rss:Recorded Future
—
01:18 KSA
5 Real-Word Third-Party Risk Examples
Analysis of five real-world third-party risk scenarios including vendor data breaches and supply chain attacks. Demonstrates how effective third-party risk management programs can prevent cyber incidents through vendor overs…
rss:Malwarebytes Lab
—
01:17 KSA
Traffic violation scams swap links for QR codes to steal your card details
Cybercriminals are evolving phishing tactics by embedding QR codes in fake traffic violation notices that appear official. When scanned, these codes redirect victims to fraudulent payment…
rss:Malwarebytes Lab
—
01:17 KSA
Support platform breach exposes Hims & Hers customer data
Healthcare platform Hims & Hers suffered a data breach through its customer support system, exposing sensitive patient information. The incident highlights the vulnerability of healthcare organiza…
rss:Malwarebytes Lab
—
01:17 KSA
A week in security (March 30 – April 5)
Weekly security roundup covering cybersecurity topics and incidents from March 30 to April 5, 2026. Provides consolidated threat intelligence and security updates for awareness and defensive planning.
Source: ht…
rss:SecurityWeek
—
01:17 KSA
Apple Intelligence AI Guardrails Bypassed in New Attack
Researchers at RSAC demonstrated a successful bypass of Apple Intelligence security guardrails using the Neural Exect method combined with Unicode manipulation techniques. This vulnerability could potential…
rss:SecurityWeek
—
01:17 KSA
TP-Link Patches High-Severity Router Vulnerabilities
TP-Link has released security patches for high-severity vulnerabilities in their routers that could allow attackers to bypass authentication mechanisms, execute arbitrary commands, and decrypt configuration fi…
rss:SecurityWeek
—
01:17 KSA
RSAC 2026 Conference Announcements Summary (Days 3-4)
Summary of vendor announcements and product releases from the third and fourth days of the RSA Conference 2026. The conference showcases latest cybersecurity technologies, solutions, and industry trends relev…
rss:Dark Reading
—
01:17 KSA
Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers
Russia's APT28 (Forest Blizzard) is conducting cyber espionage against global organizations by exploiting vulnerable SOHO routers through DNS setting modifications. This malwareless attack techn…
rss:Dark Reading
—
01:17 KSA
Threat Actors Get Crafty With Emojis to Escape Detection
Cybercriminals are increasingly using emojis as coded language to evade security filters and detection systems. Threat actors employ symbols like 🤖 for 'bot available', 🧰 for 'toolkit', and 💰💰💰 for 'big ra…
rss:Dark Reading
—
01:17 KSA
AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties
HackerOne has paused bug bounty programs due to a shift in the vulnerability lifecycle bottleneck from discovery to remediation. Automated AI-driven tools have accelerated vulnerability discovery …
rss:The Hacker News
—
01:16 KSA
The Hidden Security Risks of Shadow AI in Enterprises
Employees are adopting AI tools without IT approval, creating shadow AI that operates outside security team visibility and bypasses organizational controls. These unauthorized tools pose significant security …
rss:The Hacker News
—
01:16 KSA
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
A sophisticated zero-day vulnerability in Adobe Reader has been actively exploited since December 2025 through malicious PDF documents. The highly-sophisticated exploit was discovered by EXPM…
rss:The Hacker News
—
01:16 KSA
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
A hack-for-hire campaign with suspected ties to Indian government-linked threat actors targeted journalists, activists, and government officials across the MENA region. The sophisticated…
rss:BleepingComputer
—
01:16 KSA
Healthcare IT solutions provider ChipSoft hit by ransomware attack
Dutch healthcare software vendor ChipSoft suffered a ransomware attack forcing offline its website and digital services. The incident impacts patient portals and healthcare provider systems, disr…
rss:BleepingComputer
—
01:16 KSA
Google Chrome adds infostealer protection against session cookie theft
Google Chrome 146 for Windows introduces Device Bound Session Credentials (DBSC) to protect against infostealer malware targeting session cookies. This security enhancement prevents credentia…
rss:BleepingComputer
—
01:16 KSA
Smart Slider updates hijacked to push malicious WordPress, Joomla versions
Attackers compromised the update mechanism of Smart Slider 3 Pro plugin for WordPress and Joomla, distributing malicious versions containing multiple backdoors. This supply chain attack a…
rss:CISA Advisories
—
01:16 KSA
Yokogawa CENTUM VP
Critical vulnerability in Yokogawa CENTUM VP industrial control system allows attackers to login as PROG user and modify permissions. Affects versions R5.01.00, R6.01.00, and R7.01.00, posing significant risk to industrial operations.
Source:…
rss:CISA Advisories
—
01:16 KSA
Anritsu Remote Spectrum Monitor
Vulnerability in Anritsu Remote Spectrum Monitor MS27 allows network attackers to alter operational settings, obtain sensitive signal data, or disrupt device availability. Poses risk to spectrum monitoring and telecommunications i…
rss:Recorded Future
—
00:04 KSA
The Shift: An Era of Quantum Geopolitics
Analysis of geopolitical shifts around Iran indicating fundamental changes to international order rules. Discusses emerging quantum geopolitics era affecting regional stability and cybersecurity threat landscape in the Mi…
rss:Recorded Future
—
00:04 KSA
Palestine Action: Operations and Global Network
Details Palestine Action's global network, operational tactics, and organizational targets following designation. Provides risk assessment and mitigation strategies for potential physical security threats to facili…
rss:Recorded Future
—
00:04 KSA
Implications of Russia-India-China Trilateral Cooperation
Examines Russia-India-China trilateral cooperation dynamics amid U.S. tariffs and sanctions. Analyzes likelihood of formal bloc formation and strategic implications for government policy and business oper…
rss:Malwarebytes Lab
—
00:04 KSA
Your extensions leak clues about you, so we made sure Browser Guard doesn’t
Browser extensions can be exploited to create user profiles for advertisers and scammers through fingerprinting techniques. Malwarebytes has implemented privacy protections in …
rss:Malwarebytes Lab
—
00:04 KSA
Russian hacking group targets home and small office routers to spy on users
FBI, NCSC, and Microsoft have issued warnings about an active Russian cyber campaign targeting home and small office routers. The attackers are hijacking DNS settings to conduct surveill…
rss:Malwarebytes Lab
—
00:04 KSA
Timeshare owners warned to watch out for cartel-linked scams
Mexican drug cartels are conducting advance-fee fraud schemes targeting timeshare owners. Authorities warn that scammers pose as legitimate buyers or companies to extract upfront payments from victims …
rss:SecurityWeek
—
00:04 KSA
Critical Marimo Flaw Exploited Hours After Public Disclosure
A critical unauthenticated vulnerability in Marimo was exploited in the wild within nine hours of public disclosure. The rapid weaponization demonstrates the immediate threat posed by publicly disclose…
rss:SecurityWeek
—
00:04 KSA
Google Rolls Out Cookie Theft Protections in Chrome
Google introduced Device Bound Session Credentials in Chrome to protect against session cookie theft. The new feature cryptographically binds authentication sessions to specific devices, rendering stolen cookie…
rss:SecurityWeek
—
00:04 KSA
Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users
Microsoft discovered a vulnerability in EngageLab SDK affecting millions of Android cryptocurrency wallet users. The security flaw was reported to the vendor one year ago, raising con…
rss:Dark Reading
—
00:03 KSA
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
Russia's Fancy Bear APT group continues widespread cyber espionage campaigns globally. Security experts emphasize that organizations don't need advanced capabilities to defend themselves, bu…
rss:Dark Reading
—
00:03 KSA
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
A researcher under the alias 'Chaotic Eclipse' publicly released a proof-of-concept exploit for an unpatched Windows zero-day vulnerability that enables local privilege escal…
rss:Dark Reading
—
00:03 KSA
Do Ceasefires Slow Cyberattacks? History Suggests Not
The cybersecurity community questions whether Iranian state-sponsored hackers will respect recent ceasefire agreements that don't explicitly mention or involve cyber operations. Historical precedent suggests …
rss:The Hacker News
—
00:03 KSA
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
A critical security vulnerability was discovered in the EngageLab SDK, a third-party Android development kit, affecting 50 million users including 30 million cryptocurrency wallet…
rss:The Hacker News
—
00:03 KSA
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A newly identified threat actor UAT-10362 is conducting sophisticated spear-phishing campaigns against Taiwanese NGOs and universities using a novel Lua-based malware called Luci…
rss:The Hacker News
—
00:03 KSA
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
A comprehensive threat bulletin covering multiple cybersecurity incidents including a hybrid P2P botnet, a 13-year-old Apache remote code execution vulnerability being actively ex…
rss:BleepingComputer
—
00:03 KSA
Google rolls out Gmail end-to-end encryption on mobile devices
Google has deployed end-to-end encryption for Gmail on Android and iOS devices, enabling enterprise users to securely read and compose emails without requiring additional tools. This security enhance…
rss:BleepingComputer
—
00:03 KSA
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
A newly discovered Lua-based malware called LucidRook is being deployed in targeted spear-phishing campaigns against NGOs and universities in Taiwan. The sophisticated malware represents an e…
rss:BleepingComputer
—
00:03 KSA
New VENOM phishing attacks steal senior executives' Microsoft logins
Cybercriminals are leveraging a new phishing-as-a-service platform called VENOM to target C-suite executives' Microsoft credentials across multiple industries. This sophisticated PhaaS ope…
rss:CISA Advisories
—
00:02 KSA
Hitachi Energy Ellipse
Hitachi Energy disclosed a Jasper Report vulnerability in Ellipse product versions enabling remote code execution (RCE) attacks. The vulnerability poses significant risk to industrial control systems and requires immediate remediation acti…
rss:CISA Advisories
—
00:02 KSA
Siemens SICAM 8 Products
Multiple Siemens SICAM 8 industrial products contain vulnerabilities that could enable denial of service attacks, affecting critical infrastructure components including SICAM A8000, SICAM EGS, and SICAM S8000 device firmware. These vulne…
rss:Recorded Future
—
23:02 KSA
Latin America and the Caribbean Cybercrime Landscape
Recorded Future's 2025 report analyzes cybercrime trends in Latin America and the Caribbean region. The report examines the evolving threat landscape and criminal ecosystem developments that may have implicati…
rss:Recorded Future
—
23:02 KSA
Panorama del cibercrimen en América Latina y el Caribe
Spanish-language version of Recorded Future's 2025 cybercrime report covering Latin America and Caribbean trends. The report provides insights into regional cyber threat developments and criminal ecosystem e…
rss:Recorded Future
—
23:02 KSA
Industrialization of the Fraud Ecosystem Blog
Payment fraud has become industrialized with standardized attack infrastructure, creating detectable patterns. Financial institutions can leverage these predictable fraud patterns to implement proactive detection and…
rss:Malwarebytes Lab
—
23:02 KSA
NSFW app leak exposes 70,000 prompts linked to individual users
MyLovelyAI application suffered a data breach exposing personal information, explicit prompts, and images of over 100,000 users. The leak creates significant risks of sextortion and doxxing attacks …
rss:Malwarebytes Lab
—
23:02 KSA
30,000 private Facebook images allegedly downloaded by Meta employee
A Meta employee allegedly developed a custom script to bypass internal security controls and download 30,000 private Facebook images. This insider threat demonstrates vulnerabilities in interna…
rss:Malwarebytes Lab
—
23:02 KSA
This fake Windows support website delivers password-stealing malware
Cybercriminals created a convincing fake Microsoft support website that distributes password-stealing malware. The malicious site tricks users into downloading malware capable of stealing crede…
rss:SecurityWeek
—
23:01 KSA
Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
Critical vulnerabilities discovered in Orthanc DICOM medical imaging software could allow attackers to execute arbitrary code remotely, cause system crashes through denial-of-service attacks, and disclose sensit…
rss:SecurityWeek
—
23:01 KSA
Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000
Google released Chrome 147 patching 60 security vulnerabilities including two critical flaws in the WebML component reported by anonymous researchers. Organizations should prioriti…
rss:SecurityWeek
—
23:01 KSA
MITRE Releases Fight Fraud Framework
MITRE released the Fight Fraud Framework, a behavior-based model documenting tactics and techniques used by fraudsters. This framework helps organizations understand and defend against fraud-related cyber threats by providing…
rss:Dark Reading
—
23:01 KSA
Orange Business Reimagines Enterprise Voice Communications With Trust and AI
Orange Business announces enterprise voice communications solution integrating AI capabilities with security focus. The development represents evolution in corporate telecommunications …
rss:Dark Reading
—
23:01 KSA
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
US government issues warning about targeted attacks on programmable logic controllers (PLCs) in industrial environments. Security research identifies 179 vulnerable operational technology devices…
rss:Dark Reading
—
23:01 KSA
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
Anthropic releases Mythos Preview AI model capable of discovering and exploiting critical zero-day vulnerabilities autonomously. The vendor implements security controls to prevent misuse, raising …
rss:The Hacker News
—
23:01 KSA
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Google has released Device Bound Session Credentials (DBSC) for all Windows users of Chrome 146 to prevent session theft attacks. This security feature binds user sessions to specific devices,…
rss:The Hacker News
—
23:01 KSA
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical remote code execution vulnerability (CVE-2026-39987, CVSS 9.3) in Marimo Python notebook was exploited within 10 hours of public disclosure. The pre-authentication flaw allows atta…
rss:The Hacker News
—
23:01 KSA
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Threat actors compromised Nextend's update servers to distribute a backdoored version of Smart Slider 3 Pro plugin (v3.5.1.35) for WordPress and Joomla. This supply chain attack all…
rss:BleepingComputer
—
23:00 KSA
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
Analysis of 1 billion CISA KEV remediation records by Qualys reveals that most critical vulnerabilities are exploited by attackers before defenders can patch them. This e…
rss:BleepingComputer
—
23:00 KSA
CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
Attackers compromised CPUID's API and modified download links on the official website to distribute malware through popular system monitoring tools CPU-Z and HWMonitor. This supply chain attack affec…
rss:BleepingComputer
—
23:00 KSA
Microsoft: Canadian employees targeted in payroll pirate attacks
Microsoft identifies Storm-2755, a financially motivated threat actor conducting 'payroll pirate' attacks against Canadian employees. The attackers hijack employee accounts to redirect and steal sa…
rss:CISA Advisories
—
23:00 KSA
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
Iranian APT actors are actively exploiting Programmable Logic Controllers (PLCs) in US critical infrastructure. This represents a significant threat to indus…
rss:CISA Advisories
—
23:00 KSA
Mitsubishi Electric GENESIS64 and ICONICS Suite products
Critical vulnerabilities in Mitsubishi Electric GENESIS64 and ICONICS Suite allow local attackers to steal SQL Server credentials. Exploitation could lead to data disclosure, tampering, destruction, or den…
rss:Mandiant Blog
—
21:50 KSA
vSphere and BRICKSTORM Malware: A Defender's Guide
Google Threat Intelligence Group reveals BRICKSTORM malware campaign specifically targeting VMware vSphere virtualized environments and vCenter Server Appliance. The threat poses significant risks to organi…
rss:Mandiant Blog
—
21:50 KSA
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
North Korea-linked threat actor has compromised the widely-used Axios NPM package in an active supply chain attack. Google Threat Intelligence Group is tracking this …
rss:Recorded Future
—
21:50 KSA
Third-Party Risk Is an Intelligence Operation. It's Time We Treated It Like One.
Recorded Future emphasizes that traditional vendor risk management relying solely on cybersecurity ratings is no longer sufficient. The company advocates for an intelligence-dr…
rss:Recorded Future
—
21:50 KSA
Understanding and Anticipating Venezuelan Government Actions
Analysis of Venezuela's political transition following a hypothetical 2026 US operation, examining Acting President Delcy Rodríguez's strategy and internal threats. While primarily geopolitical, this i…
rss:Recorded Future
—
21:50 KSA
Day in the Life: Product Manager at Recorded Future
Career profile interview with a product manager at Recorded Future discussing daily responsibilities. This article has no cybersecurity threat intelligence value and is purely promotional/recruitment content wi…
rss:Malwarebytes Lab
—
21:50 KSA
Fake Claude site installs malware that gives attackers access to your computer
A sophisticated fake Claude AI website has been discovered distributing a trojanized application that secretly installs PlugX malware. The malicious site appears convincing and grants…
rss:Malwarebytes Lab
—
21:50 KSA
ClickFix finds a new way to infect Macs
ClickFix malware campaigns have evolved to bypass macOS Tahoe security warnings by exploiting Script Editor instead of Terminal. This new technique circumvents Apple's built-in protections against malicious command executi…
rss:Malwarebytes Lab
—
21:50 KSA
Scammers pose as Amazon support to steal your account
A widespread phishing campaign is targeting Amazon customers through fraudulent refund scams delivered via email and SMS. Attackers impersonate Amazon support to steal account credentials and personal informa…
rss:SecurityWeek
—
21:49 KSA
In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
Multiple cybersecurity incidents reported including a cyberattack on Stryker medical devices company, a Windows zero-day vulnerability exploitation, and a breach of Chinese sup…
rss:SecurityWeek
—
21:49 KSA
Juniper Networks Patches Dozens of Junos OS Vulnerabilities
Juniper Networks released security patches for dozens of vulnerabilities in Junos OS. A critical-severity flaw allows remote attackers to take complete control of vulnerable devices without authenticati…
rss:SecurityWeek
—
21:49 KSA
Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday
US government issued warnings about Iran-linked threat actors actively manipulating PLCs and SCADA systems to cause operational disruption in critical infrastructure. The attacks …
rss:Dark Reading
—
21:49 KSA
Hims Breach Exposes the Most Sensitive Kinds of PHI
Threat actors breached telehealth provider Hims, exposing highly sensitive personal health information including medical conditions related to hair loss, weight, and sexual health. The breach raises concerns ab…
rss:Dark Reading
—
21:49 KSA
Your Next Breach Will Look Like Business as Usual
Cybersecurity teams must fundamentally shift their detection models to identify credential-based attacks that blend with normal business operations. Traditional security tools struggle to detect these attacks as …
rss:Dark Reading
—
21:49 KSA
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
FINRA has established a Financial Intelligence Fusion Center to enhance collaboration and information sharing against cybersecurity threats and fraud targeting the fina…
rss:Krebs on Securit
—
21:49 KSA
Russia Hacked Routers to Steal Microsoft Office Tokens
Russian military intelligence-linked hackers are exploiting vulnerabilities in outdated routers to mass harvest Microsoft Office authentication tokens. This state-sponsored espionage campaign enables unautho…
rss:Krebs on Securit
—
21:49 KSA
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
German authorities identified Russian national Daniil Maksimovich Shchukin, 31, as the leader behind notorious ransomware groups REvil and GandCrab. He is accused of orchestrating at least 130 cyb…
rss:The Hacker News
—
21:48 KSA
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian intelligence, El Salvador police, and U.S. law enforcement agencies used Webloc, an Israeli-developed advertising-based geolocation surveillance system, to track 500 mill…
rss:The Hacker News
—
21:48 KSA
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
The GlassWorm campaign has evolved to use a new Zig-based dropper that targets and infects all integrated development environments (IDEs) on developers' machines through malicious Open VSX ext…
rss:The Hacker News
—
21:48 KSA
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
A LayerX report reveals AI browser extensions represent a critical security blind spot in organizations' AI security strategies. While companies focus on shadow AI and GenAI consu…
rss:BleepingComputer
—
21:48 KSA
Over 20,000 crypto fraud victims identified in international crackdown
International law enforcement led by UK's NCA identified over 20,000 cryptocurrency fraud victims across Canada, UK, and US. This coordinated crackdown highlights the global scale of crypto-r…
rss:BleepingComputer
—
21:48 KSA
ChatGPT rolls out new $100 Pro subscription to challenge Claude
OpenAI launched a new $100 Pro subscription tier for ChatGPT to compete with Claude's pricing structure. This is a business development announcement with no direct cybersecurity implications for Sau…
rss:BleepingComputer
—
21:48 KSA
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
Iranian-linked hackers are targeting US critical infrastructure with nearly 4,000 Internet-exposed Rockwell Automation PLCs vulnerable to attack. This represents a significant threat to industria…
rss:CISA Advisories
—
21:48 KSA
Contemporary Controls BASC 20T
Critical vulnerability in Contemporary Controls BASC 20T PLC allows attackers to enumerate components, reconfigure systems, delete files, and execute remote procedure calls. This poses significant risk to industrial control systems…
rss:CISA Advisories
—
21:48 KSA
GPL Odorizers GPL750
Vulnerability in GPL Odorizers GPL750 system allows low-privileged remote attackers to manipulate register values controlling odorant injection in gas lines. This could result in dangerous over or under-injection of odorant, posing safety ri…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Saturday, April 11, 2026
CVE Archive ·
Threats ·
News