129
CVEs
104
Threats
0
News
47
Critical
36
CISA KEV
🛡 Security Vulnerabilities (CVE)
Omnissa Workspace One UEM — CVE-2021-22054
Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vulnerability that could allow a malicious actor with network access to UEM to send their requests without authentication …
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026.
NOTE: The vendor was contacted early …
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026.
NOTE: The vendor was contacted early about this di…
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly sanitize the user_role parameter. This …
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.
Please consider upgrading to Fre…
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated session.
The vendor was notifie…
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password cha…
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the …
Ajenti is a Linux and BSD modular server admin panel. Prior to version 2.2.13, an unauthenticated user could gain access to a server to execute arbitrary code on this server. This is fixed in the version 2.2.13.
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated a…
CVE-2026-28268
Vikunja Password Reset Token Reuse Vulnerability Enables Persistent Account Takeover
09:21 KSA
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a failure to invalidate tokens upo…
A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os …
CVE-2026-33017
Langflow Code Injection Vulnerability Allows Unauthenticated Flow Execution
01:52 KSA
Langflow Langflow — CVE-2026-33017
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or di…
Fortinet FortiClient EMS — CVE-2026-35616
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Required Action: Apply mitigations per vendor instructio…
Google Skia — CVE-2026-3909
Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other pro…
Google Chromium V8 — CVE-2026-3910
Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could …
CVE-2018-20753
Kaseya VSA Remote Code Execution Vulnerability — Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShe
11:01 KSA
Kaseya VSA Remote Code Execution Vulnerability — Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.
CVE-2018-2380
SAP Customer Relationship Management (CRM) Path Traversal Vulnerability — SAP Customer Relationship Management (CRM) con
11:01 KSA
SAP Customer Relationship Management (CRM) Path Traversal Vulnerability — SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.
CVE-2018-2628
Oracle WebLogic Server Unspecified Vulnerability — Oracle WebLogic Server contains an unspecified vulnerability which ca
11:01 KSA
Oracle WebLogic Server Unspecified Vulnerability — Oracle WebLogic Server contains an unspecified vulnerability which can allow an unauthenticated attacker with T3 network access to compromise the server.
CVE-2018-4344
Apple Multiple Products Memory Corruption Vulnerability — Apple iOS, macOS, tvOS, and watchOS contain a memory corruptio
11:01 KSA
Apple Multiple Products Memory Corruption Vulnerability — Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.
CVE-2018-4878
Adobe Flash Player Use-After-Free Vulnerability — Adobe Flash Player contains a use-after-free vulnerability that could
11:01 KSA
Adobe Flash Player Use-After-Free Vulnerability — Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.
CVE-2018-4939
Adobe ColdFusion Deserialization of Untrusted Data Vulnerability — Adobe ColdFusion contains a deserialization of untrus
11:01 KSA
Adobe ColdFusion Deserialization of Untrusted Data Vulnerability — Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution.
CVE-2018-4990
Adobe Acrobat and Reader Double Free Vulnerability — Adobe Acrobat and Reader have a double free vulnerability that coul
11:01 KSA
Adobe Acrobat and Reader Double Free Vulnerability — Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.
CVE-2018-5002
Adobe Flash Player Stack-based Buffer Overflow Vulnerability — Adobe Flash Player have a stack-based buffer overflow vul
11:01 KSA
Adobe Flash Player Stack-based Buffer Overflow Vulnerability — Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.
CVE-2018-5430
TIBCO JasperReports Server Information Disclosure Vulnerability — TIBCO JasperReports Server contain a vulnerability whi
11:01 KSA
TIBCO JasperReports Server Information Disclosure Vulnerability — TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.
CVE-2018-6065
Google Chromium V8 Integer Overflow Vulnerability — Google Chromium V8 Engine contains an integer overflow vulnerability
11:01 KSA
Google Chromium V8 Integer Overflow Vulnerability — Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utiliz…
CVE-2018-6530
D-Link Multiple Routers OS Command Injection Vulnerability — Multiple D-Link routers contain an unspecified vulnerabilit
11:01 KSA
D-Link Multiple Routers OS Command Injection Vulnerability — Multiple D-Link routers contain an unspecified vulnerability that allows for execution of OS commands.
CVE-2018-6789
Exim Buffer Overflow Vulnerability — Exim contains a buffer overflow vulnerability in the base64d function part of the S
11:01 KSA
Exim Buffer Overflow Vulnerability — Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.
CVE-2018-6882
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability — Synacor Zimbra Collaboration Suite (
11:01 KSA
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability — Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.
CVE-2018-6961
VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability — VMware SD-WAN Edge by VeloCloud contains a command inj
11:01 KSA
VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability — VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution.
CVE-2018-7445
MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability — In MikroTik RouterOS, a stack-based buffer overflow occurs
11:01 KSA
MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability — In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the sys…
CVE-2018-7600
Drupal Core Remote Code Execution Vulnerability — Drupal Core contains a remote code execution vulnerability that could
11:01 KSA
Drupal Core Remote Code Execution Vulnerability — Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.
CVE-2018-7602
Drupal Core Remote Code Execution Vulnerability — A remote code execution vulnerability exists within multiple subsystem
11:01 KSA
Drupal Core Remote Code Execution Vulnerability — A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.
CVE-2018-7841
Schneider Electric U.motion Builder SQL Injection Vulnerability — A SQL Injection vulnerability exists in U.motion Build
11:01 KSA
Schneider Electric U.motion Builder SQL Injection Vulnerability — A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.
CVE-2018-8120
Microsoft Win32k Privilege Escalation Vulnerability — A privilege escalation vulnerability exists in Windows when the Wi
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
CVE-2018-8174
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability — A remote code execution vulnerability exists in th
11:01 KSA
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability — A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
CVE-2018-8298
ChakraCore Scripting Engine Type Confusion Vulnerability — The ChakraCore scripting engine contains a type confusion vul
11:01 KSA
ChakraCore Scripting Engine Type Confusion Vulnerability — The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.
CVE-2018-8373
Microsoft Scripting Engine Memory Corruption Vulnerability — A remote code execution vulnerability exists in the way tha
11:01 KSA
Microsoft Scripting Engine Memory Corruption Vulnerability — A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.
CVE-2018-8405
Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability — An elevation of privilege vulnerability exists wh
11:01 KSA
Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability — An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.
CVE-2018-8406
Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability — An elevation of privilege vulnerability exists wh
11:01 KSA
Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability — An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.
CVE-2018-8414
Microsoft Windows Shell Remote Code Execution Vulnerability — A remote code execution vulnerability exists when the Wind
11:01 KSA
Microsoft Windows Shell Remote Code Execution Vulnerability — A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.
CVE-2018-8440
Microsoft Windows Privilege Escalation Vulnerability — An elevation of privilege vulnerability exists when Windows impro
11:01 KSA
Microsoft Windows Privilege Escalation Vulnerability — An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
CVE-2018-8453
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Windows Win32k contains a vulnerability that allows an a
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Windows Win32k contains a vulnerability that allows an attacker to escalate privileges.
CVE-2018-8581
Microsoft Exchange Server Privilege Escalation Vulnerability — A privilege escalation vulnerability exists in Microsoft
11:01 KSA
Microsoft Exchange Server Privilege Escalation Vulnerability — A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.
CVE-2018-8589
Microsoft Win32k Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when Windows improperl
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.
CVE-2018-8611
Microsoft Windows Kernel Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when the Windo
11:01 KSA
Microsoft Windows Kernel Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory.
CVE-2023-29298
Critical Adobe ColdFusion Improper Access Control Vulnerability (CVE-2023-29298)
11:01 KSA
Adobe ColdFusion Improper Access Control Vulnerability — Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.
CVE-2026-35029
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/updat
17:55 KSA
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configura…
CVE-2026-5144
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including
22:47 KSA
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user inpu…
CVE-2026-5685
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/
17:55 KSA
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available …
CVE-2026-5686
A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic
23:58 KSA
A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit …
CVE-2026-5687
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the f
02:23 KSA
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has b…
CVE-2026-35020
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helpe
17:55 KSA
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the command lookup helper and deep-link terminal launcher that allows local attackers to execute arbitrary commands by manipulating the TERMINAL environment variable. Attackers can inj…
CVE-2026-35394
Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobile_open_url tool in mobile-
17:55 KSA
Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobile_open_url tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD…
CVE-2026-5684
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilt
17:55 KSA
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access t…
CVE-2026-21373
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21374
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validatio
05:45 KSA
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
CVE-2026-21375
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21376
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
CVE-2026-21378
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor
05:45 KSA
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
CVE-2026-21380
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
05:45 KSA
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
CVE-2026-21382
Memory Corruption when handling power management requests with improperly sized input/output buffers.
11:54 KSA
Memory Corruption when handling power management requests with improperly sized input/output buffers.
CVE-2026-34588
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the
14:16 KSA
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal_exr_undo_piz() advances the working wavelet pointer with signed 32-bit arithmeti…
CVE-2026-35021
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the prompt editor invoca
17:55 KSA
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the prompt editor invocation utility that allows attackers to execute arbitrary commands by crafting malicious file paths. Attackers can inject shell metacharacters such as $() or back…
CVE-2026-21381
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood aware
05:45 KSA
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
CVE-2026-35389
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification
17:55 KSA
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, S/MIME signature verification did not validate the certificate trust chain (checkChain: false). Any email signed with a self-signed or untrusted certificate was displayed as having a valid …
CVE-2026-35391
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, the getClientIP() function in
17:55 KSA
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, the getClientIP() function in lib/admin/session.ts trusted the first (leftmost) entry of the X-Forwarded-For header, which is fully controlled by the client. An attacker could forge their s…
CVE-2026-5665
A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an
17:55 KSA
A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/checklogin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The atta…
CVE-2026-5669
A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. Th
17:55 KSA
A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This vulnerability affects unknown code of the file /login.php of the component Parameter Handler. Such manipulation of the argument Password leads to sql injecti…
CVE-2026-5672
A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Affected by this issue is some unknown f
17:55 KSA
A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /edit-category.php of the component Parameter Handler. The manipulation of the argument cat_id leads to sql injection. It is possible t…
CVE-2026-5676
A vulnerability was identified in Totolink A8000R 5.9c.681_B20180413. This issue affects the function setLanguageCfg of
17:55 KSA
A vulnerability was identified in Totolink A8000R 5.9c.681_B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is p…
CVE-2026-5677
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function CsteSystem of the
17:55 KSA
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The expl…
CVE-2026-5678
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setSchedul
17:55 KSA
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The …
CVE-2026-6105
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the fi
22:47 KSA
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The attac…
CVE-2026-34217
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sand
14:16 KSA
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sandboxjs. The vulnerability allows untrusted sandboxed code to leak internal interpreter objects through the new operator, exposing sandbox scope objects in the sc…
CVE-2026-5217
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vuln
22:47 KSA
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.2. This is due to insufficient input sanitization and output escaping on the use…
CVE-2026-5809
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. Th
22:47 KSA
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topic_add() and topic_edit() action handlers accept arbitrary user-supplied data[*] arrays from $_REQUEST and store them…
CVE-2026-33791
An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a l
10:03 KSA
An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the syst…
CVE-2021-47960
A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows
19:18 KSA
A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access files within the installation directory via a local HTTP server bound to the loopback interface. By leveraging user interaction with …
CVE-2026-33779
An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Serie
03:19 KSA
An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it.
When an SRX device is provis…
CVE-2026-33780
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Jun
03:19 KSA
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).…
CVE-2026-33781
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper N
03:19 KSA
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service (DoS).
On EX4k, and QF…
CVE-2026-33782
A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos
03:19 KSA
A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service (DoS).
In a DHCP…
CVE-2026-33783
A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved
03:19 KSA
A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS).
If colored SRTE policy tunnels a…
CVE-2026-35618
OpenClaw before 2026.3.23 contains a replay identity vulnerability in Plivo V2 signature verification that allows attack
10:03 KSA
OpenClaw before 2026.3.23 contains a replay identity vulnerability in Plivo V2 signature verification that allows attackers to bypass replay protection by modifying query parameters. The verification path derives replay keys from the full URL including query strings instead of th…
CVE-2026-35621
OpenClaw before 2026.3.24 contains a privilege escalation vulnerability where the /allowlist command fails to re-validat
21:42 KSA
OpenClaw before 2026.3.24 contains a privilege escalation vulnerability where the /allowlist command fails to re-validate gateway client scopes for internal callers, allowing operator.write-scoped clients to mutate channel authorization policy. Attackers can exploit chat.send to …
CVE-2026-35627
OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforci
10:03 KSA
OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforcing sender and pairing policy validation. Attackers can trigger unauthorized pre-authentication computation by sending crafted DM messages, enabling denial of se…
CVE-2026-35631
OpenClaw before 2026.3.22 fails to enforce operator.admin scope on mutating internal ACP chat commands, allowing unautho
12:36 KSA
OpenClaw before 2026.3.22 fails to enforce operator.admin scope on mutating internal ACP chat commands, allowing unauthorized modifications. Attackers without admin privileges can execute mutating control-plane actions by directly invoking affected ACP commands to bypass authoriz…
CVE-2026-35636
OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where session_status reso
12:36 KSA
OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where session_status resolves sessionId to canonical session keys before enforcing visibility checks. Sandboxed child sessions can exploit this to access parent or sibling sessions that…
CVE-2026-35644
OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scop
12:36 KSA
OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to r…
CVE-2026-35649
OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny
23:44 KSA
OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability treats explicit empty allowlists as unset during reconciliation, silently undoing int…
CVE-2026-35652
OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows no
01:48 KSA
OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted senders to execute action handlers. Attackers can bypass sender authorization checks by dispatching callbacks before normal security validation co…
CVE-2026-35656
OpenClaw before 2026.3.22 contains an authentication bypass vulnerability in the X-Forwarded-For header processing when
01:48 KSA
OpenClaw before 2026.3.22 contains an authentication bypass vulnerability in the X-Forwarded-For header processing when trustedProxies is configured, allowing attackers to spoof loopback hops. Remote attackers can inject forged forwarding headers to bypass canvas authentication a…
CVE-2026-35657
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in the HTTP /sessions/:sessionKey/history route
01:48 KSA
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in the HTTP /sessions/:sessionKey/history route that skips operator.read scope validation. Attackers can access session history without proper operator read permissions by sending HTTP requests to the vulner…
CVE-2026-35658
OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools
01:48 KSA
OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools.fs.workspaceOnly restrictions. Attackers can traverse sandbox bridge mounts outside the workspace to read files that other filesystem tools would reject.
CVE-2026-5207
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and i
10:29 KSA
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
CVE-2026-1263
The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.
12:36 KSA
The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and missing capabilities checks in the 'webling_admin_save_form' and 'webling_admin_save…
CVE-2026-2305
The AddFunc Head & Footer Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `aFhfc_head_cod
14:54 KSA
The AddFunc Head & Footer Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `aFhfc_head_code`, `aFhfc_body_code`, and `aFhfc_footer_code` post meta values in all versions up to, and including, 2.3. This is due to the plugin outputting these meta value…
CVE-2026-3498
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'clientId' block attribute
08:16 KSA
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'clientId' block attribute in all versions up to, and including, 2.2.15. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated atta…
The Ultimate FAQ Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via FAQ content in all versions up to, and including, 2.4.7. This is due to the plugin calling html_entity_decode() on post_content during rendering in the set_display_variables() functio…
CVE-2026-4895
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in
08:16 KSA
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 12.8.9 This is due to insufficient input sanitization and output escaping in the gspb_greenShift_block_script_assets() function. …
CVE-2026-5999
A vulnerability has been found in JeecgBoot up to 3.9.1. This impacts an unknown function of the component SysAnnounceme
14:54 KSA
A vulnerability has been found in JeecgBoot up to 3.9.1. This impacts an unknown function of the component SysAnnouncementController. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be us…
CVE-2026-6005
A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function
17:16 KSA
A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematology_print.php. Executing a manipulation of the argument hem_id can lead to sql injection. It is possible to launch the attack remotely. The…
A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been…
A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and coul…
CVE-2026-6010
A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknow
17:16 KSA
A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknown functionality of the file /OnlineClassroom/takeassessment2.php?exid=14. Performing a manipulation of the argument Q1 results in sql injection. Remote exploita…
CVE-2026-6030
A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of
19:18 KSA
A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /del1.php. This manipulation of the argument toolname causes sql injection. Remote exploitation of the attack is possible. The exploit has been publis…
CVE-2026-6033
A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedet
19:18 KSA
A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedetailsfromstudent.php?eno=146891650. Executing a manipulation of the argument fname can lead to sql injection. The attack may be performed from remote. The exploi…
CVE-2026-4305
The Royal WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the
12:36 KSA
The Royal WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpr_pending_template' parameter in all versions up to, and including, 1.0.16 due to insufficient input validation. This makes it possible for unauthenticated …
CVE-2026-5226
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL
10:29 KSA
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient output escaping on user-supplied URL paths in the get_current_url() function, which a…
CVE-2026-35622
OpenClaw before 2026.3.22 contains an improper authentication verification vulnerability in Google Chat app-url webhook
10:03 KSA
OpenClaw before 2026.3.22 contains an improper authentication verification vulnerability in Google Chat app-url webhook handling that accepts add-on principals outside intended deployment bindings. Attackers can bypass webhook authentication by providing non-deployment add-on pri…
CVE-2026-35655
OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicti
01:48 KSA
OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicting tool identity hints from rawInput and metadata. Attackers can spoof tool identities through rawInput parameters to suppress dangerous-tool prompting and bypa…
CVE-2026-6011
A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the
19:18 KSA
A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of the component assertPublicHostname Handler. Executing a manipulation can lead to server-side request forgery. The attack c…
CVE-2026-33786
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Junipe
07:48 KSA
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).
When a specific 's…
CVE-2026-33787
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Junipe
07:48 KSA
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).
When a sp…
CVE-2026-2712
The WP-Optimize plugin for WordPress is vulnerable to unauthorized access of functionality due to missing capability che
12:36 KSA
The WP-Optimize plugin for WordPress is vulnerable to unauthorized access of functionality due to missing capability checks in the `receive_heartbeat()` function in `includes/class-wp-optimize-heartbeat.php` in all versions up to, and including, 4.5.0. This is due to the Heartbea…
CVE-2026-3358
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized private course e
08:16 KSA
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized private course enrollment in all versions up to, and including, 3.9.7. This is due to missing post_status validation in the `enroll_now()` and `course_enrollment()` functions. …
CVE-2026-35620
OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handle
21:42 KSA
OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fa…
CVE-2026-35626
OpenClaw before 2026.3.22 contains an unauthenticated resource exhaustion vulnerability in voice call webhook handling t
10:03 KSA
OpenClaw before 2026.3.22 contains an unauthenticated resource exhaustion vulnerability in voice call webhook handling that buffers request bodies before provider signature checks. Attackers can send large or malicious webhook requests to exhaust server resources without authenti…
CVE-2026-35633
OpenClaw before 2026.3.22 contains an unbounded memory allocation vulnerability in remote media HTTP error handling that
12:36 KSA
OpenClaw before 2026.3.22 contains an unbounded memory allocation vulnerability in remote media HTTP error handling that allows attackers to trigger excessive memory consumption. Attackers can send crafted HTTP error responses with large bodies to remote media endpoints, causing …
CVE-2026-35640
OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated atta
12:36 KSA
OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated attackers to force resource-intensive parsing operations. Remote attackers can send malicious webhook requests to trigger denial of service by exhausting server res…
CVE-2026-35647
OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks an
23:44 KSA
OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation…
CVE-2026-35654
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows
01:48 KSA
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows unauthorized senders to record session feedback. Attackers can bypass sender allowlist checks via feedback invoke endpoints to trigger unauthorized feedback re…
CVE-2026-35661
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows
01:48 KSA
OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct …
CVE-2026-4664
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to authentication bypass in all versions up to,
12:36 KSA
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.103.0. This is due to the `create_review_permissions_check()` function comparing the user-supplied `key` parameter against the order's `ivole_s…
CVE-2026-5986
A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the
12:36 KSA
A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the library lib/util.js. This manipulation of the argument timestamp causes inefficient regular expression complexity. It is possible to initiate the attack remotel…
CVE-2026-5998
A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file
14:54 KSA
A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file agent/memory/service.py of the component API Memory Content Endpoint. This manipulation of the argument filename causes path traversal. The attack can be initi…
CVE-2026-35634
OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where authorizeCanvasReq
12:36 KSA
OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where authorizeCanvasRequest() unconditionally allows local-direct requests without validating bearer tokens or canvas capabilities. Attackers can send unauthenticated loopback HTTP an…
CVE-2026-4979
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPre
08:16 KSA
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to blind Server-Side Request Forgery in all versions up to, and including, 1.2.58. This is due to insufficient URL origin validation in the pro…
⚠️ Threat Intelligence
104 threats
rss:Recorded Future
—
02:28 KSA
<strong>Critical React2Shell Vulnerability Under Active Exploitation by Chinese Threat Actors</strong>
A critical vulnerability in React Server Components is being actively exploited by multiple Chinese threat actors. Recorded Future urges organizations to immediately patch thei…
rss:Recorded Future
—
02:28 KSA
<strong>When the Digital World Turns Physical: The Expanding Role of Threat Intelligence in Executive Protection</strong>
Converged threat intelligence is increasingly critical for executive protection against cyber-enabled physical threats including deepfakes, doxxing, and digi…
rss:Recorded Future
—
02:28 KSA
<strong>The Hidden Cascade: Why Law Firm Breaches Destroy More than Data</strong>
Law firm breaches expose decades of sensitive M&A intelligence, client confidential data, and privileged legal strategies, creating cascading risks across multiple organizations. Proactive vendor r…
rss:Malwarebytes Lab
—
02:28 KSA
<strong>Killer robots are here. Now what? (Lock and Code S07E07)</strong>
Discussion on autonomous weapons systems and their cybersecurity implications. Explores the risks of AI-powered military systems and potential security vulnerabilities in autonomous weapons platforms.
Sou…
rss:Malwarebytes Lab
—
02:28 KSA
<strong>That dream job offer from Coca-Cola or Ferrari? It’s a trap for your passwords</strong>
Phishing campaign impersonating Coca-Cola and Ferrari job offers targeting Google and Facebook credentials. Attackers use fake recruitment schemes to steal user authentication data an…
rss:Malwarebytes Lab
—
02:28 KSA
<strong>Blocking children from social media is a badly executed good idea</strong>
Analysis of government-imposed age restrictions on social media platforms and their cybersecurity implications. Discusses privacy concerns and potential security risks associated with age verifica…
rss:SecurityWeek
—
02:28 KSA
<strong>Coruna iOS Exploit Kit Likely an Update to Operation Triangulation</strong>
Coruna iOS exploit kit contains an updated kernel exploit from Operation Triangulation, a sophisticated APT campaign from three years ago. This represents a continued threat to iOS devices throug…
rss:SecurityWeek
—
02:28 KSA
<strong>CISA Flags Critical PTC Vulnerability That Had German Police Mobilized</strong>
CISA flagged a critical vulnerability (CVE-2026-4681) in PTC Windchill software that prompted German police to physically visit organizations to warn them. The severity of this flaw necessita…
rss:SecurityWeek
—
02:28 KSA
<strong>Cisco Patches Multiple Vulnerabilities in IOS Software</strong>
Cisco released patches for multiple high and medium-severity vulnerabilities in IOS Software that could enable denial-of-service attacks, secure boot bypass, information disclosure, and privilege escalation.…
rss:Dark Reading
—
02:27 KSA
<strong>Fraud Rockets Higher in Mobile-First Latin America</strong>
Cybercriminals are rapidly exploiting compromised mobile devices to execute account takeovers and fraudulent fund transfers in Latin America's mobile-first market. Financial institutions struggle to respond quic…
rss:Dark Reading
—
02:27 KSA
<strong>Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus</strong>
Full Sail University is launching an IBM Cyber Defense Range on campus, powered by AWS and Cloud Range infrastructure. This initiative aims to provide hands-on cybersec…
rss:Dark Reading
—
02:27 KSA
<strong>Niobium Introduces The Fog</strong>
Niobium has introduced a new product or service called 'The Fog'. Without additional context, this appears to be a technology announcement potentially related to cybersecurity solutions or infrastructure.
Source: https://www.darkreadi…
rss:The Hacker News
—
02:27 KSA
<strong>New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy</strong>
A new Chaos malware variant is targeting misconfigured cloud deployments, expanding the botnet's attack surface beyond traditional targets. This development poses significant risks to or…
rss:The Hacker News
—
02:27 KSA
<strong>Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices</strong>
Masjesu botnet, advertised as a DDoS-for-hire service on Telegram since 2023, targets IoT devices globally for distributed denial-of-service attacks. The stealthy botnet represents a gr…
rss:The Hacker News
—
02:27 KSA
<strong>APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies</strong>
Russian APT28 group launched a spear-phishing campaign against Ukraine and NATO allies deploying PRISMEX malware. The sophisticated malware suite uses advanced steganography and componen…
rss:BleepingComputer
—
02:27 KSA
<strong>When attackers already have the keys, MFA is just another door to open</strong>
Stolen credentials compromise multi-factor authentication systems, turning them into attack vectors. Biometric authentication solutions that verify the user rather than the session can block …
rss:BleepingComputer
—
02:27 KSA
<strong>Webinar: From noise to signal - What threat actors are targeting next</strong>
Threat actors often reveal their intentions through dark web activity, access-broker listings, and credential requests before launching attacks. Proactive monitoring of these early warning sig…
rss:BleepingComputer
—
02:27 KSA
<strong>Eurail says December data breach impacts 300,000 individuals</strong>
European rail pass provider Eurail B.V. disclosed a December 2025 data breach affecting over 300,000 individuals. Attackers successfully stole personal information from the company's systems covering 3…
rss:CISA Advisories
—
02:26 KSA
<strong>PX4 Autopilot</strong>
Critical vulnerability in PX4 Autopilot v1.16.0 allows attackers with MAVLink interface access to execute arbitrary shell commands without authentication. This poses significant risks to drone and autonomous vehicle systems used in critical infrast…
rss:CISA Advisories
—
02:26 KSA
<strong>PTC Windchill Product Lifecycle Management</strong>
Critical remote code execution vulnerability (CVE-2026-4681) affects multiple versions of PTC Windchill PDMLink (11.0_M030, 11.1_M020). Successful exploitation allows attackers to execute arbitrary code remotely, threat…
rss:Recorded Future
—
01:18 KSA
<strong>November 2025 CVE Landscape: 10 Critical Vulnerabilities Show 69% Drop from October</strong>
November 2025 saw 10 critical exploited vulnerabilities, representing a 69% decrease from October. Fortinet and Samsung vulnerabilities require immediate patching due to active e…
rss:Recorded Future
—
01:18 KSA
<strong>GrayBravo’s CastleLoader Activity Clusters Target Multiple Industries</strong>
GrayBravo threat actor is conducting CastleLoader malware campaigns targeting multiple industries. The activity clusters indicate coordinated attacks across various sectors requiring enhanced …
rss:Recorded Future
—
01:18 KSA
<strong>5 Real-Word Third-Party Risk Examples</strong>
Analysis of five real-world third-party risk scenarios including vendor data breaches and supply chain attacks. Demonstrates how effective third-party risk management programs can prevent cyber incidents through vendor overs…
rss:Malwarebytes Lab
—
01:17 KSA
<strong>Traffic violation scams swap links for QR codes to steal your card details</strong>
Cybercriminals are evolving phishing tactics by embedding QR codes in fake traffic violation notices that appear official. When scanned, these codes redirect victims to fraudulent payment…
rss:Malwarebytes Lab
—
01:17 KSA
<strong>Support platform breach exposes Hims &amp; Hers customer data</strong>
Healthcare platform Hims & Hers suffered a data breach through its customer support system, exposing sensitive patient information. The incident highlights the vulnerability of healthcare organiza…
rss:Malwarebytes Lab
—
01:17 KSA
<strong>A week in security (March 30 &#8211; April 5)</strong>
Weekly security roundup covering cybersecurity topics and incidents from March 30 to April 5, 2026. Provides consolidated threat intelligence and security updates for awareness and defensive planning.
Source: ht…
rss:SecurityWeek
—
01:17 KSA
<strong>Apple Intelligence AI Guardrails Bypassed in New Attack</strong>
Researchers at RSAC demonstrated a successful bypass of Apple Intelligence security guardrails using the Neural Exect method combined with Unicode manipulation techniques. This vulnerability could potential…
rss:SecurityWeek
—
01:17 KSA
<strong>TP-Link Patches High-Severity Router Vulnerabilities</strong>
TP-Link has released security patches for high-severity vulnerabilities in their routers that could allow attackers to bypass authentication mechanisms, execute arbitrary commands, and decrypt configuration fi…
rss:SecurityWeek
—
01:17 KSA
<strong>RSAC 2026 Conference Announcements Summary (Days 3-4)</strong>
Summary of vendor announcements and product releases from the third and fourth days of the RSA Conference 2026. The conference showcases latest cybersecurity technologies, solutions, and industry trends relev…
rss:Dark Reading
—
01:17 KSA
<strong>Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers</strong>
Russia's APT28 (Forest Blizzard) is conducting cyber espionage against global organizations by exploiting vulnerable SOHO routers through DNS setting modifications. This malwareless attack techn…
rss:Dark Reading
—
01:17 KSA
<strong>Threat Actors Get Crafty With Emojis to Escape Detection</strong>
Cybercriminals are increasingly using emojis as coded language to evade security filters and detection systems. Threat actors employ symbols like 🤖 for 'bot available', 🧰 for 'toolkit', and 💰💰💰 for 'big ra…
rss:Dark Reading
—
01:17 KSA
<strong>AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties</strong>
HackerOne has paused bug bounty programs due to a shift in the vulnerability lifecycle bottleneck from discovery to remediation. Automated AI-driven tools have accelerated vulnerability discovery …
rss:The Hacker News
—
01:16 KSA
<strong>The Hidden Security Risks of Shadow AI in Enterprises</strong>
Employees are adopting AI tools without IT approval, creating shadow AI that operates outside security team visibility and bypasses organizational controls. These unauthorized tools pose significant security …
rss:The Hacker News
—
01:16 KSA
<strong>Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025</strong>
A sophisticated zero-day vulnerability in Adobe Reader has been actively exploited since December 2025 through malicious PDF documents. The highly-sophisticated exploit was discovered by EXPM…
rss:The Hacker News
—
01:16 KSA
<strong>Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region</strong>
A hack-for-hire campaign with suspected ties to Indian government-linked threat actors targeted journalists, activists, and government officials across the MENA region. The sophisticated…
rss:BleepingComputer
—
01:16 KSA
<strong>Healthcare IT solutions provider ChipSoft hit by ransomware attack</strong>
Dutch healthcare software vendor ChipSoft suffered a ransomware attack forcing offline its website and digital services. The incident impacts patient portals and healthcare provider systems, disr…
rss:BleepingComputer
—
01:16 KSA
<strong>Google Chrome adds infostealer protection against session cookie theft</strong>
Google Chrome 146 for Windows introduces Device Bound Session Credentials (DBSC) to protect against infostealer malware targeting session cookies. This security enhancement prevents credentia…
rss:BleepingComputer
—
01:16 KSA
<strong>Smart Slider updates hijacked to push malicious WordPress, Joomla versions</strong>
Attackers compromised the update mechanism of Smart Slider 3 Pro plugin for WordPress and Joomla, distributing malicious versions containing multiple backdoors. This supply chain attack a…
rss:CISA Advisories
—
01:16 KSA
<strong>Yokogawa CENTUM VP</strong>
Critical vulnerability in Yokogawa CENTUM VP industrial control system allows attackers to login as PROG user and modify permissions. Affects versions R5.01.00, R6.01.00, and R7.01.00, posing significant risk to industrial operations.
Source:…
rss:CISA Advisories
—
01:16 KSA
<strong>Anritsu Remote Spectrum Monitor</strong>
Vulnerability in Anritsu Remote Spectrum Monitor MS27 allows network attackers to alter operational settings, obtain sensitive signal data, or disrupt device availability. Poses risk to spectrum monitoring and telecommunications i…
rss:Recorded Future
—
00:04 KSA
<strong>The Shift: An Era of Quantum Geopolitics</strong>
Analysis of geopolitical shifts around Iran indicating fundamental changes to international order rules. Discusses emerging quantum geopolitics era affecting regional stability and cybersecurity threat landscape in the Mi…
rss:Recorded Future
—
00:04 KSA
<strong>Palestine Action: Operations and Global Network</strong>
Details Palestine Action's global network, operational tactics, and organizational targets following designation. Provides risk assessment and mitigation strategies for potential physical security threats to facili…
rss:Recorded Future
—
00:04 KSA
<strong>Implications of Russia-India-China Trilateral Cooperation</strong>
Examines Russia-India-China trilateral cooperation dynamics amid U.S. tariffs and sanctions. Analyzes likelihood of formal bloc formation and strategic implications for government policy and business oper…
rss:Malwarebytes Lab
—
00:04 KSA
<strong>Your extensions leak clues about you, so we made sure Browser Guard doesn&#8217;t</strong>
Browser extensions can be exploited to create user profiles for advertisers and scammers through fingerprinting techniques. Malwarebytes has implemented privacy protections in …
rss:Malwarebytes Lab
—
00:04 KSA
<strong>Russian hacking group targets home and small office routers to spy on users</strong>
FBI, NCSC, and Microsoft have issued warnings about an active Russian cyber campaign targeting home and small office routers. The attackers are hijacking DNS settings to conduct surveill…
rss:Malwarebytes Lab
—
00:04 KSA
<strong>Timeshare owners warned to watch out for cartel-linked scams</strong>
Mexican drug cartels are conducting advance-fee fraud schemes targeting timeshare owners. Authorities warn that scammers pose as legitimate buyers or companies to extract upfront payments from victims …
rss:SecurityWeek
—
00:04 KSA
<strong>Critical Marimo Flaw Exploited Hours After Public Disclosure</strong>
A critical unauthenticated vulnerability in Marimo was exploited in the wild within nine hours of public disclosure. The rapid weaponization demonstrates the immediate threat posed by publicly disclose…
rss:SecurityWeek
—
00:04 KSA
<strong>Google Rolls Out Cookie Theft Protections in Chrome</strong>
Google introduced Device Bound Session Credentials in Chrome to protect against session cookie theft. The new feature cryptographically binds authentication sessions to specific devices, rendering stolen cookie…
rss:SecurityWeek
—
00:04 KSA
<strong>Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users</strong>
Microsoft discovered a vulnerability in EngageLab SDK affecting millions of Android cryptocurrency wallet users. The security flaw was reported to the vendor one year ago, raising con…
rss:Dark Reading
—
00:03 KSA
<strong>Russia's 'Fancy Bear' APT Continues Its Global Onslaught</strong>
Russia's Fancy Bear APT group continues widespread cyber espionage campaigns globally. Security experts emphasize that organizations don't need advanced capabilities to defend themselves, bu…
rss:Dark Reading
—
00:03 KSA
<strong>'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues</strong>
A researcher under the alias 'Chaotic Eclipse' publicly released a proof-of-concept exploit for an unpatched Windows zero-day vulnerability that enables local privilege escal…
rss:Dark Reading
—
00:03 KSA
<strong>Do Ceasefires Slow Cyberattacks? History Suggests Not</strong>
The cybersecurity community questions whether Iranian state-sponsored hackers will respect recent ceasefire agreements that don't explicitly mention or involve cyber operations. Historical precedent suggests …
rss:The Hacker News
—
00:03 KSA
<strong>EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs</strong>
A critical security vulnerability was discovered in the EngageLab SDK, a third-party Android development kit, affecting 50 million users including 30 million cryptocurrency wallet…
rss:The Hacker News
—
00:03 KSA
<strong>UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns</strong>
A newly identified threat actor UAT-10362 is conducting sophisticated spear-phishing campaigns against Taiwanese NGOs and universities using a novel Lua-based malware called Luci…
rss:The Hacker News
—
00:03 KSA
<strong>ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories</strong>
A comprehensive threat bulletin covering multiple cybersecurity incidents including a hybrid P2P botnet, a 13-year-old Apache remote code execution vulnerability being actively ex…
rss:BleepingComputer
—
00:03 KSA
<strong>Google rolls out Gmail end-to-end encryption on mobile devices</strong>
Google has deployed end-to-end encryption for Gmail on Android and iOS devices, enabling enterprise users to securely read and compose emails without requiring additional tools. This security enhance…
rss:BleepingComputer
—
00:03 KSA
<strong>New ‘LucidRook’ malware used in targeted attacks on NGOs, universities</strong>
A newly discovered Lua-based malware called LucidRook is being deployed in targeted spear-phishing campaigns against NGOs and universities in Taiwan. The sophisticated malware represents an e…
rss:BleepingComputer
—
00:03 KSA
<strong>New VENOM phishing attacks steal senior executives' Microsoft logins</strong>
Cybercriminals are leveraging a new phishing-as-a-service platform called VENOM to target C-suite executives' Microsoft credentials across multiple industries. This sophisticated PhaaS ope…
rss:CISA Advisories
—
00:02 KSA
<strong>Hitachi Energy Ellipse</strong>
Hitachi Energy disclosed a Jasper Report vulnerability in Ellipse product versions enabling remote code execution (RCE) attacks. The vulnerability poses significant risk to industrial control systems and requires immediate remediation acti…
rss:CISA Advisories
—
00:02 KSA
<strong>Siemens SICAM 8 Products</strong>
Multiple Siemens SICAM 8 industrial products contain vulnerabilities that could enable denial of service attacks, affecting critical infrastructure components including SICAM A8000, SICAM EGS, and SICAM S8000 device firmware. These vulne…
rss:Recorded Future
—
23:02 KSA
<strong>Latin America and the Caribbean Cybercrime Landscape</strong>
Recorded Future's 2025 report analyzes cybercrime trends in Latin America and the Caribbean region. The report examines the evolving threat landscape and criminal ecosystem developments that may have implicati…
rss:Recorded Future
—
23:02 KSA
<strong>Panorama del cibercrimen en América Latina y el Caribe</strong>
Spanish-language version of Recorded Future's 2025 cybercrime report covering Latin America and Caribbean trends. The report provides insights into regional cyber threat developments and criminal ecosystem e…
rss:Recorded Future
—
23:02 KSA
<strong>Industrialization of the Fraud Ecosystem Blog</strong>
Payment fraud has become industrialized with standardized attack infrastructure, creating detectable patterns. Financial institutions can leverage these predictable fraud patterns to implement proactive detection and…
rss:Malwarebytes Lab
—
23:02 KSA
<strong>NSFW app leak exposes 70,000 prompts linked to individual users</strong>
MyLovelyAI application suffered a data breach exposing personal information, explicit prompts, and images of over 100,000 users. The leak creates significant risks of sextortion and doxxing attacks …
rss:Malwarebytes Lab
—
23:02 KSA
<strong>30,000 private Facebook images allegedly downloaded by Meta employee</strong>
A Meta employee allegedly developed a custom script to bypass internal security controls and download 30,000 private Facebook images. This insider threat demonstrates vulnerabilities in interna…
rss:Malwarebytes Lab
—
23:02 KSA
<strong>This fake Windows support website delivers password-stealing malware</strong>
Cybercriminals created a convincing fake Microsoft support website that distributes password-stealing malware. The malicious site tricks users into downloading malware capable of stealing crede…
rss:SecurityWeek
—
23:01 KSA
<strong>Orthanc DICOM Vulnerabilities Lead to Crashes, RCE</strong>
Critical vulnerabilities discovered in Orthanc DICOM medical imaging software could allow attackers to execute arbitrary code remotely, cause system crashes through denial-of-service attacks, and disclose sensit…
rss:SecurityWeek
—
23:01 KSA
<strong>Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000</strong>
Google released Chrome 147 patching 60 security vulnerabilities including two critical flaws in the WebML component reported by anonymous researchers. Organizations should prioriti…
rss:SecurityWeek
—
23:01 KSA
<strong>MITRE Releases Fight Fraud Framework</strong>
MITRE released the Fight Fraud Framework, a behavior-based model documenting tactics and techniques used by fraudsters. This framework helps organizations understand and defend against fraud-related cyber threats by providing…
rss:Dark Reading
—
23:01 KSA
<strong>Orange Business Reimagines Enterprise Voice Communications With Trust and AI</strong>
Orange Business announces enterprise voice communications solution integrating AI capabilities with security focus. The development represents evolution in corporate telecommunications …
rss:Dark Reading
—
23:01 KSA
<strong>Industrial Controllers Still Vulnerable As Conflicts Move to Cyber</strong>
US government issues warning about targeted attacks on programmable logic controllers (PLCs) in industrial environments. Security research identifies 179 vulnerable operational technology devices…
rss:Dark Reading
—
23:01 KSA
<strong>Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?</strong>
Anthropic releases Mythos Preview AI model capable of discovering and exploiting critical zero-day vulnerabilities autonomously. The vendor implements security controls to prevent misuse, raising …
rss:The Hacker News
—
23:01 KSA
<strong>Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows</strong>
Google has released Device Bound Session Credentials (DBSC) for all Windows users of Chrome 146 to prevent session theft attacks. This security feature binds user sessions to specific devices,…
rss:The Hacker News
—
23:01 KSA
<strong>Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure</strong>
A critical remote code execution vulnerability (CVE-2026-39987, CVSS 9.3) in Marimo Python notebook was exploited within 10 hours of public disclosure. The pre-authentication flaw allows atta…
rss:The Hacker News
—
23:01 KSA
<strong>Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers</strong>
Threat actors compromised Nextend's update servers to distribute a backdoored version of Smart Slider 3 Pro plugin (v3.5.1.35) for WordPress and Joomla. This supply chain attack all…
rss:BleepingComputer
—
23:00 KSA
<strong>Analysis of one billion CISA KEV remediation records exposes limits of human-scale security</strong>
Analysis of 1 billion CISA KEV remediation records by Qualys reveals that most critical vulnerabilities are exploited by attackers before defenders can patch them. This e…
rss:BleepingComputer
—
23:00 KSA
<strong>CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads</strong>
Attackers compromised CPUID's API and modified download links on the official website to distribute malware through popular system monitoring tools CPU-Z and HWMonitor. This supply chain attack affec…
rss:BleepingComputer
—
23:00 KSA
<strong>Microsoft: Canadian employees targeted in payroll pirate attacks</strong>
Microsoft identifies Storm-2755, a financially motivated threat actor conducting 'payroll pirate' attacks against Canadian employees. The attackers hijack employee accounts to redirect and steal sa…
rss:CISA Advisories
—
23:00 KSA
<strong>Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure</strong>
Iranian APT actors are actively exploiting Programmable Logic Controllers (PLCs) in US critical infrastructure. This represents a significant threat to indus…
rss:CISA Advisories
—
23:00 KSA
<strong>Mitsubishi Electric GENESIS64 and ICONICS Suite products</strong>
Critical vulnerabilities in Mitsubishi Electric GENESIS64 and ICONICS Suite allow local attackers to steal SQL Server credentials. Exploitation could lead to data disclosure, tampering, destruction, or den…
rss:Mandiant Blog
—
21:50 KSA
<strong>vSphere and BRICKSTORM Malware: A Defender's Guide</strong>
Google Threat Intelligence Group reveals BRICKSTORM malware campaign specifically targeting VMware vSphere virtualized environments and vCenter Server Appliance. The threat poses significant risks to organi…
rss:Mandiant Blog
—
21:50 KSA
<strong>North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack</strong>
North Korea-linked threat actor has compromised the widely-used Axios NPM package in an active supply chain attack. Google Threat Intelligence Group is tracking this …
rss:Recorded Future
—
21:50 KSA
<strong>Third-Party Risk Is an Intelligence Operation. It's Time We Treated It Like One.</strong>
Recorded Future emphasizes that traditional vendor risk management relying solely on cybersecurity ratings is no longer sufficient. The company advocates for an intelligence-dr…
rss:Recorded Future
—
21:50 KSA
<strong>Understanding and Anticipating Venezuelan Government Actions</strong>
Analysis of Venezuela's political transition following a hypothetical 2026 US operation, examining Acting President Delcy Rodríguez's strategy and internal threats. While primarily geopolitical, this i…
rss:Recorded Future
—
21:50 KSA
<strong>Day in the Life: Product Manager at Recorded Future</strong>
Career profile interview with a product manager at Recorded Future discussing daily responsibilities. This article has no cybersecurity threat intelligence value and is purely promotional/recruitment content wi…
rss:Malwarebytes Lab
—
21:50 KSA
<strong>Fake Claude site installs malware that gives attackers access to your computer</strong>
A sophisticated fake Claude AI website has been discovered distributing a trojanized application that secretly installs PlugX malware. The malicious site appears convincing and grants…
rss:Malwarebytes Lab
—
21:50 KSA
<strong>ClickFix finds a new way to infect Macs</strong>
ClickFix malware campaigns have evolved to bypass macOS Tahoe security warnings by exploiting Script Editor instead of Terminal. This new technique circumvents Apple's built-in protections against malicious command executi…
rss:Malwarebytes Lab
—
21:50 KSA
<strong>Scammers pose as Amazon support to steal your account</strong>
A widespread phishing campaign is targeting Amazon customers through fraudulent refund scams delivered via email and SMS. Attackers impersonate Amazon support to steal account credentials and personal informa…
rss:SecurityWeek
—
21:49 KSA
<strong>In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack</strong>
Multiple cybersecurity incidents reported including a cyberattack on Stryker medical devices company, a Windows zero-day vulnerability exploitation, and a breach of Chinese sup…
rss:SecurityWeek
—
21:49 KSA
<strong>Juniper Networks Patches Dozens of Junos OS Vulnerabilities</strong>
Juniper Networks released security patches for dozens of vulnerabilities in Junos OS. A critical-severity flaw allows remote attackers to take complete control of vulnerable devices without authenticati…
rss:SecurityWeek
—
21:49 KSA
<strong>Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday</strong>
US government issued warnings about Iran-linked threat actors actively manipulating PLCs and SCADA systems to cause operational disruption in critical infrastructure. The attacks …
rss:Dark Reading
—
21:49 KSA
<strong>Hims Breach Exposes the Most Sensitive Kinds of PHI</strong>
Threat actors breached telehealth provider Hims, exposing highly sensitive personal health information including medical conditions related to hair loss, weight, and sexual health. The breach raises concerns ab…
rss:Dark Reading
—
21:49 KSA
<strong>Your Next Breach Will Look Like Business as Usual</strong>
Cybersecurity teams must fundamentally shift their detection models to identify credential-based attacks that blend with normal business operations. Traditional security tools struggle to detect these attacks as …
rss:Dark Reading
—
21:49 KSA
<strong>FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats</strong>
FINRA has established a Financial Intelligence Fusion Center to enhance collaboration and information sharing against cybersecurity threats and fraud targeting the fina…
rss:Krebs on Securit
—
21:49 KSA
<strong>Russia Hacked Routers to Steal Microsoft Office Tokens</strong>
Russian military intelligence-linked hackers are exploiting vulnerabilities in outdated routers to mass harvest Microsoft Office authentication tokens. This state-sponsored espionage campaign enables unautho…
rss:Krebs on Securit
—
21:49 KSA
<strong>Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab</strong>
German authorities identified Russian national Daniil Maksimovich Shchukin, 31, as the leader behind notorious ransomware groups REvil and GandCrab. He is accused of orchestrating at least 130 cyb…
rss:The Hacker News
—
21:48 KSA
<strong>Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data</strong>
Hungarian intelligence, El Salvador police, and U.S. law enforcement agencies used Webloc, an Israeli-developed advertising-based geolocation surveillance system, to track 500 mill…
rss:The Hacker News
—
21:48 KSA
<strong>GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs</strong>
The GlassWorm campaign has evolved to use a new Zig-based dropper that targets and infects all integrated development environments (IDEs) on developers' machines through malicious Open VSX ext…
rss:The Hacker News
—
21:48 KSA
<strong>Browser Extensions Are the New AI Consumption Channel That No One Is Talking About</strong>
A LayerX report reveals AI browser extensions represent a critical security blind spot in organizations' AI security strategies. While companies focus on shadow AI and GenAI consu…
rss:BleepingComputer
—
21:48 KSA
<strong>Over 20,000 crypto fraud victims identified in international crackdown</strong>
International law enforcement led by UK's NCA identified over 20,000 cryptocurrency fraud victims across Canada, UK, and US. This coordinated crackdown highlights the global scale of crypto-r…
rss:BleepingComputer
—
21:48 KSA
<strong>ChatGPT rolls out new $100 Pro subscription to challenge Claude</strong>
OpenAI launched a new $100 Pro subscription tier for ChatGPT to compete with Claude's pricing structure. This is a business development announcement with no direct cybersecurity implications for Sau…
rss:BleepingComputer
—
21:48 KSA
<strong>Nearly 4,000 US industrial devices exposed to Iranian cyberattacks</strong>
Iranian-linked hackers are targeting US critical infrastructure with nearly 4,000 Internet-exposed Rockwell Automation PLCs vulnerable to attack. This represents a significant threat to industria…
rss:CISA Advisories
—
21:48 KSA
<strong>Contemporary Controls BASC 20T</strong>
Critical vulnerability in Contemporary Controls BASC 20T PLC allows attackers to enumerate components, reconfigure systems, delete files, and execute remote procedure calls. This poses significant risk to industrial control systems…
rss:CISA Advisories
—
21:48 KSA
<strong>GPL Odorizers GPL750</strong>
Vulnerability in GPL Odorizers GPL750 system allows low-privileged remote attackers to manipulate register values controlling odorant injection in gas lines. This could result in dangerous over or under-injection of odorant, posing safety ri…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Saturday, April 11, 2026
CVE Archive ·
Threats ·
News