146
CVEs
176
Threats
0
News
62
Critical
34
CISA KEV
🛡 Security Vulnerabilities (CVE)
Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the genealogy application allows any authenticated user to transfer ownership of arbitrary non-personal teams to themselves. This enables complete takeover of other users…
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backup_[timestamp].…
SolarWinds Web Help Desk — CVE-2025-26399
SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on the host machine.
Required Action: Apply mitigations per vendor instructions, follow applicab…
Apple Multiple Products — CVE-2025-31277
Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web content which may lead to memory corruption.
Required Action: Apply mitigatio…
Craft CMS Craft CMS — CVE-2025-32432
Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use…
Apple Multiple Products — CVE-2025-43510
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes.
Required Action: Apply mitigations pe…
Apple Multiple Products — CVE-2025-43520
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system termination or write kernel memory.
Required Action: Apply mitigati…
Wing FTP Server Wing FTP Server — CVE-2025-47813
Wing FTP Server contains a generation of error message containing sensitive information vulnerability when using a long value in the UID cookie.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-…
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload
Laravel Livewire — CVE-2025-54068
Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01…
Synacor Zimbra Collaboration Suite (ZCS) — CVE-2025-66376
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability in the Classic UI where attackers could abuse Cascading Style Sheets (CSS) @import directives in email HTML.
Required Action: Apply mi…
n8n n8n — CVE-2025-68613
n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-…
Ivanti Endpoint Manager Mobile (EPMM) — CVE-2026-1340
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
Required Action: Apply mitigations per vendor instructions, follow app…
CVE-2026-20131
Cisco Secure Firewall Management Center Unauthenticated RCE via Deserialization
01:52 KSA
Cisco Secure Firewall Management Center (FMC) — CVE-2026-20131
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that co…
CVE-2026-22207
OpenViking Broken Access Control - Unauthenticated ROOT Privilege Escalation
05:22 KSA
OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configuration is omitted. Attackers can send requests to protected endpoints without auth…
An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request can lead to an arbitrary file read. An attacker can send http request to trigger this vulnerability.
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.445, parameters coming from docker-compose.yaml are not sanitized when used in commands. If a victim user creates an application from an attacker reposi…
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.0, an unauthenticated attacker can pollute the internal state (`restoreFilePath`) of the server via the `/skServer/validateBackup` endpoint. This allows the attacker to hijack the …
Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) file accessible by a public facing URL. When a victim clicks on the URL the acces…
Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to 2.4.24, the DFIR-IRIS datastore file management system has a vulnerability where mass assignment of the file_local_name field combined with path trust in th…
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin value from the request headers as the email link baseUrl without validation. If an attacker controls the Origin, password reset / email verification links in em…
Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Prior to 0.13.0, crafted deeplink can install an attacker-controlled MCP server configuration without sufficient user confirmation and can lead to arbitrary local command exec…
Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an authorized attacker to elevate privileges over a network.
CVE-2026-27510
Unitree Go2 RCE via Unvalidated Python Code Execution in Firmware 1.1.7-1.1.11
05:22 KSA
Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The Android application stores progr…
GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpleCMS-CE v3.3.22 allows an authenticated administrator to overwrite the gsconfig.php configuration file with arbitrary PHP code via the gsconfig editor module. The form lacks CSRF p…
OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao does not prompt for user confirmation when logging in via JWT/OIDC and a role with `callback_mode` set to `direct`. This allows an attacker to start an authentication request and p…
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to escalate the…
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting (XSS) vulnerability in the novo_memorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the H…
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting (XSS) vulnerability in the listar_memorandos_ativos.php endpoint. An attacker can inject arbitrary JavaScript or HTML tags into the sccd GET parameter, which is then…
WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated server-side request forgery vulnerability in `plugin/Live/test.php` allows any remote user to make the AVideo server send HTTP requests to arbitrary URLs. This can be used to pr…
Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.
baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execute arbitrary OS commands on the server due to improper handling of user-controlle…
Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems.
Sodium.xs casts a STRLEN (size_t) to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems size_t is typically 32-bits while an unsigned long…
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instance including OAuth provider credentials and SMTP settings by sending a single HT…
CVE-2026-28370
OpenStack Vitrage Query Parser Code Execution Vulnerability (CVE-2026-28370)
04:30 KSA
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and f…
baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with…
Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network.
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backends. The AllAuth rate limiting conf…
CVE-2018-8639
Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability — Microsoft Windows Win32k contains an impr
11:01 KSA
Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability — Microsoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authenticated privilege escalation. An attacker who successfully exploited this vulnerabi…
CVE-2018-8653
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability — Microsoft Internet Explorer contains a me
11:01 KSA
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability — Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution.
CVE-2018-9276
Paessler PRTG Network Monitor OS Command Injection Vulnerability — Paessler PRTG Network Monitor contains an OS command
11:01 KSA
Paessler PRTG Network Monitor OS Command Injection Vulnerability — Paessler PRTG Network Monitor contains an OS command injection vulnerability that allows an attacker with administrative privileges to execute commands via the PRTG System Administrator web console.
CVE-2019-0193
Apache Solr DataImportHandler Code Injection Vulnerability — The optional Apache Solr module DataImportHandler contains
11:01 KSA
Apache Solr DataImportHandler Code Injection Vulnerability — The optional Apache Solr module DataImportHandler contains a code injection vulnerability.
CVE-2019-0211
Apache HTTP Server Privilege Escalation Vulnerability — Apache HTTP Server, with MPM event, worker or prefork, code exec
11:01 KSA
Apache HTTP Server Privilege Escalation Vulnerability — Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute code with the privileges o…
CVE-2019-0344
SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability — SAP Commerce Cloud (formerly known as Hybris) conta
11:01 KSA
SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability — SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection.
CVE-2019-0541
Microsoft MSHTML Remote Code Execution Vulnerability — Microsoft MSHTML engine contains an improper input validation vul
11:01 KSA
Microsoft MSHTML Remote Code Execution Vulnerability — Microsoft MSHTML engine contains an improper input validation vulnerability that allows for remote code execution vulnerability.
CVE-2019-0543
Microsoft Windows Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when Windows improper
11:01 KSA
Microsoft Windows Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
CVE-2019-0604
Microsoft SharePoint Remote Code Execution Vulnerability — Microsoft SharePoint fails to check the source markup of an a
11:01 KSA
Microsoft SharePoint Remote Code Execution Vulnerability — Microsoft SharePoint fails to check the source markup of an application package. An attacker who successfully exploits the vulnerability could run remote code in the context of the SharePoint application pool and the Shar…
CVE-2019-0676
Microsoft Internet Explorer Information Disclosure Vulnerability — An information disclosure vulnerability exists when I
11:01 KSA
Microsoft Internet Explorer Information Disclosure Vulnerability — An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk.
CVE-2019-0703
Microsoft Windows SMB Information Disclosure Vulnerability — An information disclosure vulnerability exists in the way t
11:01 KSA
Microsoft Windows SMB Information Disclosure Vulnerability — An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which could lead to information disclosure from the server.
CVE-2019-0708
Microsoft Remote Desktop Services Remote Code Execution Vulnerability — Microsoft Remote Desktop Services, formerly know
11:01 KSA
Microsoft Remote Desktop Services Remote Code Execution Vulnerability — Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send speciall…
CVE-2019-0752
Microsoft Internet Explorer Type Confusion Vulnerability — A remote code execution vulnerability exists in the way that
11:01 KSA
Microsoft Internet Explorer Type Confusion Vulnerability — A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer
CVE-2019-0797
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains a privilege escalation vulnerability whe
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains a privilege escalation vulnerability when the Win32k component fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.
CVE-2019-0803
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains an unspecified vulnerability due to it f
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
CVE-2019-0808
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains a privilege escalation vulnerability due
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains a privilege escalation vulnerability due to the component failing to properly handle objects in memory. Successful exploitation allows an attacker to run code in kernel mode.
CVE-2019-0841
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability — A privilege escalation vulnerab
11:01 KSA
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated co…
CVE-2019-0859
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k fails to properly handle objects in memory causin
11:01 KSA
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
CVE-2019-0863
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability — Microsoft Windows Error Reporting (WER) con
11:01 KSA
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability — Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.
CVE-2019-0880
Microsoft Windows Privilege Escalation Vulnerability — A local elevation of privilege vulnerability exists in how splwow
11:01 KSA
Microsoft Windows Privilege Escalation Vulnerability — A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medi…
CVE-2019-0903
Microsoft GDI Remote Code Execution Vulnerability — A remote code execution vulnerability exists in the way that the Win
11:01 KSA
Microsoft GDI Remote Code Execution Vulnerability — A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected…
CVE-2019-1003029
Jenkins Script Security Plugin Sandbox Bypass Vulnerability — Jenkins Script Security Plugin contains a protection mecha
11:01 KSA
Jenkins Script Security Plugin Sandbox Bypass Vulnerability — Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.
CVE-2019-1003030
Jenkins Matrix Project Plugin Remote Code Execution Vulnerability — Jenkins Matrix Project plugin contains a vulnerabili
11:01 KSA
Jenkins Matrix Project Plugin Remote Code Execution Vulnerability — Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.
CVE-2026-20433
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of
12:16 KSA
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed…
CVE-2026-22683
Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnerability that allows users with the Operat
18:17 KSA
Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnerability that allows users with the Operator role to perform prohibited entity creation and modification actions via the backend API. Although Operators are documented and priced as unable to create or …
CVE-2026-30460
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in t
14:52 KSA
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Blocks module.
CVE-2026-3243
The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path
00:18 KSA
The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the create_crop function in all versions up to, and including, 1.2.5. This makes it possible for authenticated attackers, with Subscriber-level a…
CVE-2026-3357
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the sys
00:18 KSA
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of untrusted data in the FAISS component.
CVE-2026-3499
The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to C
00:18 KSA
The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 13.4.6 through 13.5.2.1. This is due to missing or incorrect nonce validation on the ajax_migrate_to_custom_post_type, aja…
CVE-2026-39342
ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with th
18:17 KSA
ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with the QueryID=15 is vulnerable to a SQL injection. The authenticated user requires access to Data/Reports > Query Menu and access to the "Advanced Search" query. Th…
CVE-2026-5465
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object R
14:52 KSA
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.3. This is due to the `UpdateProviderCommandHandler` failing to validate changes to the `externalId` field wh…
CVE-2026-6120
A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/Dhcp
22:47 KSA
A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploi…
CVE-2026-6121
A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /go
05:16 KSA
A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The exp…
CVE-2026-6122
A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /
05:16 KSA
A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The expl…
CVE-2026-6123
A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat
05:16 KSA
A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of the argument entrys results in stack-based buffer overflow. Remote exploitation of the attack is possible.…
CVE-2026-6124
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the f
05:16 KSA
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack…
CVE-2026-6133
A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file
15:16 KSA
A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicl…
CVE-2026-6134
A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqosset
21:18 KSA
A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation of the argument qos results in stack-based buffer overflow. The attack is possible to be carried …
CVE-2026-1342
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1
18:17 KSA
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to execute mali…
CVE-2018-25258
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass
05:16 KSA
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger …
CVE-2019-25689
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code
05:16 KSA
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register…
CVE-2019-25691
Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attac
05:16 KSA
Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Re…
CVE-2019-25695
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting mali
05:16 KSA
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.…
CVE-2019-25701
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that a
05:16 KSA
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger …
CVE-2019-25705
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or e
09:00 KSA
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding bu…
CVE-2026-4788
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a loc
00:18 KSA
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.
CVE-2019-25697
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries
05:16 KSA
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requests to category.php with malicious cat_id values to extract sensitive database …
CVE-2019-25710
Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint tha
09:00 KSA
Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Attackers can inject malicious SQL code through the rowid POST parameter to extract sensitive database info…
CVE-2026-4740
A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM).
14:52 KSA
A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the OC…
CVE-2026-5436
The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1.
00:18 KSA
The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1. This is due to insufficient validation of the $name parameter (upload field key) passed to the generate_user_file_dirpath() function, which uses WordPress's pa…
CVE-2026-40029
parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsa
00:18 KSA
parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsanitized into an os.popen() shell command, allowing arbitrary command execution via crafted .lnk filenames containing shell metacharacters. An attacker can craft…
CVE-2019-25706
Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom
09:00 KSA
Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sensitive information by sending a simple GET request. Attackers can access the rom-0 endpoint without authentication to retrieve and …
CVE-2025-50650
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the ro
00:18 KSA
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the routes_static parameter in the /router.asp endpoint.
CVE-2025-50652
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint
00:18 KSA
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint.
CVE-2025-50653
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem paramet
00:18 KSA
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem parameters in the /time_group.asp endpoint.
CVE-2025-50654
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in th
00:18 KSA
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in the /thd_member.asp endpoint.
CVE-2026-3396
WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter
00:18 KSA
WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter in all versions up to, and including, 4.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL …
CVE-2026-35525
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for {% include %},
00:18 KSA
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for {% include %}, {% render %}, and {% layout %}, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is …
CVE-2026-40027
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.p
00:18 KSA
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.py artifact parser that uses attacker-controlled file_name_from values from a database directly as the output filename, allowing arbitrary file writes outside th…
CVE-2026-5688
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setDdnsCfg
08:48 KSA
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit ha…
CVE-2026-5689
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setNtpCfg of
08:48 KSA
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The…
CVE-2026-5690
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setRemoteCfg of the
08:48 KSA
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed remotely. The exploit h…
CVE-2026-5691
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setFirewallType of th
12:16 KSA
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setFirewallType of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument firewallType leads to os command injection. The attack is possible to be carried out remotely. The…
CVE-2026-5692
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGameSpeedCfg of the fil
12:16 KSA
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit has been m…
CVE-2026-5736
A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-serve
18:17 KSA
A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-server/powerjob-server-starter/src/main/java/tech/powerjob/server/web/controller/InstanceController.java of the component detailPlus Endpoint. The manipulation of th…
CVE-2026-5739
A security flaw has been discovered in PowerJob 5.1.0/5.1.1/5.1.2. The affected element is the function GroovyEvaluator.
18:17 KSA
A security flaw has been discovered in PowerJob 5.1.0/5.1.1/5.1.2. The affected element is the function GroovyEvaluator.evaluate of the file /openApi/addWorkflowNode of the component OpenAPI Endpoint. The manipulation of the argument nodeParams results in code injection. The atta…
CVE-2026-5741
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stop_con
18:17 KSA
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stop_container/remove_container/pull_image of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possib…
CVE-2026-5802
A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP
00:18 KSA
A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP Interface. Such manipulation of the argument jarFilePath leads to os command injection. It is possible to launch the attack remotely. The exploit is publicly av…
CVE-2026-5805
A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of
00:18 KSA
A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contact_us.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has b…
CVE-2026-6110
A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generate_thoughts of t
22:47 KSA
A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generate_thoughts of the file metagpt/strategy/tot.py of the component Tree-of-Thought Solver. The manipulation leads to code injection. It is possible to initiate the attack remotel…
CVE-2026-6126
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function
05:16 KSA
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has…
CVE-2026-6129
A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the
09:00 KSA
A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and …
CVE-2026-6130
A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/
15:16 KSA
A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component Model Context Protocol Server Management System. Executing a manipulation of the argument args/env can lead to …
CVE-2026-1343
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1
20:54 KSA
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 allows an attacker to contact internal authentication en…
CVE-2026-22666
Dolibarr ERP/CRM versions prior to 23.0.2 contain an authenticated remote code execution vulnerability in the dol_eval_s
14:52 KSA
Dolibarr ERP/CRM versions prior to 23.0.2 contain an authenticated remote code execution vulnerability in the dol_eval_standard() function that fails to apply forbidden string checks in whitelist mode and does not detect PHP dynamic callable syntax. Attackers with administrator p…
CVE-2026-4808
The Gerador de Certificados – DevApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file t
00:18 KSA
The Gerador de Certificados – DevApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the moveUploadedFile() function in all versions up to, and including, 1.3.6. This makes it possible for authenticated attackers, with Administ…
CVE-2018-25257
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate
05:16 KSA
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileForm. Attackers can submit crafted SQL statements in the profile edit endpoint to …
CVE-2019-25693
ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL q
05:16 KSA
ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collection_edit.php. Attackers can submit POST requests with crafted SQL payloads in the ke…
CVE-2019-25699
Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authentic
05:16 KSA
Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and boolean-based injection techniques. Attackers can inject malicious SQL code throug…
CVE-2019-25703
ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipul
09:00 KSA
ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Attackers can send POST requests to the admin.php endpoint with malicious 'bid' values c…
CVE-2019-25707
eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL qu
09:00 KSA
eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to pdf.php with crafted SQL payloads in the 'id' parameter to extr…
CVE-2019-25713
MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL querie
09:00 KSA
MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Charge[group_total] parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-bas…
CVE-2026-22682
OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in file tools due to inco
18:17 KSA
OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in file tools due to inconsistent parameter handling in permission enforcement, allowing attackers who can influence agent tool execution to read arbitrary local files outside the inten…
CVE-2026-32589
A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any reposit
00:18 KSA
A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow th…
CVE-2026-32590
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores interm
00:18 KSA
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.
CVE-2026-40024
The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write fi
00:18 KSA
The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image.…
CVE-2026-39883
OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed th
00:18 KSA
OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to use an absolute path but left the BSD kenv command using a bare name, allowing the same PATH hijacking attack on BSD and Solaris platf…
CVE-2026-5207
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and i
10:29 KSA
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it…
CVE-2026-3498
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'clientId' block attribute
08:16 KSA
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'clientId' block attribute in all versions up to, and including, 2.2.15. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated atta…
CVE-2026-4895
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in
08:16 KSA
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 12.8.9 This is due to insufficient input sanitization and output escaping in the gspb_greenShift_block_script_assets() function. …
CVE-2026-6108
A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps
10:29 KSA
A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py of the component Model Context Protocol Node. Performing a manipulation results in os command injecti…
CVE-2026-6111
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of t
10:29 KSA
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of the file metagpt/utils/common.py. The manipulation of the argument img_url_or_b64 results in server-side request forgery. It is possible to launch the attack rem…
CVE-2026-6117
A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of
12:32 KSA
A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload Endpoint. The manipulation of the argument File results in sandbox issue. The attack…
CVE-2026-6118
A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function add_mcp_server of the file
12:32 KSA
A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function add_mcp_server of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This manipulation of the argument command causes command injection. The attack is possible to b…
CVE-2026-6119
A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get o
16:39 KSA
A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get of the component API Endpoint. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The exploit is publicly available…
CVE-2026-6125
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpressio
16:39 KSA
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag resu…
CVE-2019-25711
SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the appli
01:25 KSA
SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized buffer in the Name field during registration. Attackers can generate a 256-byte payload, paste it into the Name input field, an…
CVE-2019-25712
BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers t
01:25 KSA
BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can trigger a denial of service by entering a 256-byte buffer of repeated characters in …
CVE-2017-20239
MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by inj
21:00 KSA
MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by injecting malicious code through the location hash parameter. Attackers can craft URLs with JavaScript payloads in the hash fragment that are parsed and rendered w…
CVE-2026-35667
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-27486 where the !stop chat command uses an unpatched k
05:54 KSA
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-27486 where the !stop chat command uses an unpatched killProcessTree function from shell-utils.ts that sends SIGKILL immediately without graceful SIGTERM shutdown. Attackers can trigger process termination via the …
CVE-2026-5226
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL
10:29 KSA
The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient output escaping on user-supplied URL paths in the get_current_url() function, which a…
CVE-2026-35670
OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies t
05:54 KSA
OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect web…
CVE-2026-33119
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized
08:16 KSA
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-3358
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized private course e
08:16 KSA
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized private course enrollment in all versions up to, and including, 3.9.7. This is due to missing post_status validation in the `enroll_now()` and `course_enrollment()` functions. …
CVE-2026-35664
OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired
03:50 KSA
OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired recipients to mint legacy callback payloads. Attackers can send raw card commands to bypass DM pairing restrictions and reach callback handling without proper a…
CVE-2026-35665
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request
03:50 KSA
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-32011 where the Feishu webhook handler accepts request bodies with permissive limits of 1MB and 30-second timeout before signature verification. An unauthenticated attacker can exhaust server connection resources b…
CVE-2026-4979
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPre
08:16 KSA
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to blind Server-Side Request Forgery in all versions up to, and including, 1.2.58. This is due to insufficient URL origin validation in the pro…
⚠️ Threat Intelligence
176 threats
rss:Dark Reading
—
02:16 KSA
<strong>What Orgs Can Learn From Olympics, World Cup IR Plans</strong>
Cyberattackers are targeting the Milan-Cortina Winter Games, continuing a pattern of attacks on major sporting events. Despite the larger attack surface of such events, enterprises can extract valuable incide…
rss:Dark Reading
—
02:16 KSA
<strong>A Guy Who Wrote the Code Died in 2005. I Still Have to Secure It</strong>
American critical infrastructure faces severe cybersecurity challenges due to reliance on decades-old industrial control systems. Organizations are forced to source 30-year-old controllers from pla…
rss:Dark Reading
—
02:16 KSA
<strong>INC Ransomware Group Holds Healthcare Hostage in Oceania</strong>
The INC ransomware group has launched serious attacks against healthcare organizations in Australia, New Zealand, and Tonga, targeting government agencies and emergency clinics. This prolific ransomware ou…
rss:The Hacker News
—
02:16 KSA
<strong>DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover</strong>
A sophisticated iOS exploit kit called DarkSword has been actively used by multiple threat actors since November 2025, leveraging six vulnerabilities including three zero-days to achiev…
rss:The Hacker News
—
02:16 KSA
<strong>CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks</strong>
CISA has issued urgent warnings to government agencies regarding active exploitation of vulnerabilities in Synacor Zimbra Collaboration Suite and Microsoft SharePoint. Addit…
rss:The Hacker News
—
02:16 KSA
<strong>OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs</strong>
The U.S. Treasury's OFAC has sanctioned six individuals and two entities involved in a North Korean IT worker scheme that uses fake remote job positions to defraud U.S. businesse…
rss:Dark Reading
—
01:00 KSA
<strong>Delinea's StrongDM Acquisition Highlights the Changing Role of PAM</strong>
Delinea's acquisition of StrongDM enhances privileged access management capabilities by integrating ephemeral credential injection into developer workflows. This advancement strengthens secu…
rss:Dark Reading
—
01:00 KSA
<strong>Why Stryker's Outage Is a Disaster Recovery Wake-Up Call</strong>
An Iranian cyberattack on Stryker exposed critical gaps in business continuity and disaster recovery planning. The incident demonstrates that organizations must prepare for sophisticated nation-state …
rss:Dark Reading
—
01:00 KSA
<strong>Commercial Spyware Opponents Fear US Policy Shifting</strong>
The Trump administration's reversal of sanctions and reactivation of contracts with commercial spyware vendors has created policy uncertainty. This shift raises concerns about oversight of surveillance technol…
rss:Dark Reading
—
01:00 KSA
<strong>Delinea's StrongDM Acquisition Highlights the Changing Role of PAM</strong>
Delinea's acquisition of StrongDM enhances privileged access management capabilities by injecting ephemeral credentials into developer workflows. This advancement strengthens security contro…
rss:Dark Reading
—
01:00 KSA
<strong>Why Stryker's Outage Is a Disaster Recovery Wake-Up Call</strong>
An Iranian cyberattack on Stryker exposed critical gaps in business continuity and disaster recovery planning. The incident demonstrates that many organizations lack adequate preparation for sophistic…
rss:The Hacker News
—
01:00 KSA
<strong>ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More</strong>
Multiple cybersecurity threats identified including FortiGate ransomware-as-a-service operations, Citrix vulnerabilities being exploited, and LiveChat-based phishing campa…
rss:The Hacker News
—
01:00 KSA
<strong>New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data</strong>
New Android banking malware called Perseus discovered actively targeting mobile devices for device takeover and financial fraud. Built on Cerberus and Phoenix malware foundations, …
rss:The Hacker News
—
01:00 KSA
<strong>How Ceros Gives Security Teams Visibility and Control in Claude Code</strong>
Security teams face new challenges with AI coding agents like Claude Code operating outside traditional identity and access controls in enterprise environments. Organizations need visibility an…
rss:Dark Reading
—
23:54 KSA
<strong>Real-Time Banking Trojan Strikes Brazil's Pix Users</strong>
A sophisticated banking Trojan campaign targeting Brazil's Pix payment system combines automated malware with real-time human operators who monitor victims and execute attacks at optimal moments. This hybr…
rss:Dark Reading
—
23:54 KSA
<strong>Why Post-Quantum Cryptography Can't Wait</strong>
Organizations must urgently prepare for post-quantum cryptography as quantum computers threaten to break current encryption standards. Delaying implementation could leave sensitive data vulnerable to future decryptio…
rss:Dark Reading
—
23:54 KSA
<strong>Iran MOIS Colludes With Criminals to Boost Cyberattacks</strong>
Iranian state-sponsored APT groups affiliated with the Ministry of Intelligence (MOIS) are now actively collaborating with cybercriminal organizations, blurring the lines between nation-state and criminal o…
rss:The Hacker News
—
23:54 KSA
<strong>Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks</strong>
Apple warns users of outdated iOS versions about web-based attacks using Coruna and DarkSword exploit kits. These sophisticated exploit kits deliver malicious web content targeting vul…
rss:The Hacker News
—
23:54 KSA
<strong>Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers</strong>
New Speagle malware hijacks legitimate Cobra DocGuard software infrastructure to steal sensitive data from infected systems. The malware exploits the trusted program's functionality to …
rss:The Hacker News
—
23:54 KSA
<strong>54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security</strong>
Analysis reveals 54 EDR killer programs exploit 35 vulnerable signed drivers using BYOVD technique to disable security systems. These tools are commonly deployed in ransomware …
rss:Dark Reading
—
22:44 KSA
<strong>Cyberattackers Don't Care About Good Causes</strong>
Nonprofits face significant cybersecurity challenges despite their charitable missions. Industry experts discuss the unique vulnerabilities of nonprofit organizations and recommend strategies for the cybersecurity…
rss:Dark Reading
—
22:44 KSA
<strong>Will AI Save Consumers From Smartphone-Based Phishing Attacks?</strong>
Sophisticated phishing attacks are increasingly bypassing smartphone security protections with alarming frequency. New research from Omdia highlights the critical need for enhanced user awareness and…
rss:Dark Reading
—
22:44 KSA
<strong>Most Google Cloud Attacks Start With Bug Exploitation</strong>
Vulnerability exploitation has overtaken credential theft and misconfigurations as the primary attack vector for Google Cloud compromises. AI-powered attackers are exploiting security flaws faster than organi…
rss:The Hacker News
—
22:43 KSA
<strong>The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks</strong>
Cybercriminals are leveraging AI to create sophisticated phishing campaigns with personalized emails, deepfakes, and adaptive malware that bypass traditional security defenses. This evolution req…
rss:The Hacker News
—
22:43 KSA
<strong>Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover</strong>
A critical vulnerability in Magento's REST API, dubbed PolyShell, allows unauthenticated attackers to upload malicious executables, execute remote code, and take over accounts. This…
rss:The Hacker News
—
22:43 KSA
<strong>DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks</strong>
The U.S. Department of Justice disrupted command-and-control infrastructure for multiple IoT botnets including AISURU, Kimwolf, JackSkid, and Mossad, which controlled 3 million…
rss:Dark Reading
—
21:36 KSA
<strong>Attackers Abuse LiveChat to Phish Credit Card, Personal Data</strong>
Cybercriminals are conducting social engineering attacks by impersonating PayPal and Amazon customer support through LiveChat platforms. The campaign targets users to steal credit card information and …
rss:Dark Reading
—
21:36 KSA
<strong>Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos</strong>
Recent Cisco SD-WAN vulnerabilities have led to circulation of fake proof-of-concept exploits and widespread misunderstanding of actual risks. Security researchers warn that real threats are being overlooke…
rss:Dark Reading
—
21:36 KSA
<strong>The Data Gap: Why Nonprofit Cyber Incidents Go Underreported</strong>
Nonprofit organizations are increasingly targeted by threat actors due to weak security postures and valuable data assets. However, cyber incidents affecting nonprofits remain significantly underreport…
rss:The Hacker News
—
21:36 KSA
<strong>Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets</strong>
Trivy vulnerability scanner was compromised for the second time in a month, with attackers hijacking 75 GitHub Actions tags to deploy malware targeting CI/CD pipeline secrets…
rss:The Hacker News
—
21:36 KSA
<strong>Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure</strong>
Critical vulnerability CVE-2026-33017 in Langflow (CVSS 9.3) was exploited within 20 hours of disclosure, demonstrating rapid weaponization of authentication bypass flaws. The m…
rss:The Hacker News
—
21:36 KSA
<strong>Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams</strong>
Google introduces mandatory 24-hour waiting period for Android sideloading from unverified developers to reduce malware and scam installations. This security enhancement aims to …
rss:BleepingComputer
—
21:36 KSA
<strong>Critical Marimo pre-auth RCE flaw now under active exploitation</strong>
A critical pre-authentication remote code execution vulnerability in Marimo is being actively exploited by threat actors for credential theft. Organizations using Marimo should immediately patch thi…
rss:Dark Reading
—
20:02 KSA
<strong>China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years</strong>
Advanced persistent threat actors linked to China conducted a multi-year cyber espionage campaign against military organizations in Southeast Asia. The attackers deployed novel backdoors and so…
rss:Dark Reading
—
20:02 KSA
<strong>GlassWorm Malware Evolves to Hide in Dependencies</strong>
Malicious GlassWorm extensions have infiltrated the Open VSX marketplace, posing a significant supply chain threat to software developers. The evolved malware hides within code dependencies, potentially compromis…
rss:Dark Reading
—
20:02 KSA
<strong>Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026</strong>
Former Paris 2024 Olympics CISO Franz Regul shares critical cybersecurity insights from protecting one of the world's largest sporting events. The experience highlights unique challenges…
rss:The Hacker News
—
20:02 KSA
<strong>Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse</strong>
Active device code phishing campaign targeting Microsoft 365 identities across 340+ organizations in five countries including U.S., Canada, Australia, New Zealand, and German…
rss:The Hacker News
—
20:02 KSA
<strong>CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026</strong>
CISA added five security vulnerabilities affecting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities catalog. Federal agencies are mandated to patch th…
rss:The Hacker News
—
20:02 KSA
<strong>Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages</strong>
Supply chain attack targeting Trivy scanner has evolved into broader compromise involving 47 npm packages infected with CanisterWorm, a self-propagating worm. The malware demon…
rss:Dark Reading
—
19:00 KSA
<strong>Less Lucrative Ransomware Market Makes Attackers Alter Methods</strong>
Ransomware operators are abandoning Cobalt Strike and shifting to native Windows tools as ransom payment rates reach historic lows. This tactical evolution reflects declining profitability in the ran…
rss:Dark Reading
—
19:00 KSA
<strong>Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish</strong>
Cybersecurity firm Outpost24 successfully defended against a sophisticated 7-stage phishing attack targeting a C-suite executive. The attackers leveraged trusted brands and legitimate domains to attemp…
rss:Dark Reading
—
19:00 KSA
<strong>Warlock Ransomware Group Augments Post-Exploitation Activities</strong>
The Warlock ransomware group has enhanced its post-exploitation capabilities using a new Bring Your Own Vulnerable Driver (BYOVD) technique for stealthier cross-network movement. This advancement all…
rss:The Hacker News
—
19:00 KSA
<strong>Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks</strong>
Kaspersky discovered that the Coruna iOS exploit kit reuses kernel exploit code from the 2023 Operation Triangulation campaign, targeting two Apple iOS security vulnerabilities in new mass…
rss:The Hacker News
—
19:00 KSA
<strong>WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites</strong>
A new payment skimmer malware uses WebRTC data channels to receive payloads and exfiltrate stolen payment data, bypassing Content Security Policy (CSP) protections. This technique avoids tra…
rss:The Hacker News
—
19:00 KSA
<strong>LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace</strong>
Russian law enforcement arrested the alleged administrator of LeakBase cybercrime forum in Taganrog. LeakBase operated as a major marketplace for stolen credentials and compromised data…
rss:Dark Reading
—
17:58 KSA
<strong>Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam</strong>
Phishing campaigns starting in August 2024 impersonate Palo Alto Networks recruiters to defraud job seekers. Attackers use psychological manipulation and LinkedIn-scraped data to target …
rss:Dark Reading
—
17:58 KSA
<strong>Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks</strong>
Four former NSA directors discussed offensive cyber operations and US Cyber Command's role in national security. The debate covered strategic boundaries and ethical considerations for gover…
rss:Dark Reading
—
17:58 KSA
<strong>CSA Launches CSAI Foundation for AI Security</strong>
Cloud Security Alliance established CSAI Foundation, a nonprofit dedicated to securing autonomous AI agent ecosystems. The initiative focuses on risk intelligence and certification frameworks to address emerging AI se…
rss:The Hacker News
—
17:58 KSA
<strong>LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks</strong>
Three critical vulnerabilities discovered in LangChain and LangGraph AI frameworks could allow attackers to access filesystem data, environment secrets, and conversation his…
rss:The Hacker News
—
17:58 KSA
<strong>China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks</strong>
Chinese state-sponsored threat actor Red Menshen has conducted long-term espionage operations by embedding stealthy BPFDoor implants within telecommunications networks to spy on …
rss:The Hacker News
—
17:58 KSA
<strong>ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories</strong>
Weekly security bulletin covering multiple emerging threats including post-quantum cryptography developments, AI vulnerability hunting techniques, pirated software…
rss:Dark Reading
—
16:54 KSA
<strong>Critical Flaw in Langflow AI Platform Under Attack</strong>
Threat actors exploited a code injection vulnerability in Langflow AI platform within hours of public disclosure. The rapid exploitation demonstrates organizations have minimal time to patch critical vulnerabili…
rss:Dark Reading
—
16:54 KSA
<strong>At RSAC, the EU Leads While US Officials Are Sidelined</strong>
At RSA Conference, EU officials are leading cybersecurity policy discussions while US government representatives are notably absent. This shift reflects changing dynamics in global cybersecurity governance a…
rss:Dark Reading
—
16:54 KSA
<strong>Blame Game: Why Public Cyber Attribution Carries Risks</strong>
Public attribution of cyberattacks to specific entities carries significant risks and potential negative consequences. Organizations should carefully evaluate diplomatic, legal, and operational implications …
rss:The Hacker News
—
16:54 KSA
<strong>AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion</strong>
Cybercriminals are deploying adversary-in-the-middle (AitM) phishing attacks to hijack TikTok Business accounts by evading Cloudflare Turnstile protections. Business social media a…
rss:The Hacker News
—
16:54 KSA
<strong>We Are At War</strong>
Rising geopolitical tensions are increasingly manifested through cyber operations, with technology becoming a politicized domain. The article discusses how cyber warfare has become integral to modern conflicts and the fragmentation of global tech p…
rss:The Hacker News
—
16:54 KSA
<strong>Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware</strong>
Pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian companies since January 2025, deploying custom GenieLocker ransomware. These attacks represent politically-m…
rss:Dark Reading
—
15:53 KSA
<strong>Coruna, DarkSword &amp; Democratizing Nation-State Exploit Kits</strong>
Nation-state malware toolkits are being commercialized through Dark Web sales and GitHub leaks, making advanced persistent threat capabilities accessible to less sophisticated actors. This democ…
rss:Dark Reading
—
15:53 KSA
<strong>Is the FCC's Router Ban the Wrong Fix?</strong>
The FCC has banned foreign-manufactured consumer routers by adding them to its prohibited communications devices list. Critics argue this regulatory approach may create supply chain complications and unintended securit…
rss:Dark Reading
—
15:53 KSA
<strong>Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles</strong>
Despite nearly a decade since the landmark 2015 Jeep hack demonstration, automotive cybersecurity remains a critical concern as vehicles become increasingly connected and autonomous. …
rss:The Hacker News
—
15:52 KSA
<strong>Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit</strong>
Apple released iOS 18.7.7 and iPadOS 18.7.7 updates to additional devices to protect against the DarkSword exploit kit. The emergency update addresses critical vulnerabilities being activ…
rss:The Hacker News
—
15:52 KSA
<strong>TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files</strong>
TeamPCP threat actor compromised the telnyx Python package on PyPI by publishing malicious versions 4.87.1 and 4.87.2 that steal sensitive data. The malware is hidden within WAV audio f…
rss:The Hacker News
—
15:52 KSA
<strong>Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks</strong>
A patched vulnerability in Open VSX's pre-publish scanning pipeline allowed malicious VS Code extensions to bypass security checks and be published to the registry. The flaw in the …
rss:SecurityWeek
—
14:48 KSA
<strong>Adobe Patches Reader Zero-Day Exploited for Months</strong>
Adobe has patched CVE-2026-34621, a zero-day vulnerability in Adobe Reader that has been actively exploited for months. The critical flaw allows attackers to execute arbitrary code on affected systems, posing si…
rss:Dark Reading
—
14:48 KSA
<strong>Google's Vertex AI Is Over-Privileged. That's a Problem</strong>
Palo Alto Networks researchers discovered critical over-privilege vulnerabilities in Google's Vertex AI platform that could allow attackers to exploit AI agents for data theft and unauthorized acc…
rss:Dark Reading
—
14:48 KSA
<strong>TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials</strong>
TeamPCP threat group has shifted tactics to conduct rapid attacks on AWS, Azure, and SaaS platforms using stolen credentials. The accelerated attack timeline emphasizes the critical need for organiza…
rss:Dark Reading
—
14:48 KSA
<strong>Google Sets 2029 Deadline for Quantum-Safe Cryptography</strong>
Google has announced a 2029 deadline for completing migration to post-quantum cryptography (PQC) across its systems. This proactive timeline reflects the urgency of preparing cryptographic defenses against …
rss:The Hacker News
—
14:48 KSA
<strong>Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners</strong>
A financially motivated threat operation (REF1695) has been deploying fake installers to distribute remote access trojans and cryptocurrency miners since November 2023. The att…
rss:The Hacker News
—
14:48 KSA
<strong>The State of Trusted Open Source Report</strong>
A comprehensive report analyzing open source software consumption patterns across container images, language libraries, and builds. The report provides insights into security trends and trusted open source usage from Decem…
rss:The Hacker News
—
14:48 KSA
<strong>WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action</strong>
WhatsApp alerted approximately 200 users who were deceived into installing a fake iOS application containing spyware. The majority of targets are located in Italy, and an I…
rss:Dark Reading
—
13:43 KSA
<strong>Are We Training AI Too Late?</strong>
Cybersecurity teams must broaden their threat detection approach beyond historical threat actors to identify emerging AI-driven threats. Traditional security models relying solely on past attack patterns are insufficient for detectin…
rss:Dark Reading
—
13:43 KSA
<strong>The Forgotten Endpoint: Security Risks of Dormant Devices</strong>
Dormant and forgotten devices such as old laptops pose significant security risks as they retain enterprise access credentials and sensitive data. These neglected endpoints can serve as entry points for a…
rss:Dark Reading
—
13:43 KSA
<strong>Axios NPM Package Compromised in Precision Attack</strong>
The Axios NPM package, a widely-used JavaScript HTTP client library, was temporarily compromised in a targeted supply chain attack potentially attributed to North Korean threat actors. This incident highlights th…
rss:The Hacker News
—
13:42 KSA
<strong>Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials</strong>
Attackers exploited the React2Shell vulnerability (CVE-2025-55182) in a massive credential harvesting campaign targeting 766 Next.js hosts. Stolen data includes database credentials, S…
rss:The Hacker News
—
13:42 KSA
<strong>Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise</strong>
Cisco released critical security patches for vulnerabilities in Integrated Management Controller (IMC) and SSM with CVSS score of 9.8. The flaws allow unauthenticated remote attackers to …
rss:The Hacker News
—
13:42 KSA
<strong>ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories</strong>
ThreatsDay Bulletin provides a comprehensive roundup of current cybersecurity threats including pre-authentication exploit chains, Android rootkits, and AWS CloudTra…
rss:Dark Reading
—
12:36 KSA
<strong>LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut</strong>
A new study reveals Latin America's unique cybersecurity talent pool of self-taught professionals is being overlooked by organizations. The research highlights opportunities for expanding rec…
rss:Dark Reading
—
12:36 KSA
<strong>Cyberattacks Intensify Pressure on Latin American Governments</strong>
Cyber threats are increasingly targeting government systems across Latin America, with disruptive attacks in Puerto Rico and a surge of probes against Colombia's health sector. Government infrastructu…
rss:Dark Reading
—
12:36 KSA
<strong>Venom Stealer MaaS Platform Commoditizes ClickFix Attacks</strong>
A new Malware-as-a-Service platform called Venom Stealer provides automated capabilities for creating persistent information-stealing attacks using ClickFix social engineering techniques. The service comm…
rss:The Hacker News
—
12:36 KSA
<strong>CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads</strong>
Threat actors compromised CPUID's website for under 24 hours, replacing legitimate hardware monitoring tools (CPU-Z, HWMonitor) with trojanized versions that deployed STX RAT malware. …
rss:The Hacker News
—
12:36 KSA
<strong>Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621</strong>
Adobe released emergency patches for CVE-2026-34621, a critical vulnerability in Acrobat Reader with CVSS score 8.6 that is being actively exploited in the wild. The flaw allows attackers to com…
rss:The Hacker News
—
12:36 KSA
<strong>Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK</strong>
Solana-based DEX platform Drift lost approximately $285 million in a sophisticated social engineering attack on April 1, 2026, involving durable nonce exploitation. The attack is …
rss:Dark Reading
—
11:32 KSA
<strong>RSAC 2026: AI Dominates, But Community Remains Key to Security</strong>
AI dominated discussions at RSAC 2026, with cybersecurity experts debating the balance between automation and human oversight. The conference highlighted ongoing concerns about AI's role in threat de…
rss:Dark Reading
—
11:32 KSA
<strong>Bank Trojan 'Casbaneiro' Worms Through Latin America</strong>
The Casbaneiro banking Trojan is conducting sophisticated multi-stage campaigns targeting Spanish-speaking users across Latin America. The malware employs advanced evasion techniques and rapid replic…
rss:Dark Reading
—
11:32 KSA
<strong>Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense</strong>
Healthcare organizations face inevitable ransomware attacks that can cause short or long-term operational outages. A chief medical information officer emphasizes the critical importance of conducting r…
rss:The Hacker News
—
11:32 KSA
<strong>UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack</strong>
North Korean threat actors UNC1069 successfully compromised the Axios npm package through a sophisticated social engineering attack targeting its maintainer Jason Saayman. This supply …
rss:The Hacker News
—
11:32 KSA
<strong>Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture</strong>
Third-party vendors, SaaS applications, and subcontractors represent the largest security gap for organizations, as most breaches now originate from trusted external partners rather t…
rss:The Hacker News
—
11:32 KSA
<strong>New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images</strong>
A new variant of SparkCat malware has been discovered on Apple App Store and Google Play Store, targeting cryptocurrency users by stealing recovery phrase images from mobile de…
rss:Dark Reading
—
10:22 KSA
<strong>Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026</strong>
RSAC 2026 Conference highlighted AI-driven cybersecurity threats and their intersection with geopolitical shifts. Discussions focused on how artificial intelligence is reshaping the threat landscape and…
rss:Dark Reading
—
10:22 KSA
<strong>Not Toying Around: Hasbro Attack May Take 'Weeks' to Remediate</strong>
Hasbro disclosed unauthorized access to its systems in an 8-K filing, indicating a significant cyberattack. The company has activated business continuity plans and taken affected systems of…
rss:Dark Reading
—
10:22 KSA
<strong>Security Bosses Are All in on AI: Here's Why</strong>
CISOs are increasingly investing in AI-powered cybersecurity tools with optimistic deployment plans. Reddit's CISO and industry analysts discuss real-world AI implementation successes and challenges in security o…
rss:The Hacker News
—
10:22 KSA
<strong>Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS</strong>
Fortinet released emergency patches for critical vulnerability CVE-2026-35616 (CVSS 9.1) in FortiClient EMS that is being actively exploited. The flaw allows pre-authentication API access bypa…
rss:The Hacker News
—
10:22 KSA
<strong>China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing</strong>
Chinese APT group TA416 (overlaps with DarkPeony, RedDelta) resumed targeting European government and diplomatic organizations since mid-2025 after two years of reduced activity.…
rss:The Hacker News
—
10:22 KSA
<strong>Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers</strong>
Microsoft discovered threat actors deploying PHP web shells on Linux servers that use HTTP cookies as control channels instead of URL parameters for stealth. These web shells…
rss:Dark Reading
—
09:16 KSA
<strong>Claude Source Code Leak Highlights Big Supply Chain Missteps</strong>
A source code leak from Claude AI exposes critical vulnerabilities in software supply chain security. The incident underscores the urgent need to treat software supply chains as critical infrastructure…
rss:Dark Reading
—
09:16 KSA
<strong>Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain</strong>
Chainguard launches Factory 2.0 platform with enhanced security automation capabilities. The upgraded solution provides continuous reconciliation of open source artifacts across conta…
rss:Dark Reading
—
09:16 KSA
<strong>CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry</strong>
CrowdStrike's next-generation SIEM platform now integrates Microsoft Defender telemetry data, marking a significant collaboration between former rivals. The integration enhances threat detecti…
rss:The Hacker News
—
09:16 KSA
<strong>BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks</strong>
Germany's BKA has identified two key leaders of the defunct REvil ransomware-as-a-service operation, including the threat actor known as UNKN, who was responsible for coordinating 130 ransomware a…
rss:The Hacker News
—
09:16 KSA
<strong>$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation</strong>
The April 2026 hack of Drift resulting in the theft of $285 million has been attributed to a sophisticated six-month social engineering campaign orchestrated by North Korean (DPRK) sta…
rss:The Hacker News
—
09:16 KSA
<strong>36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants</strong>
Researchers discovered 36 malicious npm packages disguised as legitimate Strapi CMS plugins that exploit Redis and PostgreSQL services to deploy reverse shells, harvest credentia…
rss:Dark Reading
—
08:01 KSA
<strong>Apple Breaks Precedent, Patches DarkSword for iOS 18</strong>
Apple has released security patches for iOS 18 to protect against DarkSword, a severe mobile OS exploitation tool. This unprecedented move allows organizations with users on older iOS versions to defend agains…
rss:Dark Reading
—
08:01 KSA
<strong>Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting</strong>
Multiple organizations are reporting breaches linked to TeamPCP's supply chain attacks. The situation is complicated by ShinyHunters and Lapsus$ groups claiming involvement, creating attribution chal…
rss:Dark Reading
—
08:01 KSA
<strong>Picking Up 'Skull Vibrations'? Could Be XR Headset Authentication</strong>
Emerging research demonstrates that skull vibration harmonics generated by vital signs can be used for biometric authentication in VR, AR, and MR headsets. This novel authentication meth…
rss:Recorded Future
—
08:00 KSA
<strong>Addressing the vulnerability prioritization challenge</strong>
Organizations face vulnerability overload as CVSS scores alone prove insufficient for effective prioritization. A three-pillar framework incorporating real-world threat intelligence, environmental context, an…
rss:The Hacker News
—
08:00 KSA
<strong>⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More</strong>
Multiple critical security incidents occurred this week including software tampering, active zero-day vulnerabilities in widely-used tools, and exploitation of existing vulnera…
rss:The Hacker News
—
08:00 KSA
<strong>How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers</strong>
Developer workstations have become critical attack targets as they store and manage credentials across multiple services, tools, and AI agents. The TeamPCP threat actor exploited LiteLLM …
rss:The Hacker News
—
08:00 KSA
<strong>Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools</strong>
Qilin and Warlock ransomware groups are using Bring Your Own Vulnerable Driver (BYOVD) technique to disable over 300 endpoint detection and response (EDR) security tools on compromised…
rss:Dark Reading
—
08:00 KSA
<strong>Shadow AI in Healthcare Is Here to Stay</strong>
Healthcare professionals increasingly use unauthorized AI tools to manage workloads, creating security risks. Organizations must strengthen security protocols to contain potential breaches from shadow AI usage in medical e…
rss:Dark Reading
—
08:00 KSA
<strong>OWASP GenAI Security Project Gets Update, New Tools Matrix</strong>
OWASP identifies 21 security risks specific to generative AI systems and releases updated guidance. The organization recommends separate security approaches for GenAI and agentic AI systems to address em…
rss:Dark Reading
—
08:00 KSA
<strong>Inconsistent Privacy Labels Don't Tell Users What They Are Getting</strong>
Mobile app privacy labels lack consistency and fail to adequately inform users about data collection practices. Current privacy labeling systems need significant improvement to provide meani…
rss:The Hacker News
—
08:00 KSA
<strong>Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations</strong>
Iranian threat actors conducted password-spraying attacks against Microsoft 365 environments in Israel and UAE during Middle East conflicts. The ongoing campaign occurred in …
rss:The Hacker News
—
08:00 KSA
<strong>DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea</strong>
North Korean-linked threat actors are leveraging GitHub as command-and-control infrastructure in sophisticated multi-stage attacks against South Korean organizations. This techniqu…
rss:The Hacker News
—
08:00 KSA
<strong>Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps</strong>
Modern cyberattacks target multiple operating systems simultaneously, exploiting Windows, macOS, Linux, and mobile devices across enterprise environments. SOC teams face challenges in detecting cro…
rss:BleepingComputer
—
08:00 KSA
<strong>Bubble AI app builder abused to steal Microsoft account credentials</strong>
Cybercriminals are exploiting the Bubble no-code platform to create and host malicious web applications that bypass phishing detection systems. These fraudulent apps are specifically designed to…
rss:BleepingComputer
—
08:00 KSA
<strong>New Torg Grabber infostealer malware targets 728 crypto wallets</strong>
A newly discovered infostealer malware named Torg Grabber is targeting 850 browser extensions, with over 700 specifically designed for cryptocurrency wallets. The malware steals sensitive data inclu…
rss:BleepingComputer
—
08:00 KSA
<strong>Citrix urges admins to patch NetScaler flaws as soon as possible</strong>
Citrix has released patches for two critical vulnerabilities in NetScaler ADC and NetScaler Gateway products. One vulnerability bears significant similarities to the previously exploited CitrixBlee…
rss:Recorded Future
—
06:55 KSA
<strong>Threat Intelligence Automation</strong>
Recorded Future's threat intelligence automation provides security teams with real-time insights and faster incident response capabilities. The solution enhances operational efficiency by automating the collection and analysis of t…
rss:Recorded Future
—
06:55 KSA
<strong>The Future of Humanoid Robotics</strong>
Humanoid robotics advancement presents emerging cybersecurity risks including potential vulnerabilities in AI systems and IoT networks. Organizations must consider security implications as these technologies integrate into critica…
rss:Recorded Future
—
06:55 KSA
<strong>Operational Cyber Threat Intelligence</strong>
Operational cyber threat intelligence focuses on transforming raw threat data into actionable insights for proactive defense. Effective threat intelligence operations enable organizations to move from reactive to preventive …
rss:Dark Reading
—
06:55 KSA
<strong>Axios Attack Shows How Complex Social Engineering Is Industrialized</strong>
A sophisticated attack targeted the popular NPM package Axios, demonstrating how threat actors are industrializing social engineering campaigns against software maintainers. This incident highli…
rss:Dark Reading
—
06:55 KSA
<strong>Fortinet Issues Emergency Patch for FortiClient Zero-Day</strong>
Fortinet released an emergency patch for CVE-2026-35616, an authentication bypass vulnerability in FortiClient being actively exploited in the wild. This is the latest in a series of critical Fortinet vuln…
rss:Dark Reading
—
06:55 KSA
<strong>Automated Credential Harvesting Campaign Exploits React2Shell Flaw</strong>
Threat cluster UAT-10608 is conducting automated attacks exploiting vulnerable Next.js applications through the React2Shell flaw to harvest credentials, secrets, and system data. The campaign use…
rss:The Hacker News
—
06:54 KSA
<strong>New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips</strong>
Academic researchers discovered RowHammer attacks targeting high-performance GPUs that enable privilege escalation and potential full host takeover. The attacks, named GPUBreach, GDDR…
rss:The Hacker News
—
06:54 KSA
<strong>China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware</strong>
Chinese threat actor Storm-1175 is conducting high-velocity ransomware attacks by exploiting zero-day and N-day vulnerabilities to deploy Medusa ransomware. The group demonstrates rap…
rss:The Hacker News
—
06:54 KSA
<strong>Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed</strong>
Threat actors are actively exploiting CVE-2025-59528, a maximum severity (CVSS 10.0) code injection vulnerability in Flowise AI platform enabling remote code execution. O…
rss:BleepingComputer
—
06:54 KSA
<strong>Suspected RedLine infostealer malware admin extradited to US</strong>
An Armenian national was extradited to the US for allegedly managing RedLine infostealer malware operations. RedLine is a widely-used credential and data theft malware that has compromised millions of …
rss:BleepingComputer
—
06:54 KSA
<strong>GitHub adds AI-powered bug detection to expand security coverage</strong>
GitHub is integrating AI-powered vulnerability scanning into its Code Security tool to enhance detection capabilities beyond traditional static analysis. This expansion will cover more programming …
rss:BleepingComputer
—
06:54 KSA
<strong>PolyShell attacks target 56% of all vulnerable Magento stores</strong>
Active attacks exploiting the PolyShell vulnerability are targeting over half of all vulnerable Magento 2 and Adobe Commerce installations. E-commerce platforms using these systems face immediate risk…
rss:Recorded Future
—
05:49 KSA
<strong>Integrating Threat Intelligence and Vulnerability Management: A Modern Approach</strong>
Organizations can enhance risk reduction by integrating threat intelligence with vulnerability management systems. This modern approach enables prioritization of critical vulnerabili…
rss:Recorded Future
—
05:49 KSA
<strong>The Salesforce-Gainsight Security Incident: What You Need to Know</strong>
A security incident involving Salesforce and Gainsight highlights supply-chain risks in SaaS integrations. Threat intelligence platforms can identify and mitigate third-party compromise risks befo…
rss:Recorded Future
—
05:49 KSA
<strong>Choosing a Digital Risk Intelligence Platform: 5 Key Capabilities to Evaluate</strong>
Organizations selecting digital risk intelligence platforms should evaluate five essential capabilities to protect brand reputation, digital assets, and external attack surface. Proper…
rss:Dark Reading
—
05:49 KSA
<strong>Lies, Damned Lies, and Cybersecurity Metrics</strong>
C-suite executives discuss challenges in measuring cybersecurity effectiveness and why current metrics fail to improve security outcomes. The panel highlights the gap between measurement practices and actual security …
rss:Dark Reading
—
05:49 KSA
<strong>Focusing on the People in Cybersecurity at RSAC 2026 Conference</strong>
RSAC 2026 Conference emphasizes the critical role of human factors in cybersecurity despite AI dominance in discussions. The conference highlights that technology alone cannot solve security challen…
rss:Dark Reading
—
05:49 KSA
<strong>AI-Assisted Supply Chain Attack Targets GitHub</strong>
Threat actors leverage AI to automate attacks exploiting GitHub misconfigurations in campaign called PRT-scan. This represents the second AI-assisted supply chain attack targeting widespread GitHub vulnerabilities, …
rss:The Hacker News
—
05:48 KSA
<strong>Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access</strong>
A high-severity vulnerability (CVE-2026-34040, CVSS 8.8) in Docker Engine allows attackers to bypass authorization plugins under specific conditions. This flaw represents an incomplet…
rss:The Hacker News
—
05:48 KSA
<strong>Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign</strong>
An active campaign targets over 1,000 internet-exposed ComfyUI instances to recruit them into a cryptocurrency mining and proxy botnet. A custom Python scanner continuously sweeps majo…
rss:The Hacker News
—
05:48 KSA
<strong>The Hidden Cost of Recurring Credential Incidents</strong>
IBM's 2025 Cost of a Data Breach Report reveals the average breach costs $4.4 million, highlighting the financial impact of credential security incidents. The article emphasizes that recurring credential incident…
rss:BleepingComputer
—
05:48 KSA
<strong>UK sanctions Xinbi marketplace linked to Asian scam centers</strong>
UK sanctions Xinbi, a Chinese cryptocurrency marketplace selling stolen data and satellite equipment to Southeast Asian scam networks. The platform facilitates cybercrime operations by providing tools a…
rss:BleepingComputer
—
05:48 KSA
<strong>Coruna iOS exploit framework linked to Triangulation attacks</strong>
Coruna exploit kit represents an evolution of the Operation Triangulation framework that targeted iPhones through zero-click iMessage exploits in 2023. This sophisticated espionage tool demonstrates ad…
rss:BleepingComputer
—
05:48 KSA
<strong>Russia arrests suspected owner of LeakBase cybercrime forum</strong>
Russian authorities arrested a Taganrog resident suspected of operating LeakBase, a major cybercrime forum for trading stolen data and hacking tools. The takedown disrupts a significant underground mark…
rss:Recorded Future
—
04:37 KSA
<strong>Inside the CopyCop Playbook: How to Fight Back in the Age of Synthetic Media</strong>
Russia's CopyCop network leverages AI-generated news and fake media sites to conduct influence operations targeting global audiences. The article reveals the tactics used in synthetic m…
rss:Recorded Future
—
04:37 KSA
<strong>AI Malware: Hype vs. Reality</strong>
Analysis reveals that AI-powered malware threats remain at low maturity levels with no verified cases of autonomous BYOAI (Bring Your Own AI) attacks in the wild. The article separates genuine AI malware capabilities from industry hy…
rss:Recorded Future
—
04:37 KSA
<strong>How Ransomware Affects Business Operations, Revenue, and Brand Reputation</strong>
Comprehensive analysis of ransomware's multi-dimensional impact on organizations, including operational disruption, financial losses, and long-term brand damage. The article explains ranso…
rss:Malwarebytes Lab
—
04:37 KSA
<strong>WhatsApp on Windows users targeted in new campaign, warns Microsoft</strong>
Microsoft has issued a warning about an active campaign targeting WhatsApp users on Windows systems. The attack attempts to establish persistent access to compromised machines, posing significan…
rss:Malwarebytes Lab
—
04:37 KSA
<strong>Why we&#8217;re still not doing April Fools&#8217; Day</strong>
Malwarebytes highlights the growing sophistication of scams, noting that two-thirds of people cannot distinguish them from legitimate communications. The company refrains from April Fools' pranks to …
rss:SecurityWeek
—
04:37 KSA
<strong>FCC Bans New Routers Made Outside the US Over National Security Risks</strong>
The FCC has banned new routers manufactured outside the United States following a White House determination that foreign-produced routers pose national security threats. This regulatory action…
rss:SecurityWeek
—
04:37 KSA
<strong>RSAC 2026 Conference Announcements Summary (Day 2)</strong>
Summary of cybersecurity vendor announcements from the second day of RSA Conference 2026. The conference showcases new security products, technologies, and industry developments relevant to enterprise cybersecur…
rss:SecurityWeek
—
04:37 KSA
<strong>From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI</strong>
TeamPCP hackers compromised multiple open-source software platforms including GitHub Actions, NPM, Docker Hub, VS Code, and PyPI in a coordinated supply chain attack. The group collaborat…
rss:Dark Reading
—
04:37 KSA
<strong>Grafana Patches AI Bug That Could Have Leaked User Data</strong>
Grafana patched a critical AI vulnerability that allowed attackers to hide malicious instructions on web pages. The AI could be tricked into executing commands that appear legitimate but exfiltrate sensitiv…
rss:Dark Reading
—
04:37 KSA
<strong>RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever</strong>
Dark Reading's coverage of RSAC 2026 highlights how AI is rapidly transforming cybersecurity practices. The conference showcased emerging trends and technologies that are fundamentally changing how or…
rss:Dark Reading
—
04:37 KSA
<strong>Human vs. AI: Debates Shape RSAC 2026 Cybersecurity Trends</strong>
RSAC 2026 featured intense debates between CISOs and industry leaders about AI's role in cybersecurity. Key discussions centered on agentic AI applications and the critical challenge of maintaining human…
rss:The Hacker News
—
04:36 KSA
<strong>Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs</strong>
Iranian cyber actors are actively targeting internet-exposed operational technology devices, specifically programmable logic controllers (PLCs), across U.S. critical infr…
rss:The Hacker News
—
04:36 KSA
<strong>Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign</strong>
Russian state-sponsored APT28 (Forest Blizzard) has compromised insecure MikroTik and TP-Link SOHO routers globally, modifying their DNS settings to create malicious infrastructure…
rss:The Hacker News
—
04:36 KSA
<strong>[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk</strong>
New Ponemon Institute research reveals a critical paradox where enterprise identity programs are maturing but overall risk is increasing due to AI-enabled threats. The webinar addres…
rss:BleepingComputer
—
04:36 KSA
<strong>Dutch Police discloses security breach after phishing attack</strong>
Dutch National Police experienced a security breach from a successful phishing attack. The incident had limited impact and did not compromise citizen data, demonstrating the ongoing threat of social en…
rss:BleepingComputer
—
04:36 KSA
<strong>Ajax football club hack exposed fan data, enabled ticket hijack</strong>
AFC Ajax Amsterdam disclosed that hackers exploited IT system vulnerabilities to access data of hundreds of individuals. The breach enabled potential ticket hijacking, highlighting security risks in…
rss:BleepingComputer
—
04:36 KSA
<strong>CISA: New Langflow flaw actively exploited to hijack AI workflows</strong>
CISA warns of active exploitation of critical vulnerability CVE-2026-33017 in Langflow AI framework. Attackers are hijacking AI workflows, representing emerging threats to artificial intelligence …
rss:Recorded Future
—
03:34 KSA
<strong>The Bug That Won't Die: 10 Years of the Same Mistake</strong>
A decade-long pattern of deserialization vulnerabilities continues to plague applications from Java to React/Next.js frameworks. Organizations must implement robust input validation and serialization cont…
rss:Recorded Future
—
03:34 KSA
<strong>Intellexa’s Global Corporate Web</strong>
Intellexa operates a sophisticated global network of front companies to distribute Predator spyware, expanding targets beyond civil society activists to include corporate executives worldwide. This commercial surveillance threat …
rss:Recorded Future
—
03:34 KSA
<strong>The Maturity Gap: The Next Frontier in Threat Intelligence</strong>
Organizations face a critical maturity gap between basic threat intelligence consumption and advanced predictive, autonomous security operations. Bridging this gap requires investment in automation, inte…
rss:Malwarebytes Lab
—
03:33 KSA
<strong>Apple expands “DarkSword” patches to iOS 18.7.7</strong>
Apple has silently extended security patches addressing DarkSword exploit kit vulnerabilities to iOS and iPadOS version 18.7.7. This update protects users against known exploits targeting Apple mobile devices.
Sou…
rss:Malwarebytes Lab
—
03:33 KSA
<strong>Malwarebytes Privacy VPN receives full third-party audit</strong>
Malwarebytes commissioned an independent third-party security audit of its VPN infrastructure. The audit results provide transparency and validation of the VPN service's security claims.
Source: https://w…
rss:Malwarebytes Lab
—
03:33 KSA
<strong>Wikipedia&#8217;s AI agent row likely just the beginning of the bot-ocalypse</strong>
An AI agent was banned from editing Wikipedia and subsequently published public complaints about the decision. This incident highlights emerging security and governance challenges a…
rss:SecurityWeek
—
03:33 KSA
<strong>Alleged RedLine Malware Administrator Extradited to US</strong>
Armenian national Hambardzum Minasyan has been extradited to the US for alleged involvement in developing and administering RedLine infostealer malware. This malware is widely used to steal credentials, fina…
rss:SecurityWeek
—
03:33 KSA
<strong>Dell and HP Roll Out Quantum-Resistant Device Security and AI-Era Cyber Resilience</strong>
Dell and HP have introduced quantum-resistant security features for PCs and printers to protect against future quantum computing threats. These capabilities aim to enhance device …
rss:SecurityWeek
—
03:33 KSA
<strong>Onit Security Raises $11 Million for Exposure Management Platform</strong>
Cybersecurity startup Onit Security has raised $11 million in funding to develop its exposure management platform. The company plans to invest in product development and expand into new sectors to…
rss:Dark Reading
—
03:33 KSA
<strong>Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams</strong>
Pluralsight has launched SecureReady, a new initiative designed to help organizations develop job-ready cybersecurity teams. This addresses the ongoing cybersecurity skill…
rss:Dark Reading
—
03:33 KSA
<strong>Iranian Threat Actors Disrupt US Critical Infrastructure via Exposed PLCs</strong>
Iranian threat actors have compromised Internet-facing operational technology (OT) devices, specifically PLCs, targeting US critical infrastructure. The attacks resulted in file and displa…
rss:Dark Reading
—
03:33 KSA
<strong>Storm-1175 Deploys Medusa Ransomware at 'High Velocity'</strong>
Microsoft reports that Storm-1175, a financially motivated cybercrime group, is deploying Medusa ransomware at high velocity. The group has exploited both n-day and zero-day vulnerabilities in cam…
rss:The Hacker News
—
03:32 KSA
<strong>Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)</strong>
Enterprise Identity and Access Management (IAM) systems face critical fragmentation risks as organizations scale across thousands of applications and decentralized sys…
rss:The Hacker News
—
03:32 KSA
<strong>Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems</strong>
Anthropic launched Project Glasswing, utilizing its new AI model Claude Mythos to automatically discover and address security vulnerabilities across major systems. This initiat…
rss:The Hacker News
—
03:32 KSA
<strong>N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust</strong>
North Korean threat actors behind the Contagious Interview campaign have expanded their supply chain attacks by distributing 1,700 malicious packages across multiple developer ecosystem…
rss:BleepingComputer
—
03:32 KSA
<strong>European Commission investigating breach after Amazon cloud account hack</strong>
The European Commission is investigating a security breach after unauthorized access to its Amazon cloud environment. This incident highlights risks to government cloud infrastructure and p…
rss:BleepingComputer
—
03:32 KSA
<strong>Anti-piracy coalition takes down AnimePlay app with 5 million users</strong>
The Alliance for Creativity and Entertainment shut down AnimePlay, an illegal anime streaming platform with 5 million users. While primarily a copyright enforcement action, it demonstrates coord…
rss:BleepingComputer
—
03:32 KSA
<strong>Windows 11 KB5079391 update rolls out Smart App Control improvements</strong>
Microsoft released KB5079391 preview update for Windows 11 with 29 improvements including Smart App Control enhancements. This security feature helps protect against malware and untrusted appli…
rss:CISA Advisories
—
03:32 KSA
<strong>WAGO GmbH & Co. KG Industrial Managed Switches</strong>
WAGO industrial managed switches contain a critical vulnerability allowing unauthenticated remote attackers to exploit a hidden CLI function to escape restricted interfaces and fully compromise devices. All firm…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Sunday, April 12, 2026
CVE Archive ·
Threats ·
News