A vulnerability has been found in Mattermost Go Module up to 0.1.21 and classified as critical . Affected is an unknown function of the file /mattermost/mattermost/server/public . The manipulation lea…
cyberintel.kalymoon.com · 36021 articles · updated every 4 hours · grows forever
A vulnerability has been found in Mattermost Go Module up to 0.1.21 and classified as critical . Affected is an unknown function of the file /mattermost/mattermost/server/public . The manipulation lea…
A vulnerability was found in JetBrains Kotlin up to 2.4.19 and classified as problematic . Affected by this vulnerability is an unknown functionality. The manipulation results in deserialization. This…
A vulnerability was found in JetBrains YouTrack up to 2026.2.16592 . It has been classified as problematic . Affected by this issue is some unknown functionality of the component Setting Handler . Thi…
A vulnerability was found in Tim Strifler Exclusive Addons Elementor Plugin up to 2.7.9.8 on WordPress. It has been declared as problematic . This affects an unknown part. Such manipulation leads to c…
A vulnerability was found in Peplink InControl up to 2026-06-03 . It has been rated as problematic . This vulnerability affects unknown code of the file /rest/o . Performing a manipulation results in …
A vulnerability categorized as problematic has been discovered in JetBrains YouTrack . This issue affects some unknown processing of the component Comment Templates Endpoint . Executing a manipulation…
A vulnerability identified as critical has been detected in JetBrains YouTrack . Impacted is an unknown function of the component Configuration Handler . The manipulation leads to incorrect default pe…
A vulnerability labeled as problematic has been found in JetBrains YouTrack . The affected element is an unknown function. The manipulation results in missing authorization. This vulnerability is know…
A vulnerability marked as problematic has been reported in JetBrains YouTrack . The impacted element is an unknown function. This manipulation causes improperly controlled modification of object proto…
A vulnerability described as problematic has been identified in JetBrains YouTrack . This affects an unknown function of the component App Configurations Endpoint . Such manipulation leads to missing …
A newly documented attack chain tied to threat actor group UAC-0226 is putting Windows users at serious risk. The campaign uses booby-trapped WinRAR archives, hidden file streams, and a sophisticated …
Water utilities across the United States and Europe are under growing pressure as hackers continue to find easy ways in. Nation-state actors and affiliated groups have been quietly exploiting internet…
A sophisticated Phishing-as-a-Service (PhaaS) platform called Bluekit has been confirmed operational at scale, with cybersecurity firm Netcraft detecting approximately 70 live hostnames in a single we…
Australia’s Security Intelligence Organization (ASIO) has uncovered an attack on a critical infrastructure operator’s network. State-sponsored actors had compromised the network and were preparing to …
Proof has launched x401, an open, issuer-neutral protocol that lets any website or API ask for and verify the identity behind agents. With x401, a service can ask for the proof it requires: verified i…
The cybersecurity startup provides threat hunting, proactive detection, and behavioral security analytics. The post Nebulock Raises $25 Million for AI-Native Contextual Security appeared first on Secu…
Other noteworthy stories that might have slipped under the radar: Russia used Cellebrite to hack activist’s phone, Five Eyes issue urgent AI threat warning, macOS Gaslight backdoor, Scattered Spider g…
Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact. The post More Klue Breach Victims Identified as Hackers Get Hacked appeared first on SecurityWeek .
AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact. The post Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories appear…
AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to …
DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration f…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Dat…
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and …
A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW," is an out-of-bounds write in the packet-e…