cyberintel.kalymoon.com · 27606 articles · updated every 4 hours · grows forever
A vulnerability marked as critical has been reported in add-ons.org PDF for Elementor Forms and Drag and Drop Template Builder Plugin up to 5.5.1 on WordPress. This impacts an unknown function. This m…
A vulnerability described as problematic has been identified in ISC BIND up to 9.21.21 . Affected is an unknown function of the component named . Such manipulation leads to uncontrolled recursion. Thi…
A vulnerability classified as critical has been found in Microsoft Windows Admin Center in Azure Portal . Affected by this vulnerability is an unknown functionality. Performing a manipulation results …
A vulnerability classified as critical was found in twigphp Twig up to 2.16.x/3.25.x . Affected by this issue is some unknown functionality. Executing a manipulation can lead to protection mechanism f…
A vulnerability, which was classified as critical , has been found in phenixdigital phoenix_storybook up to 1.0.x . This affects an unknown part of the component Template String Handler . The manipula…
A vulnerability, which was classified as problematic , was found in phenixdigital phoenix_storybook up to 1.0.x . This vulnerability affects unknown code. The manipulation of the argument attr results…
A vulnerability has been found in HCL DominoIQ 14.5.1 and classified as problematic . This issue affects some unknown processing of the component RAG Feature . This manipulation causes missing authori…
A vulnerability was found in phenixdigital phoenix_storybook up to 1.0.x and classified as critical . Impacted is an unknown function in the library lib/phoenix_storybook/live/story/component_iframe_l…
A vulnerability was found in Progress MOVEit Automation up to 2025.0.10/2025.1.6 . It has been classified as problematic . The affected element is an unknown function. Performing a manipulation result…
A vulnerability was found in MediaArea MediaInfoLib 26.01 . It has been declared as critical . The impacted element is an unknown function of the component Channel Handler . Executing a manipulation c…
The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing…
Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets. The post Tracking TamperedChef Clusters via Certificate a…
Akamai Links Attack Growth to AI-Enabled Botnets and Hacktivists Akamai says AI-enabled botnets, geopolitical hacktivism and financially motivated cybercriminals drove a massive rise in DDoS, API and …
Having receive a ransom payment for its attack on Canvas, ShinyHunters and other extortion gangs are only likely to be further incentivised to launch similar attacks in future. Read more in my article…
A new vulnerability in NGINX JavaScript (njs), tracked as CVE‑2026‑8711, allows unauthenticated remote attackers to trigger a heap‑based buffer overflow that can lead to denial‑of‑service and, in some…
Microsoft has disclosed a critical zero-day vulnerability in Windows BitLocker, tracked as CVE-2026-45585, that allows threat actors with physical access to bypass full-disk encryption entirely, poten…
A well-known China-aligned threat group has quietly evolved its attack methods, and its latest toolset reveals just how far it is willing to go to stay hidden. A backdoor called GraphWorm has surfaced…
Hackers are exploiting a decades-old Windows tool to deliver dangerous malware onto unsuspecting systems, with consequences ranging from stolen passwords to full system compromise. The tool is MSHTA, …
Three consecutive releases of Microsoft’s official Python workflow SDK were poisoned with a multi-cloud credential-stealing worm, continuing the group’s relentless 2026 supply chain campaign. The Team…
A seemingly innocent typo in a Go module name has been quietly serving a live backdoor for nearly three years. Security researchers uncovered a malicious package called github.com/shopsprint/decimal t…
ExifTool, a ubiquitous open-source utility for reading and writing file metadata, is at the center of a severe security flaw affecting macOS environments. Discovered by Kaspersky’s Global Research and…