CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Cyber
Intel Feed

cyberintel.kalymoon.com  ·  32519 articles  ·  updated every 4 hours · grows forever

32519Total
25055Full Text
Jul 01, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 29, 2026
CVE-2026-57960 | HiEventsDev Hi.Events up to 1.9.0 check-in-lists private personal information (Issue 1224)

A vulnerability classified as problematic has been found in HiEventsDev Hi.Events up to 1.9.0 . Affected is an unknown function of the file /api/public/check-in-lists . The manipulation leads to expos…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 29, 2026
CVE-2026-57958 | inovector mixpost up to 2.6.0 cross site scripting (Issue 204)

A vulnerability classified as problematic was found in inovector mixpost up to 2.6.0 . Affected by this vulnerability is an unknown functionality. The manipulation results in cross site scripting. Thi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 29, 2026
CVE-2026-57947 | pinpoint-apm pinpoint up to 3.1.0 Webhook Registration Endpoint server-side request forgery (Issue 13857)

A vulnerability, which was classified as critical , has been found in pinpoint-apm pinpoint up to 3.1.0 . Affected by this issue is some unknown functionality of the component Webhook Registration End…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 29, 2026
CVE-2026-57955 | signoz up to 0.130.1 url sql injection (Issue 11747)

A vulnerability, which was classified as critical , was found in signoz up to 0.130.1 . This affects the function url . Such manipulation leads to sql injection. This vulnerability is traded as CVE-20…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 29, 2026
CVE-2026-57948 | pinpoint-apm pinpoint up to 3.1.0 Session Cookie cookie httponly flag (Issue 13858)

A vulnerability has been found in pinpoint-apm pinpoint up to 3.1.0 and classified as problematic . This vulnerability affects unknown code of the component Session Cookie Handler . Performing a manip…

VulDB Read →
◉ Threat Intelligence Jun 29, 2026
Chromium extension uses AI‑related branding to redirect browser search

A malicious Chromium-based extension that spoofs the AI-powered answer engine Perplexity AI redirects browser search traffic using MV3 APIs and intermediary infrastructure. The post Chromium extension…

Microsoft Security Read →
◇ Industry News & Leadership Jun 29, 2026
OMB, Commerce Lay Out Road Map for Post-Quantum Migration

Federal Investment Shifts From Research Toward Implementation The Office of Management and Budget has issued a detailed road map requiring agencies to begin post-quantum cryptography implementation im…

Data Breach Today Read →
◇ Industry News & Leadership Jun 29, 2026
Russian Threat Actors Continue Signal and WhatsApp Targeting

Thousands of Victims Tricked Into Giving Attackers Account Access, Say Officials Russian military hackers, foiled by end-to-end encryption in Signal and WhatsApp, have compromised thousands of people …

Data Breach Today Read →
◇ Industry News & Leadership Jun 29, 2026
New MCP Specifications Fix Security Issue But Open Many More

Model Context Protocol Rewrite Leaves More Security Decisions to Developers The new MCP specifications fix a long-standing weakness in how AI agents authenticate to external tools, but security expert…

Data Breach Today Read →
◇ Industry News & Leadership Jun 29, 2026
Hackers Exploiting Critical Oracle E-Business Suite Vulnerability Actively in Attacks

Threat actors are actively exploiting CVE-2026-46817, a critical unauthenticated remote takeover vulnerability in Oracle E-Business Suite (EBS), with live attack activity captured across honeypot infr…

Cybersecurity News Read →
◇ Industry News & Leadership Jun 29, 2026
Public PoC Released for Deserialization RCE Vulnerability in Splunk Secure Gateway

A public proof-of-concept (PoC) exploit has been released for CVE-2026-20251, a high-severity remote code execution (RCE) vulnerability affecting Splunk Secure Gateway (SSG). The flaw, carrying a CVSS…

Cybersecurity News Read →
◇ Industry News & Leadership Jun 29, 2026
U.S. Seizes Hundreds Domains Used to Stream World Cup Matches Illegally

The U.S. Department of Justice (DOJ) has announced the seizure of nearly 400 domains used to illegally stream FIFA World Cup 2026 matches, marking a significant crackdown on global digital piracy netw…

Cybersecurity News Read →
◇ Industry News & Leadership Jun 29, 2026
New Claude Code Attack Allows Attackers to Take Full Control of Developers’ Systems

Researchers at Mozilla’s Zero Day Investigative Network (0DIN) have demonstrated a proof-of-concept attack that shows how a completely clean-looking GitHub repository can trick AI-powered coding agent…

Cybersecurity News Read →
◇ Industry News & Leadership Jun 29, 2026
EvilTokens Phishing Breaches Finance Firms Using “Ghost” Code Across U.S. and European Businesses

EvilTokens can keep serious account-takeover activity out of your SOC’s view by relying on “ghost” code that only surfaces after the browser decrypts it. Because of this, analysis that looks only at t…

Cybersecurity News Read →
◇ Industry News & Leadership Jun 29, 2026
WhatsApp Launches New Username Feature to Communicate Without Exposing Phone Numbers

WhatsApp introduces a new privacy update that lets users connect using unique handles, eliminating the need to share phone numbers with strangers or new group members. Earlier, we detailed that WhatsA…

Cybersecurity News Read →
◇ Industry News & Leadership Jun 29, 2026
JSP webshells being dropped on unpatched PTC Windchill instances

The US Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability (CVE-2026-12569) in Windchill and FlexPLM, two product lifecycle management software platforms developed by PTC, to…

Help Net Security Read →
◇ Industry News & Leadership Jun 29, 2026
Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Adversaries could plant a malicious repository that can execute arbitrary code and steal cloud credentials by exploiting the vulnerability, which showcases growing MCP risk.

Dark Reading Read →
◇ Industry News & Leadership Jun 29, 2026
Iran, Russia, China Target Water Systems for Sabotage

Nation-state attackers breach water systems through weak passwords, exposed PLCs, and poor segmentation — not sophisticated malware.

Dark Reading Read →
◇ Industry News & Leadership Jun 29, 2026
Can Clothes Make You Invisible to Facial Recognition?

Does life feel Orwellian sometimes? One researcher has a solution for you: graphic tees that confuse the neural networks in surveillance cameras.

Dark Reading Read →
◇ Industry News & Leadership Jun 29, 2026
Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its com…

The Hacker News Read →
◇ Industry News & Leadership Jun 29, 2026
WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private

WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three billion users on the messaging platform. The optional featur…

The Hacker News Read →
◇ Industry News & Leadership Jun 29, 2026
Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the add…

The Hacker News Read →
◇ Industry News & Leadership Jun 29, 2026
Microsoft extends Windows Server 2022 hotpatching until October 2027

Microsoft has extended Windows Server 2022 hotpatching until October 2027, one year after the mainstream end date of October 2026. [...]

Bleeping Computer Read →
◇ Industry News & Leadership Jun 29, 2026
WhatsApp rolls out usernames to help users hide their phone number

WhatsApp is finally allowing users to reserve usernames, a privacy feature that lets them hide their phone numbers from people not in their contact list. [...]

Bleeping Computer Read →
← Prev 26 / 1355 Next →