cyberintel.kalymoon.com · 20581 articles · updated every 4 hours · grows forever
A vulnerability described as problematic has been identified in managewp ManageWP Worker Plugin up to 4.9.31 on WordPress. This affects an unknown function of the component HTTP Request Header Handler…
A vulnerability classified as problematic has been found in LatePoint Plugin up to 5.3.2 on WordPress. This impacts the function request_cancellation . The manipulation leads to cross-site request for…
A vulnerability classified as problematic was found in mr2p Meta Field Block Plugin up to 1.5.2 on WordPress. Affected is an unknown function of the component Block Attribute Handler . The manipulatio…
A vulnerability, which was classified as critical , has been found in wpeverest User Registration & Membership Plugin up to 5.1.5 on WordPress. Affected by this vulnerability is the function is_admin_…
A vulnerability, which was classified as critical , was found in Infused Addons InfusedWoo Pro Plugin up to 5.1.2 on WordPress. Affected by this issue is the function popup_submit . Such manipulation …
A vulnerability has been found in websoudan MW WP Form Plugin up to 5.1.2 on WordPress and classified as problematic . This affects the function _get_post_property_from_querystring . Performing a mani…
A vulnerability was found in caterhamcomputing CC Child Pages Plugin up to 2.1.1 on WordPress and classified as problematic . This vulnerability affects unknown code. Executing a manipulation of the a…
A vulnerability was found in Infused Addons InfusedWoo Pro Plugin up to 5.1.2 on WordPress. It has been classified as critical . This issue affects some unknown processing. The manipulation leads to m…
A vulnerability was found in wproyal Royal Addons for Elementor Plugin up to 1.7.1058 on WordPress. It has been declared as problematic . Impacted is an unknown function. The manipulation of the argum…
Pay up, or we'll pay someone to pay you a visit. Cybercrime gangs are increasingly turning to real-world threats - and even hiring local muscle to deliver the message. Read more in my article on the H…
Iran-linked hackers have been quietly breaking into networks around the world, and their latest campaign is more calculated than anything we have seen from them before. The group known as Seedworm, al…
Packagist is sounding the alarm for PHP developers everywhere. A flaw in Composer, the widely used PHP dependency manager, briefly caused GitHub authentication tokens to leak into publicly visible CI …
Attackers are now abusing a fresh Langflow vulnerability to quietly steal cloud keys and turn victim systems into workers for a new NATS based botnet. This campaign shows how a single exposed AI workf…
OpenAI Global LLC is facing a new class‑action complaint in the Southern District of California that accuses the company of quietly wiring its ChatGPT web interface with Meta’s Facebook Pixel and Goog…
DUBAI, UAE — May 11, 2026 — As the internet transitions from a playground of chatbots to a workforce of autonomous agents, the question isn’t just what AI can do—it’s who the AI is. Today, OTT Cyberse…
A critical vulnerability in Palo Alto Networks PAN-OS is putting enterprise firewalls at risk, allowing unauthenticated attackers to execute arbitrary code with root privileges. Tracked as CVE-2026-03…
The Information Commissioner’s Office has released new guidance on how to mitigate the risk of AI-powered attacks
Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure
Cybersecurity leaders often have complex relationships with their boards. Many boards lack cyber expertise, and CISOs can encounter roadblocks as a result when it comes to earning board approval. Othe…
A newly disclosed authentication bypass flaw in the open-source AI orchestration framework PraisonAI was probed by internet scanners less than four hours after its public disclosure. According to Sysd…
AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institute (AISI). AISI measures AI cyber capabilit…
The Microsoft Copilot Studio April 2026 updates improve visibility and governance for admins and expand workflow capabilities for managing agents. Copilot surfaces agent status in the authoring experi…
Microsoft published a plugin on May 13 that lets GitHub Copilot CLI and Claude Code drive the full WinUI 3 development cycle, from project scaffolding through signed MSIX packaging. The WinUI agent pl…
The patch was announced as Broadcom is attending the Pwn2Own hacking competition in Berlin this week. The post High-Severity Vulnerability Patched in VMware Fusion appeared first on SecurityWeek .