CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Cyber
Intel Feed

cyberintel.kalymoon.com  ·  33470 articles  ·  updated every 4 hours · grows forever

33470Total
25561Full Text
Jul 05, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-9299 | omec-project amf up to 2.1.1 handler.go PDUSessionResourceModifyIndication memory corruption (Issue 681)

A vulnerability classified as critical has been found in omec-project amf up to 2.1.1 . Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.g…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-9300 | omec-project amf up to 2.1.1 NGSetupRequest memory corruption (Issue 679)

A vulnerability classified as critical was found in omec-project amf up to 2.1.1 . This affects an unknown part of the component NGSetupRequest Handler . Such manipulation leads to memory corruption. …

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-9301 | omec-project amf up to 2.1.1 NGReset Message memory corruption (Issue 678)

A vulnerability, which was classified as critical , has been found in omec-project amf up to 2.1.1 . This vulnerability affects unknown code of the component NGReset Message Handler . Performing a man…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-9302 | 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9 VpsTest Console VpsTest.php eval vf code injection (Issue 36)

A vulnerability, which was classified as critical , was found in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9 . This issue affects the function eval of the file ap…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-9303 | calcom cal.diy up to 4.9.4 cross-site request forgery

A vulnerability has been found in calcom cal.diy up to 4.9.4 and classified as problematic . Impacted is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability i…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-9304 | calcom cal.diy up to 4.9.4 Logo API route.ts validateUrlForSSRF server-side request forgery

A vulnerability was found in calcom cal.diy up to 4.9.4 and classified as critical . The affected element is the function validateUrlForSSRF of the file apps/web/app/api/logo/route.ts of the component…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-9305 | QuantumNous new-api up to 0.12.1 self Endpoint model/topup.go SearchUserTopUps/SearchAllTopUps sql injection

A vulnerability was found in QuantumNous new-api up to 0.12.1 . It has been classified as critical . The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-9306 | QuantumNous new-api up to 0.12.1 Midjourney Image Relay Endpoint router/relay-router.go RelayMidjourneyImage/GetByOnlyMJId authorization

A vulnerability was found in QuantumNous new-api up to 0.12.1 . It has been declared as problematic . This affects the function RelayMidjourneyImage/GetByOnlyMJId of the file router/relay-router.go of…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-46727 | Ruby up to 4.0.4 Authoritative ext/socket/raddrinfo.c rb_getaddrinfo race condition

A vulnerability was found in Ruby up to 4.0.4 . It has been rated as problematic . This impacts the function rb_getaddrinfo of the file ext/socket/raddrinfo.c of the component Authoritative Handler . …

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-39964 | baptisteArno typebot.io up to 3.15.x packages/embeds/js cross site scripting

A vulnerability categorized as problematic has been discovered in baptisteArno typebot.io up to 3.15.x . Affected is an unknown function of the file packages/embeds/js . Executing a manipulation can l…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-39965 | baptisteArno typebot.io up to 3.15.x HTTP Request validateHttpReqUrl server-side request forgery

A vulnerability identified as critical has been detected in baptisteArno typebot.io up to 3.15.x . Affected by this vulnerability is the function validateHttpReqUrl of the component HTTP Request Handl…

VulDB Read →
⬡ Vulnerabilities & CVEs May 22, 2026
CVE-2026-42627 | Arm ArmNN up to 2026-03-27 TFLite armnn/Tensor.cpp GetNumElements integer overflow

A vulnerability labeled as problematic has been found in Arm ArmNN up to 2026-03-27 . Affected by this issue is the function TensorShape::GetNumElements of the file armnn/Tensor.cpp of the component T…

VulDB Read →
◉ Threat Intelligence May 22, 2026
Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations

How Frontier firms secure AI at scale: read how Microsoft customers embed governance, identity, and cloud security to make protection an enabler of AI growth. The post Microsoft Security success stori…

Microsoft Security Read →
◉ Threat Intelligence May 22, 2026
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence server for credential theft and identity compromise. Learn how the threat act…

Microsoft Security Read →
◉ Threat Intelligence May 22, 2026
Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms

Microsoft has been recognized as a Leader in The Forrester Wave™: Workforce Identity Security Platforms, Q2 2026, receiving the highest scores in both the current offering and strategy categories. The…

Microsoft Security Read →
◉ Threat Intelligence May 22, 2026
Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intention…

Krebs on Security Read →
◇ Industry News & Leadership May 22, 2026
23-Year-Old Canadian Charged in KimWolf Botnet Operation

DOJ Says KimWolf Powered Massive DDoS-for-Hire Operations U.S. prosecutors charged a Canadian man accused of operating the KimWolf botnet, alleging the DDoS-for-hire platform compromised nearly two mi…

Data Breach Today Read →
◇ Industry News & Leadership May 22, 2026
Europe Again Delays Digital Sovereignty Push

The Package Is Either Not Yet Ready or Bumping Up Against American Objections Europe for the third time delayed presenting its long-awaited Tech Sovereignty Package, legislation aimed at weaning the c…

Data Breach Today Read →
◇ Industry News & Leadership May 22, 2026
CISA Warns of Microsoft Defender 0-Day Vulnerabilities Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Microsoft Defender vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations o…

Cybersecurity News Read →
◇ Industry News & Leadership May 22, 2026
Deleted Google API Keys Continue Accessing Gemini, BigQuery, and Maps APIs

A newly disclosed issue with Google Cloud API keys reveals that deleted credentials may remain usable for up to 23 minutes, exposing projects to potential abuse even after revocation. The finding rais…

Cybersecurity News Read →
◇ Industry News & Leadership May 22, 2026
CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, signaling…

Cybersecurity News Read →
◇ Industry News & Leadership May 22, 2026
LiteSpeed cPanel Plugin 0-Day Exploited in the wild to Gain Server Root Access

LiteSpeed has disclosed and patched a critical 0‑day privilege escalation flaw in its user-end cPanel plugin that is already being actively exploited to gain root access on Linux hosting servers. The …

Cybersecurity News Read →
◇ Industry News & Leadership May 22, 2026
Ubiquiti Patches Critical UniFi OS Vulnerabilities Allowing Remote Privilege Escalation

Ubiquiti Networks has released urgent security updates to address a series of highly critical vulnerabilities affecting its UniFi OS platform. These severe flaws could allow unauthenticated, remote at…

Cybersecurity News Read →
◇ Industry News & Leadership May 22, 2026
Police take down VPN service (this time with a good reason)

European authorities have cracked down on a VPN that has been used for various criminal activities. The operation, led by investigators in France and the Netherlands with help from Europol and Eurojus…

CSO Online Read →
← Prev 469 / 1395 Next →