A vulnerability was found in smub Slider by Soliloquy Plugin up to 2.8.1 on WordPress. It has been rated as problematic . This affects the function map_meta_cap of the component Configuration Handler …
cyberintel.kalymoon.com · 33480 articles · updated every 4 hours · grows forever
A vulnerability was found in smub Slider by Soliloquy Plugin up to 2.8.1 on WordPress. It has been rated as problematic . This affects the function map_meta_cap of the component Configuration Handler …
A vulnerability categorized as problematic has been discovered in cssigniterteam AudioIgniter Music Player Plugin up to 2.0.2 on WordPress. This vulnerability affects the function handle_playlist_endp…
A vulnerability identified as problematic has been detected in metaphorcreations Ditty Plugin up to 3.1.65 on WordPress. This issue affects the function init of the component AJAX Endpoint . The manip…
A vulnerability labeled as critical has been found in TeamViewer DEX up to 9.1 . Impacted is an unknown function of the component Backend API Endpoint . The manipulation results in missing authorizati…
A vulnerability marked as critical has been reported in jetmonsters MotoPress Hotel Booking Plugin up to 6.0.1 on WordPress. The affected element is an unknown function. This manipulation causes missi…
A vulnerability described as critical has been identified in techjewel FluentCRM Plugin up to 2.9.87 on WordPress. The impacted element is the function _fc_bounce_key . Such manipulation of the argume…
Open-source framework ROADtools is being misused by threat actors for cloud intrusions. Learn how to identify its malicious use. The post Paved With Intent: ROADtools and Nation-State Tactics in the C…
Google has publicly released proof-of-concept (PoC) exploit code for a critical, still-unpatched vulnerability in the Chromium codebase, potentially exposing millions of users across Chrome, Microsoft…
Hackers have found a new and alarming way to weaponize one of the most trusted platforms in the AI world. A threat actor linked to North Korea has embedded second-stage malware inside Hugging Face, th…
The FBI has issued a new cybersecurity warning about a rapidly emerging phishing-as-a-service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users to steal access tokens and…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations …
Splunk has released security updates addressing multiple vulnerabilities across Splunk Enterprise, Splunk Cloud Platform, and the Splunk AI Toolkit that could lead to denial-of-service (DoS) condition…
Total figure for fraudulent transactions Apple has blocked since 2020 now stands at over $11bn
The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets
The “retro” way “The thing about the old days is… they are the old days” – Slim Charles , The Wire Protecting a specified network perimeter was the main focus of enterprise security strategy for sever…
I spent two days at a substation connecting a major offshore wind farm to the grid. The control room featured three new AI-ready dashboards and a board mandate to “leverage machine learning for resili…
The average cost of downtime has reached $600 billion for the Global 2000, a 50% increase in two years. According to Splunk’s The Hidden Costs of Downtime report, unplanned outages and service degrada…
Probing how a CPU isolates user code from kernel code is messy work. Researchers patch kernels, write drivers, or boot stripped-down bare-metal programs, and any of those choices change variables they…
Microsoft 365 access tokens are being targeted by an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, the FBI is warning. First observed in April 2026, Kali365 has been distributed thro…
The Cybersecurity and Infrastructure Security Agency launched a new nomination form that lets researchers, vendors, and industry partners report known exploited vulnerabilities for possible inclusion …
Keepnet, an Extended Human Risk Management (xHRM) platform, today announced that its voice and SMS phishing simulation data contributed to the 2026 Verizon Data Breach Investigations Report (DBIR). Th…
Proton Pass, a secure, end-to-end encrypted password manager, added credential sharing through AI access tokens, allowing users to give AI agents access to selected items and monitor activity. To gain…
GitLab released GitLab 19.0 with expanded secrets management, agentic merge request workflows, improved CI pipeline visibility, support for self-hosted open-source models, and supply chain visibility …
Versa has introduced a patent-pending zero trust architecture for the Model Context Protocol (MCP), applying zero trust principles to AI execution. The company said every AI-generated action is valida…