CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Cyber
Intel Feed

cyberintel.kalymoon.com  ·  35426 articles  ·  updated every 4 hours · grows forever

35426Total
26565Full Text
Jul 13, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-8605 | ScadaBR 1.2.0 hard-coded credentials (icsa-26-139-03)

A vulnerability marked as critical has been reported in ScadaBR 1.2.0 . Affected by this issue is some unknown functionality. The manipulation leads to hard-coded credentials. This vulnerability is tr…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34234 | Ctrlpanel-gg panel up to 1.1.x os command injection (GHSA-jmhr-q9q5-fqwh)

A vulnerability described as critical has been identified in Ctrlpanel-gg panel up to 1.1.x . This affects an unknown part. The manipulation results in os command injection. This vulnerability is know…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34390 | mantisbt Mantis Bug Tracker up to 2.28.1 Custom Fields manage_proj_user_add.php access control (GHSA-frf7-jhp9-jxm6)

A vulnerability classified as critical has been found in mantisbt Mantis Bug Tracker up to 2.28.1 . This vulnerability affects unknown code of the file manage_proj_user_add.php of the component Custom…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34463 | mantisbt Mantis Bug Tracker up to 2.28.1 Project Name bug_report_page.php cross site scripting (GHSA-fvjf-68wh-rwp2)

A vulnerability classified as problematic was found in mantisbt Mantis Bug Tracker up to 2.28.1 . This issue affects some unknown processing of the file bug_report_page.php of the component Project Na…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34358 | Ctrlpanel-gg panel up to 1.1.x PATCH Request store/update access control (GHSA-pxmw-gj52-9p68 / EUVD-2026-30993)

A vulnerability, which was classified as critical , has been found in Ctrlpanel-gg panel up to 1.1.x . Impacted is the function store/update of the component PATCH Request Handler . Performing a manip…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34246 | Ctrlpanel-gg panel up to 1.1.x Admin Role Management Interface RoleController.php datatable role cross site scripting (GHSA-wpqj-xwhq-2mmh / EUVD-2026-30986)

A vulnerability, which was classified as problematic , was found in Ctrlpanel-gg panel up to 1.1.x . The affected element is the function datatable of the file app/Http/Controllers/Admin/RoleControlle…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2025-15645 | Ledger Nano X/Flex/Stax up to 2.4.1 MCU Firmware Update reset_handler improper validation of specified quantity in input (EUVD-2025-209901)

A vulnerability has been found in Ledger Nano X, Flex and Stax up to 2.4.1 and classified as problematic . The impacted element is an unknown function of the component MCU Firmware Update Handler . Th…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-5090 | TODDR Template::Plugin::HTML up to 3.102 on Perl HTML Attribute var HTML injection (Issue 327 / EUVD-2026-30995)

A vulnerability was found in TODDR Template::Plugin::HTML up to 3.102 on Perl and classified as problematic . This affects an unknown function of the component HTML Attribute Handler . The manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2024-36343 | AMD EPYC 4004 System Management Mode buffer underflow

A vulnerability was found in AMD EPYC 4004, EPYC 4005, Ryzen 6000 Processors with Radeon Graphics, Ryzen 7040 Mobile Processors with Radeon Graphics, Ryzen 7045 Mobile Processors with Radeon Graphics,…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2023-7345 | Ledger ledgerhq/hw-app-eth/Live up to 6.34.6 Data Message type conversion (EUVD-2023-60576)

A vulnerability was found in Ledger ledgerhq, hw-app-eth and Live up to 6.34.6 . It has been declared as problematic . Affected is an unknown function of the component Data Message Handler . Such mani…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34241 | Ctrlpanel-gg panel up to 1.1.x newmessage cross site scripting (GHSA-cmrr-q3hw-3vqh)

A vulnerability was found in Ctrlpanel-gg panel up to 1.1.x . It has been rated as problematic . Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument n…

VulDB Read →
◇ Industry News & Leadership May 20, 2026
Non-Human Identities: The Next Security Blind Spot
Data Breach Today Read →
◇ Industry News & Leadership May 20, 2026
Public NYC Health System Notifying 1.8M of Hack

Incident Involved an Unnamed Third-Party Vendor New York City's municipal healthcare system is notifying nearly 2 million patients of a hacking incident discovered earlier this year involving a third-…

Data Breach Today Read →
◇ Industry News & Leadership May 20, 2026
Europe Prepares to Hunker Down Against Bug Finding AI Models

Commission VP Henna Virkkunen Pledges Action in Tuesday Parliamentary Session The European Commission is defending its response to the advent of artificial intelligence models with strong cybersecurit…

Data Breach Today Read →
◇ Industry News & Leadership May 20, 2026
Judges Clash Over Pentagon’s Anthropic Ban

Appeals Court Weighs Pentagon Authority Over Frontier AI Providers A majority of judges on a U.S. federal appeals court appeared disposed to allowing Defense Secretary Pete Hegseth to bar Anthropic fr…

Data Breach Today Read →
◇ Industry News & Leadership May 20, 2026
Android Ad Fraud Operation Generates 659M Bid Requests

Researchers Identify 455 Malicious Apps Tied to Global Malvertising Campaign Cybercriminals used malicious Android apps to funnel unwitting users to an ad fraud scam that generated up to 659 million d…

Data Breach Today Read →
◇ Industry News & Leadership May 20, 2026
The Gentlemen Ransomware Attacks Windows, Linux, NAS, BSD, and ESXi Attacks

A ransomware group called The Gentlemen has been quietly building one of the most aggressive cybercriminal operations seen in recent years. Emerging publicly in the second half of 2025, the group rapi…

Cybersecurity News Read →
◇ Industry News & Leadership May 20, 2026
macOS Malware Installs Fake Google Software Update LaunchAgent for Persistence

macOS users are facing a new and sophisticated threat as a variant of the SHub infostealer malware, dubbed “Reaper,” has been observed deploying a fake Google Software Update LaunchAgent to maintain p…

Cybersecurity News Read →
◇ Industry News & Leadership May 20, 2026
UAC-0184 Malware Chain Uses bitsadmin and HTA Files for Gated Payload Delivery

A newly documented attack chain linked to the threat group UAC-0184 has been observed using Windows’ built-in bitsadmin tool and HTA files to sneak malicious payloads onto targeted systems. The campai…

Cybersecurity News Read →
◇ Industry News & Leadership May 20, 2026
Contractor’s public GitHub account exposed GovCloud and CISA credentials

Until a few days ago, a publicly-accessible GitHub repository exposed credentials for both US government AWS accounts and internal Cybersecurity and Infrastructure Security Agency (CISA) systems. That…

CSO Online Read →
◇ Industry News & Leadership May 20, 2026
CISA Exposes Secrets, Credentials in 'Private' Repo

The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."

Dark Reading Read →
◇ Industry News & Leadership May 20, 2026
Windows Zero-Day Barrage Continues After Patch Tuesday

YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks.

Dark Reading Read →
◇ Industry News & Leadership May 20, 2026
Verizon DBIR: Enterprises Face a Dangerous Vulnerability Glut

Verizon's "2026 Data Breach Investigations Report" ("DBIR") finds that exploits are now involved in 31% of initial access for breaches, while patching lags too far behind the bad guys.

Dark Reading Read →
◇ Industry News & Leadership May 20, 2026
Discord rolls out end-to-end encryption on voice, video calls

Discord announced that all voice and video calls through the communication platform are now protected by default with end-to-end encryption (E2EE). [...]

Bleeping Computer Read →
← Prev 589 / 1477 Next →