A vulnerability identified as problematic has been detected in Mozilla Firefox up to 150 . This impacts an unknown function of the component JAR . This manipulation causes permissive cross-domain poli…
cyberintel.kalymoon.com · 35455 articles · updated every 4 hours · grows forever
A vulnerability identified as problematic has been detected in Mozilla Firefox up to 150 . This impacts an unknown function of the component JAR . This manipulation causes permissive cross-domain poli…
A vulnerability labeled as critical has been found in Mozilla Firefox up to 150 . Affected is an unknown function of the component Audio/Video . Such manipulation leads to Remote Code Execution. This …
A vulnerability marked as critical has been reported in Mozilla Firefox up to 150 on Android. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in sandbox i…
A vulnerability described as problematic has been identified in Mozilla Firefox up to 150 on Android. Affected by this issue is some unknown functionality of the component Toolbar . Executing a manipu…
A vulnerability classified as critical has been found in Eclipse Glassfish 7.1.0/8.0.0 . This affects an unknown part of the component Administration Console . The manipulation leads to code injection…
A vulnerability classified as critical was found in Eclipse Glassfish up to 7.0.x/8.0.0 . This vulnerability affects unknown code of the component Gadget Handler . The manipulation results in improper…
A vulnerability, which was classified as problematic , has been found in HestiaCP up to 1.9.4 . This issue affects some unknown processing. This manipulation causes use of less trusted source. This vu…
A vulnerability, which was classified as critical , was found in F5 NGINX JavaScript up to 0.9.8 . Impacted is the function ngx.fetch of the component HTTP Handler . Such manipulation leads to heap-ba…
A vulnerability has been found in ModelScope 1.25.0 and classified as critical . The affected element is an unknown function of the component Module Handler . Performing a manipulation results in priv…
A vulnerability was found in Technitium DNS Server up to 14.x and classified as problematic . The impacted element is an unknown function. Executing a manipulation can lead to asymmetric resource cons…
A vulnerability was found in Portrait Dell Color Management Application up to 3.6.x . It has been classified as critical . This affects an unknown function of the file CCFLFamily_07Feb11.edr of the co…
A vulnerability was found in FunnelKit Funnel Builder for WooCommerce Checkout up to 3.15.0.3 . It has been declared as critical . This impacts an unknown function of the component Public Checkout End…
A vulnerability was found in Tyler TID-L . It has been rated as critical . Affected is an unknown function. This manipulation causes use of default credentials. This vulnerability only affects product…
A vulnerability categorized as critical has been discovered in gohttp 34ea51 . Affected by this vulnerability is an unknown functionality. Such manipulation leads to path traversal. This vulnerability…
Frontier AI models like Mythos are making vulnerability discovery fast and cheap. Here's how defenders use threat intelligence and agentic processing to prioritize and act at the same speed.
Jit Context Graph Continuously Tracks Access Patterns, Entitlements, Asset History Torq acquired security context graph startup Jit to give AI-driven SOC workflows deeper awareness of organizational r…
Researchers Link MSHTA Windows Utility to Lumma Stealer, ClickFix Campaigns Cybercriminals continue abusing Microsoft’s legacy MSHTA utility to deliver malware, with researchers saying that the defaul…
Patch Rollout Slows and Ransomware Incident Volume Rises, Finds Latest Verizon DBIR The frequency of hackers exploiting vulnerabilities in hardware and software to gain initial access to a victim's en…
A newly discovered malware called VoidStealer has emerged as a serious threat to Chrome users on Windows, using a clever technique to bypass one of the browser’s most important security features. The …
Attackers have found a new way to quietly steal data from compromised networks, and this time, they are hiding behind a familiar face. Security researchers have uncovered a targeted intrusion campaign…
Microsoft has announced a significant security improvement in its Edge browser, eliminating the practice of loading saved passwords into process memory at startup. The change comes as part of the comp…
A newly disclosed critical vulnerability in Apache Flink, tracked as CVE-2026-35194, exposes distributed data processing environments to remote code execution (RCE) attacks via SQL injection flaws in …
A widely used GitHub Action called actions-cool/issues-helper has been compromised, with every version tag in the repository silently redirected to a malicious commit. The attack places stolen CI/CD p…
Hackers are actively exploiting Four-Faith industrial routers to build botnets, leveraging a critical vulnerability identified as CVE-2024-9643. Security researchers from CrowdSec report a sharp rise …