A vulnerability described as critical has been identified in Ctrlpanel-gg panel up to 1.1.x . This affects an unknown part. The manipulation results in os command injection. This vulnerability is know…
cyberintel.kalymoon.com · 35665 articles · updated every 4 hours · grows forever
A vulnerability described as critical has been identified in Ctrlpanel-gg panel up to 1.1.x . This affects an unknown part. The manipulation results in os command injection. This vulnerability is know…
A vulnerability classified as critical has been found in mantisbt Mantis Bug Tracker up to 2.28.1 . This vulnerability affects unknown code of the file manage_proj_user_add.php of the component Custom…
A vulnerability classified as problematic was found in mantisbt Mantis Bug Tracker up to 2.28.1 . This issue affects some unknown processing of the file bug_report_page.php of the component Project Na…
A vulnerability, which was classified as critical , has been found in Ctrlpanel-gg panel up to 1.1.x . Impacted is the function store/update of the component PATCH Request Handler . Performing a manip…
A vulnerability, which was classified as problematic , was found in Ctrlpanel-gg panel up to 1.1.x . The affected element is the function datatable of the file app/Http/Controllers/Admin/RoleControlle…
A vulnerability has been found in Ledger Nano X, Flex and Stax up to 2.4.1 and classified as problematic . The impacted element is an unknown function of the component MCU Firmware Update Handler . Th…
A vulnerability was found in TODDR Template::Plugin::HTML up to 3.102 on Perl and classified as problematic . This affects an unknown function of the component HTML Attribute Handler . The manipulatio…
A vulnerability was found in AMD EPYC 4004, EPYC 4005, Ryzen 6000 Processors with Radeon Graphics, Ryzen 7040 Mobile Processors with Radeon Graphics, Ryzen 7045 Mobile Processors with Radeon Graphics,…
A vulnerability was found in Ledger ledgerhq, hw-app-eth and Live up to 6.34.6 . It has been declared as problematic . Affected is an unknown function of the component Data Message Handler . Such mani…
A vulnerability was found in Ctrlpanel-gg panel up to 1.1.x . It has been rated as problematic . Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument n…
Incident Involved an Unnamed Third-Party Vendor New York City's municipal healthcare system is notifying nearly 2 million patients of a hacking incident discovered earlier this year involving a third-…
Commission VP Henna Virkkunen Pledges Action in Tuesday Parliamentary Session The European Commission is defending its response to the advent of artificial intelligence models with strong cybersecurit…
Appeals Court Weighs Pentagon Authority Over Frontier AI Providers A majority of judges on a U.S. federal appeals court appeared disposed to allowing Defense Secretary Pete Hegseth to bar Anthropic fr…
Researchers Identify 455 Malicious Apps Tied to Global Malvertising Campaign Cybercriminals used malicious Android apps to funnel unwitting users to an ad fraud scam that generated up to 659 million d…
A ransomware group called The Gentlemen has been quietly building one of the most aggressive cybercriminal operations seen in recent years. Emerging publicly in the second half of 2025, the group rapi…
macOS users are facing a new and sophisticated threat as a variant of the SHub infostealer malware, dubbed “Reaper,” has been observed deploying a fake Google Software Update LaunchAgent to maintain p…
A newly documented attack chain linked to the threat group UAC-0184 has been observed using Windows’ built-in bitsadmin tool and HTA files to sneak malicious payloads onto targeted systems. The campai…
Until a few days ago, a publicly-accessible GitHub repository exposed credentials for both US government AWS accounts and internal Cybersecurity and Infrastructure Security Agency (CISA) systems. That…
The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."
YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks.
Verizon's "2026 Data Breach Investigations Report" ("DBIR") finds that exploits are now involved in 31% of initial access for breaches, while patching lags too far behind the bad guys.
Discord announced that all voice and video calls through the communication platform are now protected by default with end-to-end encryption (E2EE). [...]
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing service to generate fraudulent code-signing certificates used by ransomware …