Microsoft has disclosed a critical remote code execution vulnerability in its Office ecosystem that can be exploited through a malicious Excel file. The vulnerability, tracked as CVE-2025-60727, affec…
cyberintel.kalymoon.com · 33359 articles · updated every 4 hours · grows forever
Microsoft has disclosed a critical remote code execution vulnerability in its Office ecosystem that can be exploited through a malicious Excel file. The vulnerability, tracked as CVE-2025-60727, affec…
Dell Technologies has released a critical security advisory addressing multiple vulnerabilities in its Wyse Management Suite (WMS), warning that attackers could exploit these flaws to execute arbitrar…
Group-IB says Millenium RAT, now rewritten in C++, has hit 62,289 devices in 160+ countries
OpenAI is previewing its GPT-5.6 Sol model to a vetted few at the US government's request
PrivacyHawk has announced the general availability of PrivacyHawk Enterprise, a solution that identifies and eliminates the shadow IT accounts, abandoned SaaS subscriptions, and forgotten third-party …
The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization. The post Insurance Regulators Group NAIC Hit in Oracle PeopleSoft Hack appeared first on SecurityWeek .
The startup’s platform can identify AI agents and provide visibility into their access, behavior, and risks. The post Straiker Raises $64 Million for AI Security Platform appeared first on SecurityWee…
Indirect prompts hidden in a repository can lead to Claude Code spawning a reverse shell on the developer’s machine. The post Researchers Demo New Claude Code Attack Using Harmless-Looking Repositorie…
An optional ‘username key’ adds another layer by requiring a secondary credential before someone can message users. The post WhatsApp Rolling Out Username Feature to Bolster Phone Number Privacy appea…
New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framewo…
This week was a reminder that attackers do not always need big tricks. One small mistake, one old access path, one missed patch, and suddenly the door is open. The noise is not all noise, either. Foru…
Business email compromise attacks increasingly rely on convincing impersonation rather than malware, making them harder for employees and traditional email defenses to detect. This webinar explores ho…
Attackers have begun exploiting a critical vulnerability (CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial application, according to threat intelligence company Defused. [...]
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Window…
AI agents can access data, trigger workflows, and take action across enterprise systems. Token Security explains why governing these privileged identities is becoming essential for enterprise security…
The U.S. Department of State is offering up to $10 million for information that helps identify or locate members of the UNC5792 and UNC4221 hacker groups, which are linked to Russia's intelligence and…
Why Post-Quantum Cryptography Starts With Credentials The Hacker News
Apply to IBM Quantum Developer Conference 2026 IBM
From mythos to reality: Why the 2026 state of pentesting report proves the need for programmatic defenses Cybersecurity Dive
A vulnerability classified as problematic has been found in Hitachi Virtual Storage Platform One Block 23/24/26/28 . This vulnerability affects unknown code of the component Firmware Update Handler . …
A vulnerability classified as critical was found in Hitachi Virtual Storage Platform E390, Virtual Storage Platform E590, Virtual Storage Platform E790, Virtual Storage Platform E990, Virtual Storage …
A vulnerability, which was classified as problematic , has been found in Hitachi Virtual Storage Platform 5100, Virtual Storage Platform 5200, Virtual Storage Platform 5500, Virtual Storage Platform 5…
A vulnerability, which was classified as problematic , was found in APCu Manager Plugin up to 4.4.x on WordPress. The affected element is an unknown function. Such manipulation leads to cross site scr…
A vulnerability has been found in F4 Post Tree Plugin up to 2.0.4 on WordPress and classified as critical . The impacted element is an unknown function of the component AJAX Action Handler . Performin…