cyberintel.kalymoon.com · 20841 articles · updated every 4 hours · grows forever
A vulnerability described as critical has been identified in Aas-ee open-webSearch up to 2.1.6 . This affects an unknown part. Executing a manipulation can lead to server-side request forgery. This vu…
A vulnerability classified as critical has been found in Ivanti Xtraction up to 2026.1 . This vulnerability affects unknown code of the component HTML File Handler . The manipulation leads to file inc…
A vulnerability classified as problematic was found in OALDERS LWP::UserAgent up to 6.82 on Perl. This issue affects some unknown processing. The manipulation results in insufficiently protected crede…
A vulnerability, which was classified as critical , has been found in Ivanti Virtual Traffic Manager up to 22.9r3 . Impacted is an unknown function. This manipulation causes os command injection. The …
A vulnerability, which was classified as critical , was found in Ivanti Endpoint Manager up to 2024 SU5 . The affected element is an unknown function of the component Web Console . Such manipulation l…
A vulnerability has been found in Ivanti Endpoint Manager up to 2024 SU5 and classified as problematic . The impacted element is an unknown function of the component Core Server . Performing a manipul…
A vulnerability was found in Mozilla Firefox up to 150.0.2 and classified as critical . This affects an unknown function of the component Profile Backup Component . Executing a manipulation can lead t…
A vulnerability was found in Ivanti Secure Access Client up to 22.8R5 . It has been classified as critical . This impacts an unknown function. The manipulation leads to race condition. This vulnerabil…
A vulnerability was found in Ivanti Endpoint Manager up to 2024 SU5 . It has been declared as critical . Affected is an unknown function. The manipulation results in incorrect permission assignment. T…
A critical security flaw has been identified in the Cline Kanban server that allows threat actors to exfiltrate workspace data and execute arbitrary code silently and remotely. Security researcher The…
North Korean hackers have found a new way to hide malware inside the tools that software developers rely on every single day. Instead of sending phishing emails or planting fake links, they are now bu…
A new wave of cyberattacks is putting Microsoft Teams users on high alert across organizations worldwide. Hackers have been found hijacking Teams accounts to impersonate IT support staff and push a da…
On May 12, 2026, SAP released its highly anticipated monthly Security Patch Day updates, addressing numerous severe security flaws across its entire enterprise software portfolio. The most alarming di…
A new and highly stealthy campaign distributing Vidar Stealer has surfaced, targeting Windows users with a sophisticated attack chain designed to slip past endpoint defenses and harvest sensitive cred…
A series of newly discovered vulnerabilities in Zoom’s software ecosystem could hand local attackers the keys to your system. As organizations continue to rely heavily on virtual meetings, threat acto…
A new and growing wave of phishing attacks is making credential theft easier than ever before. Threat actors are now using Vercel, a legitimate AI-powered web development platform, to build convincing…
Apple begins rolling out end-to-end encrypted RCS messaging between iPhone and Android in iOS 26.5
Mini Shai-Hulud compromises TanStack npm packages and spreads across PyPI
With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up
OpenAI has unveiled Daybreak, its answer to Anthropic’s Claude Mythos, amid a growing market for frontier AI-powered cyber defense platforms. The initiative combines OpenAI’s large language models, Co…
JetBrains has patched a high-severity vulnerability (CVE-2026-44413) in TeamCity, its popular continuous integration and continuous delivery platform, and is urging organizations with on-premises and …
Security and IT teams are under pressure to adopt AI, but many are seeing the opposite of what was promised. Tools that demo well don’t hold up in real workflows. Complexity increases. Trust breaks do…
General Motors has agreed to a $12.75 million settlement with California over allegations that it unlawfully sold drivers’ location and behavioral data to brokers, marking the largest penalty in the h…
Instructure, the company behind the online learning platform Canvas, said it reached an agreement with the extortion group ShinyHunters to prevent data stolen in a recent breach from being leaked onli…