cyberintel.kalymoon.com · 21051 articles · updated every 4 hours · grows forever
A vulnerability has been found in RealMag777 BEAR Plugin up to 1.1.7.1 on WordPress and classified as critical . This impacts an unknown function. Performing a manipulation results in sql injection. T…
A vulnerability was found in Hikvision Hik-Connect APP up to 6.10.x/6.11.x and classified as critical . Affected is an unknown function. Executing a manipulation can lead to permission issues. This vu…
A vulnerability was found in Vmware Spring AI up to 1.0.6/1.1.5 . It has been classified as problematic . Affected by this vulnerability is an unknown functionality of the component Chat Memory . The …
A vulnerability was found in Xpro Elementor Addons Plugin up to 1.5.1 on WordPress. It has been declared as critical . Affected by this issue is some unknown functionality. The manipulation results in…
A vulnerability was found in Saad Iqbal WP EasyPay Plugin up to 4.3.0 on WordPress. It has been rated as problematic . This affects an unknown part. This manipulation causes insertion of sensitive inf…
A vulnerability categorized as critical has been discovered in WP Travel Plugin up to 11.4.0 on WordPress. This vulnerability affects unknown code. Such manipulation leads to sql injection. This vulne…
An On Demand video from ID Dataweb Scattered Spider continues to evolve, and organizations across financial services, healthcare, insurance, telecommunications, and other sectors are strengthening def…
Online shoppers have long been targets of digital theft, but a recent wave of attacks has raised the stakes in a troubling new way. Hackers tied to the notorious Magecart group are now hiding credit c…
A serious cluster of vulnerabilities has been uncovered in PHP’s core string processing and ext-soap components, putting numerous web servers at immediate risk of total takeover. While the SOAP extens…
Researchers have exposed a catastrophic vulnerability hiding inside the “Claude in Chrome” extension. By weaponizing an otherwise harmless, zero-permission extension, invisible attackers can completel…
A popular AI development library has been turned into a weapon. The mistralai PyPI package, version 2.4.6, was found to contain malicious code secretly injected by attackers, putting developers and or…
A fake Chrome browser extension pretending to be the popular TronLink crypto wallet has been caught stealing sensitive wallet credentials from unsuspecting users. The malicious extension operates sile…
The ICO has fined South Staffordshire Water nearly £1m for a series of data protection failings
HiddenLayer reveals infostealer malware in a Hugging Face repository
Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ReliaQuest researchers
I’ve been a CISO for two separate companies, know several CISOs personally, and interact with many others through various cybersecurity forums. We all have one thing in common. We can tell you our pat…
Serving in the military requires a precise, tactical mindset, and that’s exactly what Barry Hensley espoused during his 24 years in the US Army , where he rose to the rank of colonel. The military “is…
I spent the first week of April reading three separate threat intelligence reports that, on the surface, had nothing in common. One covered a North Korean campaign that had published over 1,700 malici…
A newly disclosed cPanel vulnerability is being exploited at scale, giving attackers a route into web hosting environments that many enterprises may not monitor closely. Analysts say the risk highligh…
Developers looking for Anthropic’s increasingly popular Claude Code tool are now being lured into downloading malware. According to researchers at Ontinue, attackers are abusing a fake Claude Code ins…
OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI models, Codex Security, and c…
Car manufacturer Škoda discovered that attackers had exploited a vulnerability in its online shop software and gained temporary unauthorized access to the system. What happened? After discovering the …
Recent disclosures have revealed that open-source networking tool dnsmasq is grappling with a serious set of vulnerabilities. The problems span memory safety and input validation, with researchers ide…
Citrix has introduced Citrix Platform Flex, a secure access platform that combines software, management, and infrastructure to deliver managed desktops, enterprise browsing, and zero-trust access in a…