cyberintel.kalymoon.com · 21237 articles · updated every 4 hours · grows forever
A vulnerability described as critical has been identified in Outline up to 1.6.x . Impacted is the function fs.createWriteStream . Such manipulation leads to path traversal. This vulnerability is docu…
A vulnerability classified as critical has been found in HAARG HTTP::Tiny up to 0.092 on Perl. The affected element is an unknown function of the component HTTP Request Handler . Performing a manipula…
A vulnerability classified as problematic was found in barebox up to 2026.04.0 . The impacted element is the function dhcp_message_type of the component DHCP Handler . Executing a manipulation can lea…
A vulnerability, which was classified as critical , has been found in advplyr audiobookshelf up to 2.33.1 . This affects an unknown function of the file server/controllers/PodcastController.js of the …
A vulnerability, which was classified as problematic , was found in Pi-hole up to 6.4.1 . This impacts an unknown function of the file pihole-FTL-prestart.sh . The manipulation results in incorrect pe…
A vulnerability has been found in QuickJS-NG 0.12.1 and classified as critical . Affected is the function js_mapped_arguments_mark . This manipulation causes privilege escalation. This vulnerability i…
Unit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral detection for defenders. The post Inside AD CS Escalation: Unpacking Advan…
Apple today released its typical feature update across it&#;x26;#;39;s operating systems (iOS, iPadOS, macOS, tvOS, watchOS, vision OS). With this update, Apple patched 84 different vulnerabilities. U…
In the face of relentless cyberattacks that threaten patient safety, hospitals must strengthen their resilience, with clinical continuity, secure backups and coordinated recovery emerging as critical …
Internal Communications Dumped Online, Revealing Fresh Victims, Repeat Tactics Ransomware group The Gentlemen, a relative newcomer to the cybercrime scene, suffered a leak of its internal communicatio…
ICO Warns Key Security Gaps Led to Exposed Data of Over 630,000 People A British regulator said a major water sector organization failed to use establish cybersecurity safeguards to secure sensitive d…
Cloud Connectivity, Security Operations Providers Reportedly Chop 20%, 7% of Staff Cloudflare cut more than 1,100 workers from its 5,483-person staff, saying the layoffs will align Cloudflare's operat…
A significant supply-chain compromise affecting 84 npm package artifacts across the TanStack namespace. The malicious versions, published to the npm registry at approximately 19:20 and 19:26 UTC, cont…
A fatal authentication bypass vulnerability is actively affecting cPanel and WebHost Manager (WHM) servers worldwide. Tracked as CVE-2026-41940 and bearing an apocalyptic maximum severity score of 9.8…
Security controls can do only so much. Here are four attacks where your employees are usually your first, and only, line of cyber defense.
The Federal Communications Commission eased some restrictions and pushed back deadlines for foreign router manufacturers, but the ban is still in place.
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SM…
Checkmarx warned over the weekend that a rogue version of its Jenkins Application Security Testing (AST) plugin had been published on the Jenkins Marketplace. [...]
California Attorney General Rob Bonta announced a proposed $12.75 million settlement agreement with General Motors (GM) over allegations that the company violated the California Consumer Privacy Act (…
What Happens When Quantum Becomes Practical The Quantum Insider
Alice & Bob Secures $3.9M ARPA-E Award to Use Quantum Computing to Design Rare-Earth-Free Magnets Alice & Bob
2026 Global Quantum and AI Challenge Launches to Accelerate Practical Enterprise Use Cases The Quantum Insider