cyber·news

HIGH

CVE-2026-9453 (CVSS 7.3) — A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125....

NVD CVE-2026-9453 12d ago

INFO

Oncology Institute Discloses Data Breach

SecurityWeek breachesransomwaresupply-chain 12d ago

CRITICAL

CVE-2026-26980 (CVSS 9.4) — Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated a...

NVD CVE-2026-26980 +2 106d ago

INFO

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

BleepingComputer 13d ago

INFO

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

The Hacker News 12d ago

INFO

The Alert Firehose Finally Meets Its Match

The Hacker News supply-chainbreachesmalware 12d ago

INFO

266,000 Affected by Data Breach at Radiology Associates of Richmond

SecurityWeek breachesransomwaresupply-chain 12d ago

HIGH

CVE-2026-9452 (CVSS 7.3) — A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc85...

NVD CVE-2026-9452 12d ago

HIGH

CVE-2026-9447 (CVSS 7.3) — A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted elemen...

NVD CVE-2026-9447 12d ago

INFO

China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa

The Hacker News supply-chainbreachesmalware +10 2d ago

INFO

Middle East Cyber Battle Field Broadens — Especially in UAE

rss:darkreading 31d ago

INFO

Cyber Resilience is the New Business Continuity Plan

SecurityWeek 18d ago

INFO

Windows Zero-Day Barrage Continues After Patch Tuesday

rss:darkreading 18d ago

INFO

Identity Alone Isn't Enough: Why Device Security Has to Share the Load

BleepingComputer 17d ago

INFO

Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects

SecurityWeek 12d ago

INFO

Iranian APT Targets Aviation, Software Companies With Updated Tools

SecurityWeek 11d ago

INFO

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

The Hacker News 11d ago

INFO

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

The Hacker News 9d ago

INFO

Global Stock Exchange Hit by Monthslong Email Campaign

rss:darkreading 3d ago

INFO

What 345 Days of Untested Exposure Looks Like at a Bank

BleepingComputer 3d ago

INFO

Laravel-Lang Packages Poisoned for Malware Delivery

SecurityWeek breachesransomwaresupply-chain 12d ago

HIGH

CVE-2026-9443 (CVSS 8.8) — A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the ...

NVD CVE-2026-9443 12d ago

HIGH

CVE-2026-9442 (CVSS 8.8) — A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurve...

NVD CVE-2026-9442 12d ago

INFO

DocketWise Data Breach Impacts 143,000

SecurityWeek breachesransomwaresupply-chain 12d ago

INFO

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

The Hacker News supply-chainbreachesmalware 12d ago

CRITICAL

CVE-2026-9436 (CVSS 9.8) — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function ...

NVD CVE-2026-9436 12d ago

CRITICAL

CVE-2026-9435 (CVSS 9.8) — A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the fu...

NVD CVE-2026-9435 12d ago

HIGH

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials

The Hacker News supply-chainbreachesmalware +81 18d ago

INFO

ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax

rss:cisa-advisories 25d ago

INFO

Fuji Electric Tellus

rss:cisa-advisories 25d ago

INFO

ABB AC500 V3 Multiple Vulnerabilities

rss:cisa-advisories 25d ago

INFO

Subnet Solutions PowerSYSTEM Center

rss:cisa-advisories 25d ago

INFO

ABB Automation Builder Gateway for Windows

rss:cisa-advisories 25d ago

INFO

ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities

rss:cisa-advisories 25d ago

INFO

Siemens Siemens ROS#

rss:cisa-advisories 23d ago

INFO

Siemens gWAP

rss:cisa-advisories 23d ago

INFO

Siemens SIMATIC

rss:cisa-advisories 23d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 23d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 23d ago

INFO

Siemens Simcenter Femap

rss:cisa-advisories 23d ago

INFO

Universal Robots Polyscope 5

rss:cisa-advisories 23d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 23d ago

INFO

Siemens Teamcenter

rss:cisa-advisories 23d ago

INFO

Siemens Solid Edge

rss:cisa-advisories 23d ago

INFO

Siemens SENTRON 7KT PAC1261 Data Manager

rss:cisa-advisories 23d ago

INFO

Siemens Opcenter RDnL

rss:cisa-advisories 23d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 23d ago

INFO

Siemens Industrial Devices

rss:cisa-advisories 23d ago

INFO

Siemens SIMATIC S7 PLC Web Server

rss:cisa-advisories 23d ago

INFO

Siemens SIPROTEC 5

rss:cisa-advisories 23d ago

INFO

Siemens SIMATIC

rss:cisa-advisories 23d ago

INFO

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

The Hacker News 20d ago

INFO

Kieback & Peter DDC Building Controllers

rss:cisa-advisories 18d ago

INFO

Siemens RUGGEDCOM APE1808 Devices

rss:cisa-advisories 18d ago

INFO

ABB CoreSense HM and CoreSense M10

rss:cisa-advisories 18d ago

INFO

ScadaBR

rss:cisa-advisories 18d ago

INFO

ZKTeco CCTV Cameras

rss:cisa-advisories 18d ago

INFO

CISA Exposes Secrets, Credentials in 'Private' Repo

rss:darkreading 18d ago

INFO

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories

The Hacker News 17d ago

INFO

GitHub investigates internal repositories breach claimed by TeamPCP

BleepingComputer 17d ago

INFO

GitHub confirms breach of 3,800 repos via malicious VSCode extension

BleepingComputer 17d ago

INFO

Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)

rss:cisa-advisories 17d ago

INFO

Senator presses CISA for answers about alleged GitHub repository leak

The Record 17d ago

INFO

GitHub confirms being hacked by TeamPCP, says customer data unaffected

The Record 17d ago

INFO

Grafana breach caused by missed token rotation after TanStack attack

BleepingComputer 17d ago

INFO

GitHub Confirms Breach, 4K Internal Repos Stolen

rss:darkreading 17d ago

INFO

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

The Hacker News 16d ago

INFO

GitHub links repo breach to TanStack npm supply-chain attack

BleepingComputer 16d ago

INFO

ABB Terra AC Wallbox

rss:cisa-advisories 16d ago

INFO

ABB B&R Automation Studio

rss:cisa-advisories 16d ago

INFO

ABB B&R Automation Runtime

rss:cisa-advisories 16d ago

INFO

ABB B&R PCs

rss:cisa-advisories 16d ago

INFO

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack

SecurityWeek 15d ago

INFO

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

The Hacker News 15d ago

INFO

CISA Security Leak

rss:schneier 15d ago

INFO

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Krebs 15d ago

INFO

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

The Hacker News 14d ago

INFO

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

The Hacker News 14d ago

INFO

Laravel Lang packages hijacked to deploy credential-stealing malware

BleepingComputer 14d ago

INFO

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

SecurityWeek 12d ago

INFO

ABB Terra AC

rss:cisa-advisories 11d ago

INFO

ABB LVS MConfig

rss:cisa-advisories 11d ago

INFO

ABB Ability Camera Connect

rss:cisa-advisories 11d ago

INFO

Eppendorf BioFlo 320

rss:cisa-advisories 11d ago

INFO

ABB AbilityTM Zenon Remote Transport Vulnerability

rss:cisa-advisories 11d ago

INFO

ABB AC500 V2

rss:cisa-advisories 11d ago

INFO

ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)

rss:cisa-advisories 11d ago

INFO

Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos

rss:darkreading 11d ago

INFO

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

The Hacker News 10d ago

INFO

ABB EIBPORT

rss:cisa-advisories 9d ago

INFO

Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter

rss:cisa-advisories 9d ago

INFO

ABB Busch-Welcome 2 Wire Door Opener Actuator

rss:cisa-advisories 9d ago

INFO

Fourth Frontier Frontier X Mobile Application, Frontier X2

rss:cisa-advisories 9d ago

INFO

CP Plus 8 Ch. Network Video Recorder

rss:cisa-advisories 9d ago

INFO

XCharge C6

rss:cisa-advisories 9d ago

INFO

KMW CCTV Security Cameras

rss:cisa-advisories 9d ago

INFO

MacGregor Voyage Data Recorder (VDR) G4e

rss:cisa-advisories 9d ago

INFO

Supply Chain Compromises Impact Nx Console and GitHub Repositories

rss:cisa-advisories 9d ago

INFO

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

The Hacker News 9d ago

INFO

Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more

The Record 8d ago

INFO

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

The Hacker News 5d ago

INFO

Red Hat removes tainted packages after software pipeline compromise

The Record 4d ago

INFO

VS Code zero-day lets hackers steal GitHub tokens in one click

BleepingComputer 3d ago

INFO

NAVTOR NavBox

rss:cisa-advisories 2d ago

INFO

Hitachi Energy MACH HiDraw

rss:cisa-advisories 2d ago

INFO

Hitachi Energy ITT600 Explorer

rss:cisa-advisories 2d ago

INFO

B&R PPT30 Operating System

rss:cisa-advisories 2d ago

INFO

Hitachi Energy RTU500

rss:cisa-advisories 2d ago

INFO

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

The Hacker News 2d ago

CRITICAL

CVE-2026-9434 (CVSS 9.8) — A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the ...

NVD CVE-2026-9434 12d ago

CRITICAL

CVE-2026-9433 (CVSS 9.8) — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct...

NVD CVE-2026-9433 12d ago

CRITICAL

CVE-2026-9432 (CVSS 9.8) — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affe...

NVD CVE-2026-9432 12d ago

HIGH

CVE-2026-9431 (CVSS 8.8) — A vulnerability was identified in Tenda F1202 1.2.0.20(408). This affects the function fromPptpUserA...

NVD CVE-2026-9431 12d ago

HIGH

CVE-2026-9430 (CVSS 8.8) — A vulnerability was determined in Tenda F1202 1.2.0.20(408). Affected by this issue is the function ...

NVD CVE-2026-9430 12d ago

HIGH

CVE-2026-9429 (CVSS 8.8) — A vulnerability was found in Tenda F1202 1.2.0.20(408). Affected by this vulnerability is the functi...

NVD CVE-2026-9429 12d ago

HIGH

CVE-2026-9428 (CVSS 8.8) — A vulnerability has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromPPTPUserSe...

NVD CVE-2026-9428 12d ago

HIGH

Grafana GitHub Breach Exposes Source Code via TanStack npm Attack

The Hacker News supply-chainbreachesmalware +16 17d ago

INFO

The npm Threat Landscape: Attack Surface and Mitigations (Updated May 1)

rss:unit42 35d ago

INFO

Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain

rss:darkreading 25d ago

HIGH

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

The Hacker News 23d ago

HIGH

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

The Hacker News 19d ago

HIGH

Developer Workstations Are Now Part of the Software Supply Chain

The Hacker News 19d ago

HIGH

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

The Hacker News 19d ago

HIGH

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

The Hacker News 18d ago

INFO

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

SecurityWeek 17d ago

INFO

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

The Hacker News 12d ago

INFO

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

The Hacker News 8d ago

INFO

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

The Hacker News 5d ago

INFO

Red Hat npm packages compromised to steal developer credentials

BleepingComputer 5d ago

INFO

Supply Chain Attack Hits 32 Red Hat NPM Packages

SecurityWeek 4d ago

INFO

New IronWorm malware hits 36 packages in npm supply-chain attack

BleepingComputer 2d ago

INFO

Rust-Written IronWorm Hits NPM Supply Chain

rss:darkreading 1d ago

INFO

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

The Hacker News 1d ago

HIGH

CVE-2026-9427 (CVSS 8.8) — A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the f...

NVD CVE-2026-9427 12d ago

HIGH

CVE-2026-9426 (CVSS 8.8) — A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the f...

NVD CVE-2026-9426 12d ago

HIGH

CVE-2026-9425 (CVSS 8.8) — A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The impacted element is the fu...

NVD CVE-2026-9425 12d ago

HIGH

CVE-2026-9422 (CVSS 7.3) — A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown proce...

NVD CVE-2026-9422 12d ago

HIGH

CVE-2026-9421 (CVSS 7.3) — A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the functi...

NVD CVE-2026-9421 12d ago

CRITICAL

CVE-2026-9408 (CVSS 9.8) — A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the ...

NVD CVE-2026-9408 12d ago

CRITICAL

CVE-2026-9407 (CVSS 9.8) — A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this...

NVD CVE-2026-9407 12d ago

CRITICAL

CVE-2026-9406 (CVSS 9.8) — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function set...

NVD CVE-2026-9406 12d ago

CRITICAL

CVE-2026-9405 (CVSS 9.8) — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This impacts the functi...

NVD CVE-2026-9405 12d ago

CRITICAL

CVE-2026-9404 (CVSS 9.8) — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function se...

NVD CVE-2026-9404 12d ago

HIGH

CVE-2026-9403 (CVSS 8.8) — A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWl...

NVD CVE-2026-9403 12d ago

HIGH

CVE-2026-9401 (CVSS 8.8) — A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup ...

NVD CVE-2026-9401 12d ago

HIGH

CVE-2026-9399 (CVSS 8.8) — A vulnerability was detected in Edimax BR-6675nD 1.12. This vulnerability affects the function forms...

NVD CVE-2026-9399 12d ago

HIGH

CVE-2026-9397 (CVSS 8.1) — A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this is...

NVD CVE-2026-9397 13d ago

HIGH

CVE-2026-9393 (CVSS 8.8) — A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G...

NVD CVE-2026-9393 13d ago

HIGH

CVE-2026-9389 (CVSS 8.8) — A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImF...

NVD CVE-2026-9389 13d ago

CRITICAL

CVE-2026-9388 (CVSS 9.8) — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the ...

NVD CVE-2026-9388 13d ago

CRITICAL

CVE-2026-9387 (CVSS 9.8) — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The affected element is...

NVD CVE-2026-9387 13d ago

CRITICAL

CVE-2026-9386 (CVSS 9.8) — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function set...

NVD CVE-2026-9386 13d ago

CRITICAL

CVE-2026-9385 (CVSS 9.8) — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct...

NVD CVE-2026-9385 13d ago

CRITICAL

CVE-2026-9384 (CVSS 9.8) — A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the fu...

NVD CVE-2026-9384 13d ago

HIGH

CVE-2026-9383 (CVSS 7.3) — A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknow...

NVD CVE-2026-9383 13d ago

HIGH

CVE-2026-9382 (CVSS 8.8) — A flaw has been found in Edimax BR-6675nD 1.12. Affected by this issue is the function formPPTPSetup...

NVD CVE-2026-9382 13d ago

HIGH

CVE-2026-9381 (CVSS 8.8) — A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the functio...

NVD CVE-2026-9381 13d ago

HIGH

CVE-2026-9380 (CVSS 8.8) — A security vulnerability has been detected in Edimax BR-6675nD 1.12. Affected is the function formL2...

NVD CVE-2026-9380 13d ago

HIGH

CVE-2026-9372 (CVSS 7.3) — A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affects unknown code of t...

NVD CVE-2026-9372 13d ago

Prev Page 18 / 39 Next

CRITICAL NVD Fri, 20 Feb 2026 02:16:54 UTC

CVE-2026-26980 (CVSS 9.4) — Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated a...

https://nvd.nist.gov/vuln/detail/CVE-2026-26980

TL;DR

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

CVE-2026-26980

Read full story ↗