cyber·news

HIGH

CVE-2026-35630 (CVSS 8) — OpenClaw before 2026.5.18 contains an authorization bypass vulnerability in QQBot native approval bu...

NVD CVE-2026-35630 7d ago

HIGH

CVE-2026-32905 (CVSS 8.3) — OpenClaw before 2026.5.4 contains an authorization bypass vulnerability in the bundled device-pair p...

NVD CVE-2026-32905 7d ago

HIGH

CVE-2026-10069 (CVSS 7.5) — A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of...

NVD CVE-2026-10069 7d ago

HIGH

CVE-2026-10067 (CVSS 8.8) — A vulnerability was detected in Shibby Tomato 1.28. Impacted is the function sub_90F0 of the file mu...

NVD CVE-2026-10067 7d ago

HIGH

CVE-2026-10066 (CVSS 8.8) — A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the funct...

NVD CVE-2026-10066 7d ago

MEDIUM

CVE-2026-10064 (CVSS 6.3) — A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSe...

NVD CVE-2026-10064 7d ago

HIGH

CVE-2018-25404 (CVSS 8.2) — The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated atta...

NVD CVE-2018-25404 7d ago

HIGH

CVE-2018-25403 (CVSS 8.2) — The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated atta...

NVD CVE-2018-25403 7d ago

HIGH

CVE-2018-25402 (CVSS 8.2) — The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated atta...

NVD CVE-2018-25402 7d ago

HIGH

CVE-2018-25401 (CVSS 8.2) — The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated atta...

NVD CVE-2018-25401 7d ago

HIGH

CVE-2018-25400 (CVSS 8.2) — The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated atta...

NVD CVE-2018-25400 7d ago

HIGH

CVE-2018-25399 (CVSS 8.2) — The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated atta...

NVD CVE-2018-25399 7d ago

HIGH

CVE-2018-25398 (CVSS 8.2) — The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated atta...

NVD CVE-2018-25398 7d ago

HIGH

CVE-2018-25396 (CVSS 7.5) — Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthentic...

NVD CVE-2018-25396 7d ago

HIGH

CVE-2018-25395 (CVSS 8.2) — Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to ...

NVD CVE-2018-25395 7d ago

HIGH

CVE-2018-25394 (CVSS 8.2) — Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to ...

NVD CVE-2018-25394 7d ago

HIGH

CVE-2018-25392 (CVSS 7.1) — MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users t...

NVD CVE-2018-25392 7d ago

HIGH

CVE-2018-25391 (CVSS 7.5) — HaPe PKH 1.1 fails to enforce authorization on its record deletion endpoints, allowing unauthenticat...

NVD CVE-2018-25391 7d ago

HIGH

CVE-2018-25390 (CVSS 8.2) — HaPe PKH 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipu...

NVD CVE-2018-25390 7d ago

HIGH

CVE-2018-25389 (CVSS 8.2) — HaPe PKH 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipu...

NVD CVE-2018-25389 7d ago

HIGH

CVE-2018-25388 (CVSS 8.8) — HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to ...

NVD CVE-2018-25388 7d ago

HIGH

CVE-2018-25386 (CVSS 8.2) — HaPe PKH 1.1 contains multiple SQL injection vulnerabilities in admin/media.php that allow attackers...

NVD CVE-2018-25386 7d ago

HIGH

CVE-2018-25385 (CVSS 8.2) — E-Registrasi Pencak Silat 18.10 contains an SQL injection vulnerability that allows unauthenticated ...

NVD CVE-2018-25385 7d ago

HIGH

CVE-2018-25383 (CVSS 8.4) — Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing t...

NVD CVE-2018-25383 7d ago

HIGH

CVE-2018-25382 (CVSS 8.2) — Zechat 1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to extract ...

NVD CVE-2018-25382 7d ago

CRITICAL

CVE-2026-4290 (CVSS 9.1) — The WP Travel Pro plugin for WordPress is vulnerable to arbitrary user deletion via the /wp-json/wp-...

NVD CVE-2026-4290 7d ago

HIGH

CVE-2026-10063 (CVSS 8.8) — A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the functio...

NVD CVE-2026-10063 7d ago

HIGH

CVE-2026-10062 (CVSS 8.8) — A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the...

NVD CVE-2026-10062 7d ago

CRITICAL

CVE-2026-10042 (CVSS 9.8) — manga-image-translator contains a remote code execution vulnerability in the shared API server mode ...

NVD CVE-2026-10042 7d ago

INFO

Hackers Leak DentaQuest Information Impacting 2.6 Million

SecurityWeek breachesransomwaresupply-chain +11 22h ago

INFO

Instructure Breach Exposes Schools' Vendor Dependence

rss:darkreading 30d ago

INFO

ShinyHunters Claims Second Attack Against Instructure

rss:darkreading 28d ago

INFO

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

The Hacker News 25d ago

INFO

Congress Puts Heat on Instructure After Canvas Outage

rss:darkreading 21d ago

INFO

7-Eleven confirms breach after ShinyHunters claims

The Record 16d ago

INFO

7-Eleven data breach exposes personal information of 185,000 people

BleepingComputer 11d ago

INFO

185,000 Likely Impacted by 7-Eleven Data Breach

SecurityWeek 10d ago

INFO

Charter confirms data breach after ShinyHunters extortion threat

BleepingComputer 10d ago

INFO

Carnival Cruise confirms data breach affecting nearly 6 million people

BleepingComputer 8d ago

INFO

Charter Communications data breach affects 4.9 million accounts

BleepingComputer 8d ago

INFO

Charter Communications Data Breach Could Impact Nearly 5 Million

SecurityWeek 7d ago

INFO

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

The Hacker News CVE-2026-39987supply-chainbreaches 7d ago

INFO

Asia's Cyber Insurance Market Shows Signs of Life

rss:darkreading breachesmalwarethreat-actors 7d ago

INFO

MokN Raises $15 Million for Phish-Back Platform

SecurityWeek breachesransomwaresupply-chain 7d ago

CRITICAL

CVE-2026-46376 (CVSS 9.8) — FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users m...

NVD CVE-2026-46376 7d ago

HIGH

CVE-2026-44239 (CVSS 8.8) — FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJA...

NVD CVE-2026-44239 7d ago

HIGH

CVE-2026-44238 (CVSS 8.8) — FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows S...

NVD CVE-2026-44238 7d ago

HIGH

CVE-2026-44237 (CVSS 8.1) — FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation do...

NVD CVE-2026-44237 7d ago

INFO

CVE-2026-40528 (CVSS 3.8) — OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerabilit...

NVD CVE-2026-40528 7d ago

HIGH

CVE-2026-10073 (CVSS 7.5) — DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated...

NVD CVE-2026-10073 7d ago

HIGH

CVE-2026-10072 (CVSS 7.2) — DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing privileged re...

NVD CVE-2026-10072 7d ago

MEDIUM

CVE-2026-10061 (CVSS 6.3) — A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the fi...

NVD CVE-2026-10061 7d ago

MEDIUM

CVE-2026-10060 (CVSS 6.3) — A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRout...

NVD CVE-2026-10060 7d ago

CRITICAL

CVE-2026-10071 (CVSS 9.8) — DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing unauthenticat...

NVD CVE-2026-10071 7d ago

INFO

With Complex Cloud Integrations, Small Errors Lead to Major Compromises

rss:darkreading breachesmalwarethreat-actors 7d ago

INFO

Gogs Zero-Day Exposes Servers to Remote Code Execution

SecurityWeek breachesransomwaresupply-chain 7d ago

HIGH

CVE-2025-41281 (CVSS 7.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41281 7d ago

HIGH

CVE-2025-41280 (CVSS 7.8) — Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX ...

NVD CVE-2025-41280 7d ago

HIGH

CVE-2025-41279 (CVSS 7.2) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41279 7d ago

HIGH

CVE-2025-41278 (CVSS 7.8) — Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version...

NVD CVE-2025-41278 7d ago

CRITICAL

CVE-2025-41277 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41277 7d ago

Prev Page 9 / 39 Next

INFO SecurityWeek Fri, 05 Jun 2026 11:33:27 UTC

Hackers Leak DentaQuest Information Impacting 2.6 Million

https://www.securityweek.com/hackers-leak-dentaquest-information-impacting-2-6-million/

TL;DR

The ShinyHunters extortion group leaked roughly 234 GB of data allegedly stolen from the dental benefits administrator. The post Hackers Leak DentaQuest Information Impacting 2.6 Million appeared first on SecurityWeek .

breachesransomwaresupply-chain

Read full story ↗