cyber·news

HIGH

CVE-2018-25396 (CVSS 7.5) — Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthentic...

NVD CVE-2018-25396 7d ago

HIGH

CVE-2018-25395 (CVSS 8.2) — Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to ...

NVD CVE-2018-25395 7d ago

HIGH

CVE-2018-25394 (CVSS 8.2) — Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to ...

NVD CVE-2018-25394 7d ago

HIGH

CVE-2018-25392 (CVSS 7.1) — MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users t...

NVD CVE-2018-25392 7d ago

HIGH

CVE-2018-25391 (CVSS 7.5) — HaPe PKH 1.1 fails to enforce authorization on its record deletion endpoints, allowing unauthenticat...

NVD CVE-2018-25391 7d ago

HIGH

CVE-2018-25390 (CVSS 8.2) — HaPe PKH 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipu...

NVD CVE-2018-25390 7d ago

HIGH

CVE-2018-25389 (CVSS 8.2) — HaPe PKH 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipu...

NVD CVE-2018-25389 7d ago

HIGH

CVE-2018-25388 (CVSS 8.8) — HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to ...

NVD CVE-2018-25388 7d ago

HIGH

CVE-2018-25386 (CVSS 8.2) — HaPe PKH 1.1 contains multiple SQL injection vulnerabilities in admin/media.php that allow attackers...

NVD CVE-2018-25386 7d ago

HIGH

CVE-2018-25385 (CVSS 8.2) — E-Registrasi Pencak Silat 18.10 contains an SQL injection vulnerability that allows unauthenticated ...

NVD CVE-2018-25385 7d ago

HIGH

CVE-2018-25383 (CVSS 8.4) — Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing t...

NVD CVE-2018-25383 7d ago

HIGH

CVE-2018-25382 (CVSS 8.2) — Zechat 1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to extract ...

NVD CVE-2018-25382 7d ago

CRITICAL

CVE-2026-4290 (CVSS 9.1) — The WP Travel Pro plugin for WordPress is vulnerable to arbitrary user deletion via the /wp-json/wp-...

NVD CVE-2026-4290 7d ago

HIGH

CVE-2026-10063 (CVSS 8.8) — A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the functio...

NVD CVE-2026-10063 7d ago

HIGH

CVE-2026-10062 (CVSS 8.8) — A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the...

NVD CVE-2026-10062 7d ago

CRITICAL

CVE-2026-10042 (CVSS 9.8) — manga-image-translator contains a remote code execution vulnerability in the shared API server mode ...

NVD CVE-2026-10042 7d ago

INFO

Hackers Leak DentaQuest Information Impacting 2.6 Million

SecurityWeek breachesransomwaresupply-chain +11 23h ago

INFO

Instructure Breach Exposes Schools' Vendor Dependence

rss:darkreading 30d ago

INFO

ShinyHunters Claims Second Attack Against Instructure

rss:darkreading 28d ago

INFO

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

The Hacker News 25d ago

INFO

Congress Puts Heat on Instructure After Canvas Outage

rss:darkreading 21d ago

INFO

7-Eleven confirms breach after ShinyHunters claims

The Record 16d ago

INFO

7-Eleven data breach exposes personal information of 185,000 people

BleepingComputer 11d ago

INFO

185,000 Likely Impacted by 7-Eleven Data Breach

SecurityWeek 10d ago

INFO

Charter confirms data breach after ShinyHunters extortion threat

BleepingComputer 10d ago

INFO

Carnival Cruise confirms data breach affecting nearly 6 million people

BleepingComputer 9d ago

INFO

Charter Communications data breach affects 4.9 million accounts

BleepingComputer 8d ago

INFO

Charter Communications Data Breach Could Impact Nearly 5 Million

SecurityWeek 7d ago

INFO

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

The Hacker News CVE-2026-39987supply-chainbreaches 7d ago

INFO

Asia's Cyber Insurance Market Shows Signs of Life

rss:darkreading breachesmalwarethreat-actors 7d ago

INFO

MokN Raises $15 Million for Phish-Back Platform

SecurityWeek breachesransomwaresupply-chain 7d ago

INFO

From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market

BleepingComputer breachesransomwaresupply-chain 7d ago

INFO

Dutch Police Dismantle Massive 17-Million-Device Botnet

SecurityWeek breachesransomwaresupply-chain +2 4d ago

INFO

Dutch govt disrupts malware botnet with 17 million infected devices

BleepingComputer 7d ago

INFO

Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

The Hacker News 5d ago

CRITICAL

CVE-2026-46376 (CVSS 9.8) — FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users m...

NVD CVE-2026-46376 7d ago

HIGH

CVE-2026-44239 (CVSS 8.8) — FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJA...

NVD CVE-2026-44239 7d ago

HIGH

CVE-2026-44238 (CVSS 8.8) — FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows S...

NVD CVE-2026-44238 7d ago

HIGH

CVE-2026-44237 (CVSS 8.1) — FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation do...

NVD CVE-2026-44237 7d ago

INFO

CVE-2026-40528 (CVSS 3.8) — OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerabilit...

NVD CVE-2026-40528 7d ago

HIGH

CVE-2026-10073 (CVSS 7.5) — DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated...

NVD CVE-2026-10073 7d ago

HIGH

CVE-2026-10072 (CVSS 7.2) — DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing privileged re...

NVD CVE-2026-10072 7d ago

MEDIUM

CVE-2026-10061 (CVSS 6.3) — A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the fi...

NVD CVE-2026-10061 7d ago

MEDIUM

CVE-2026-10060 (CVSS 6.3) — A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRout...

NVD CVE-2026-10060 7d ago

HIGH

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials

The Hacker News supply-chainbreachesmalware +81 18d ago

INFO

ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax

rss:cisa-advisories 24d ago

INFO

Fuji Electric Tellus

rss:cisa-advisories 24d ago

INFO

ABB AC500 V3 Multiple Vulnerabilities

rss:cisa-advisories 24d ago

INFO

Subnet Solutions PowerSYSTEM Center

rss:cisa-advisories 24d ago

INFO

ABB Automation Builder Gateway for Windows

rss:cisa-advisories 24d ago

INFO

ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities

rss:cisa-advisories 24d ago

INFO

Siemens Siemens ROS#

rss:cisa-advisories 22d ago

INFO

Siemens gWAP

rss:cisa-advisories 22d ago

INFO

Siemens SIMATIC

rss:cisa-advisories 22d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 22d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 22d ago

INFO

Siemens Simcenter Femap

rss:cisa-advisories 22d ago

INFO

Universal Robots Polyscope 5

rss:cisa-advisories 22d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 22d ago

INFO

Siemens Teamcenter

rss:cisa-advisories 22d ago

INFO

Siemens Solid Edge

rss:cisa-advisories 22d ago

INFO

Siemens SENTRON 7KT PAC1261 Data Manager

rss:cisa-advisories 22d ago

INFO

Siemens Opcenter RDnL

rss:cisa-advisories 22d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 22d ago

INFO

Siemens Industrial Devices

rss:cisa-advisories 22d ago

INFO

Siemens SIMATIC S7 PLC Web Server

rss:cisa-advisories 22d ago

INFO

Siemens SIPROTEC 5

rss:cisa-advisories 22d ago

INFO

Siemens SIMATIC

rss:cisa-advisories 22d ago

INFO

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

The Hacker News 20d ago

INFO

Kieback & Peter DDC Building Controllers

rss:cisa-advisories 17d ago

INFO

Siemens RUGGEDCOM APE1808 Devices

rss:cisa-advisories 17d ago

INFO

ABB CoreSense HM and CoreSense M10

rss:cisa-advisories 17d ago

INFO

ScadaBR

rss:cisa-advisories 17d ago

INFO

ZKTeco CCTV Cameras

rss:cisa-advisories 17d ago

INFO

CISA Exposes Secrets, Credentials in 'Private' Repo

rss:darkreading 17d ago

INFO

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories

The Hacker News 17d ago

INFO

GitHub investigates internal repositories breach claimed by TeamPCP

BleepingComputer 17d ago

INFO

GitHub confirms breach of 3,800 repos via malicious VSCode extension

BleepingComputer 17d ago

INFO

Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)

rss:cisa-advisories 16d ago

INFO

Senator presses CISA for answers about alleged GitHub repository leak

The Record 16d ago

INFO

GitHub confirms being hacked by TeamPCP, says customer data unaffected

The Record 16d ago

INFO

Grafana breach caused by missed token rotation after TanStack attack

BleepingComputer 16d ago

INFO

GitHub Confirms Breach, 4K Internal Repos Stolen

rss:darkreading 16d ago

INFO

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

The Hacker News 16d ago

INFO

GitHub links repo breach to TanStack npm supply-chain attack

BleepingComputer 16d ago

INFO

ABB Terra AC Wallbox

rss:cisa-advisories 15d ago

INFO

ABB B&R Automation Studio

rss:cisa-advisories 15d ago

INFO

ABB B&R Automation Runtime

rss:cisa-advisories 15d ago

INFO

ABB B&R PCs

rss:cisa-advisories 15d ago

INFO

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack

SecurityWeek 15d ago

INFO

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

The Hacker News 14d ago

INFO

CISA Security Leak

rss:schneier 14d ago

INFO

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Krebs 14d ago

INFO

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

The Hacker News 13d ago

INFO

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

The Hacker News 13d ago

INFO

Laravel Lang packages hijacked to deploy credential-stealing malware

BleepingComputer 13d ago

INFO

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

SecurityWeek 12d ago

INFO

ABB Terra AC

rss:cisa-advisories 10d ago

INFO

ABB LVS MConfig

rss:cisa-advisories 10d ago

INFO

ABB Ability Camera Connect

rss:cisa-advisories 10d ago

INFO

Eppendorf BioFlo 320

rss:cisa-advisories 10d ago

INFO

ABB AbilityTM Zenon Remote Transport Vulnerability

rss:cisa-advisories 10d ago

INFO

ABB AC500 V2

rss:cisa-advisories 10d ago

INFO

ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)

rss:cisa-advisories 10d ago

INFO

Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos

rss:darkreading 10d ago

INFO

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

The Hacker News 9d ago

INFO

ABB EIBPORT

rss:cisa-advisories 8d ago

INFO

Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter

rss:cisa-advisories 8d ago

INFO

ABB Busch-Welcome 2 Wire Door Opener Actuator

rss:cisa-advisories 8d ago

INFO

Fourth Frontier Frontier X Mobile Application, Frontier X2

rss:cisa-advisories 8d ago

INFO

CP Plus 8 Ch. Network Video Recorder

rss:cisa-advisories 8d ago

INFO

XCharge C6

rss:cisa-advisories 8d ago

INFO

KMW CCTV Security Cameras

rss:cisa-advisories 8d ago

INFO

MacGregor Voyage Data Recorder (VDR) G4e

rss:cisa-advisories 8d ago

INFO

Supply Chain Compromises Impact Nx Console and GitHub Repositories

rss:cisa-advisories 8d ago

INFO

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

The Hacker News 8d ago

INFO

Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more

The Record 7d ago

INFO

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

The Hacker News 5d ago

INFO

Red Hat removes tainted packages after software pipeline compromise

The Record 3d ago

INFO

VS Code zero-day lets hackers steal GitHub tokens in one click

BleepingComputer 3d ago

INFO

NAVTOR NavBox

rss:cisa-advisories 1d ago

INFO

Hitachi Energy MACH HiDraw

rss:cisa-advisories 1d ago

INFO

Hitachi Energy ITT600 Explorer

rss:cisa-advisories 1d ago

INFO

B&R PPT30 Operating System

rss:cisa-advisories 1d ago

INFO

Hitachi Energy RTU500

rss:cisa-advisories 1d ago

INFO

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

The Hacker News 1d ago

CRITICAL

CVE-2026-10071 (CVSS 9.8) — DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing unauthenticat...

NVD CVE-2026-10071 7d ago

INFO

With Complex Cloud Integrations, Small Errors Lead to Major Compromises

rss:darkreading breachesmalwarethreat-actors 7d ago

INFO

Gogs Zero-Day Exposes Servers to Remote Code Execution

SecurityWeek breachesransomwaresupply-chain 7d ago

HIGH

CVE-2025-41281 (CVSS 7.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41281 7d ago

HIGH

CVE-2025-41280 (CVSS 7.8) — Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX ...

NVD CVE-2025-41280 7d ago

HIGH

CVE-2025-41279 (CVSS 7.2) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41279 7d ago

HIGH

CVE-2025-41278 (CVSS 7.8) — Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version...

NVD CVE-2025-41278 7d ago

CRITICAL

CVE-2025-41277 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41277 7d ago

CRITICAL

CVE-2025-41276 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41276 7d ago

CRITICAL

CVE-2025-41275 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41275 7d ago

CRITICAL

CVE-2025-41274 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41274 7d ago

CRITICAL

CVE-2025-41273 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel ...

NVD CVE-2025-41273 7d ago

CRITICAL

CVE-2025-41272 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41272 7d ago

HIGH

CVE-2025-41271 (CVSS 7.5) — Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall ...

NVD CVE-2025-41271 7d ago

CRITICAL

CVE-2025-41270 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41270 7d ago

CRITICAL

CVE-2025-41269 (CVSS 9.8) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41269 7d ago

CRITICAL

CVE-2025-41268 (CVSS 9.1) — Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Administration WebUI in Wat...

NVD CVE-2025-41268 7d ago

HIGH

CVE-2025-41267 (CVSS 7.2) — Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS ...

NVD CVE-2025-41267 7d ago

Prev Page 11 / 44 Next

INFO SecurityWeek Fri, 05 Jun 2026 11:33:27 UTC

Hackers Leak DentaQuest Information Impacting 2.6 Million

https://www.securityweek.com/hackers-leak-dentaquest-information-impacting-2-6-million/

TL;DR

The ShinyHunters extortion group leaked roughly 234 GB of data allegedly stolen from the dental benefits administrator. The post Hackers Leak DentaQuest Information Impacting 2.6 Million appeared first on SecurityWeek .

breachesransomwaresupply-chain

Read full story ↗