cyber·news

HIGH

CVE-2026-46829 (CVSS 7.5) — Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affec...

NVD CVE-2026-46829 8d ago

HIGH

CVE-2026-46828 (CVSS 8.1) — Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operatio...

NVD CVE-2026-46828 8d ago

HIGH

CVE-2026-46827 (CVSS 8.8) — Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Mana...

NVD CVE-2026-46827 8d ago

HIGH

CVE-2026-46826 (CVSS 8.8) — Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operatio...

NVD CVE-2026-46826 8d ago

CRITICAL

CVE-2026-46824 (CVSS 9.9) — Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work...

NVD CVE-2026-46824 8d ago

HIGH

CVE-2026-46823 (CVSS 7.7) — Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Su...

NVD CVE-2026-46823 8d ago

CRITICAL

CVE-2026-46822 (CVSS 9.9) — Vulnerability in the Oracle iAssets product of Oracle E-Business Suite (component: Internal Operatio...

NVD CVE-2026-46822 8d ago

HIGH

CVE-2026-46821 (CVSS 7.7) — Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component:...

NVD CVE-2026-46821 8d ago

HIGH

CVE-2026-46820 (CVSS 8.5) — Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component:...

NVD CVE-2026-46820 8d ago

CRITICAL

CVE-2026-46819 (CVSS 9.1) — Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite (compo...

NVD CVE-2026-46819 8d ago

HIGH

CVE-2026-46818 (CVSS 7.4) — Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmissio...

NVD CVE-2026-46818 8d ago

CRITICAL

CVE-2026-46817 (CVSS 9.8) — Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmissio...

NVD CVE-2026-46817 8d ago

CRITICAL

CVE-2026-46775 (CVSS 9.9) — Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected ...

NVD CVE-2026-46775 8d ago

HIGH

CVE-2026-35277 (CVSS 8.1) — Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected ...

NVD CVE-2026-35277 8d ago

HIGH

CVE-2026-35266 (CVSS 7.9) — Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected ...

NVD CVE-2026-35266 8d ago

CRITICAL

CVE-2026-34311 (CVSS 9.8) — Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Appl...

NVD CVE-2026-34311 8d ago

INFO

BTMOB Android malware service generates custom phishing payloads

BleepingComputer breachesransomwaresupply-chain 8d ago

MEDIUM

CVE-2026-33462 (CVSS 4.6) — A path traversal vulnerability was identified in Kibana's dashboard management functionality. An aut...

NVD CVE-2026-33462 8d ago

HIGH

CVE-2026-32847 (CVSS 7.5) — DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route i...

NVD CVE-2026-32847 8d ago

MEDIUM

CVE-2026-44394 (CVSS 6) — An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping ...

NVD CVE-2026-44394CVE-2012-3426 8d ago

MEDIUM

CVE-2026-43000 (CVSS 6) — An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application crede...

NVD CVE-2026-43000 8d ago

MEDIUM

CVE-2026-42999 (CVSS 6) — An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in en...

NVD CVE-2026-42999 8d ago

MEDIUM

CVE-2026-42998 (CVSS 6) — An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential aut...

NVD CVE-2026-42998 8d ago

INFO

FBI warns of fake FIFA websites running World Cup fraud schemes

BleepingComputer breachesransomwaresupply-chain 8d ago

INFO

Dutch Raid Fails to Dent Russian Bulletproof Host

rss:darkreading breachesmalwarethreat-actors 8d ago

INFO

GreyVibe hackers use ChatGPT, Gemini to power cyberattacks

BleepingComputer breachesransomwaresupply-chain +1 8d ago

INFO

Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks

SecurityWeek 8d ago

CRITICAL

CVE-2026-45787 (CVSS 9.1) — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3...

NVD CVE-2026-45787 8d ago

HIGH

CVE-2026-45353 (CVSS 7.8) — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From 3.0.6...

NVD CVE-2026-45353 8d ago

HIGH

CVE-2026-34126 (CVSS 7.5) — TP-Link has identified a vulnerability in Tapo L535E v1.0 and v3.0, Tapo P300 v1.0, and Tapo D100C v...

NVD CVE-2026-34126 8d ago

INFO

Hackers exploit FortiClient EMS flaw to push infostealer malware

BleepingComputer CVE-2026-35616breachesransomware 8d ago

INFO

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

The Hacker News supply-chainbreachesmalware 8d ago

HIGH

CVE-2026-8697 (CVSS 8.8) — Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1,...

NVD CVE-2026-8697 8d ago

CRITICAL

CVE-2026-44477 (CVSS 9.9) — CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. ...

NVD CVE-2026-44477 8d ago

HIGH

CVE-2026-44463 (CVSS 8.6) — Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by pre...

NVD CVE-2026-44463 8d ago

MEDIUM

CVE-2026-44462 (CVSS 6.4) — Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via ba...

NVD CVE-2026-44462 8d ago

CRITICAL

CVE-2026-24444 (CVSS 9.8) — SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded pas...

NVD CVE-2026-24444 8d ago

INFO

Geordie Raises $30 Million for AI Security and Governance Platform

SecurityWeek breachesransomwaresupply-chain 8d ago

HIGH

CVE-2026-45017 (CVSS 7.5) — Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.0, the built-in File...

NVD CVE-2026-45017 8d ago

HIGH

CVE-2026-35675 (CVSS 8.2) — phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in the password reset endpoint...

NVD CVE-2026-35675 8d ago

HIGH

CVE-2026-35671 (CVSS 8.8) — phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability in the admin API us...

NVD CVE-2026-35671 8d ago

INFO

Agentic AI Isn't Risky; the Way Orgs Deploy It Is

rss:darkreading breachesmalwarethreat-actors 8d ago

INFO

China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa

The Hacker News supply-chainbreachesmalware +10 2d ago

INFO

Middle East Cyber Battle Field Broadens — Especially in UAE

rss:darkreading 31d ago

INFO

Cyber Resilience is the New Business Continuity Plan

SecurityWeek 18d ago

INFO

Windows Zero-Day Barrage Continues After Patch Tuesday

rss:darkreading 17d ago

INFO

Identity Alone Isn't Enough: Why Device Security Has to Share the Load

BleepingComputer 16d ago

INFO

Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects

SecurityWeek 12d ago

INFO

Iranian APT Targets Aviation, Software Companies With Updated Tools

SecurityWeek 11d ago

INFO

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

The Hacker News 10d ago

INFO

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

The Hacker News 8d ago

INFO

Global Stock Exchange Hit by Monthslong Email Campaign

rss:darkreading 3d ago

INFO

What 345 Days of Untested Exposure Looks Like at a Bank

BleepingComputer 2d ago

INFO

Carnival Data Breach Exposed 6 Million People

SecurityWeek breachesransomwaresupply-chain 8d ago

INFO

New Gogs zero-day flaw lets hackers get remote code execution

BleepingComputer breachesransomwaresupply-chain 8d ago

INFO

How SIEM helps MSPs reduce noise and stop threats faster

BleepingComputer breachesransomwaresupply-chain 8d ago

INFO

Cruise giant Carnival confirms data breach affecting nearly 6 million people

The Record breachesransomwarenation-state 8d ago

HIGH

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials

The Hacker News supply-chainbreachesmalware +81 18d ago

INFO

ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax

rss:cisa-advisories 25d ago

INFO

Fuji Electric Tellus

rss:cisa-advisories 25d ago

INFO

ABB AC500 V3 Multiple Vulnerabilities

rss:cisa-advisories 25d ago

INFO

Subnet Solutions PowerSYSTEM Center

rss:cisa-advisories 25d ago

INFO

ABB Automation Builder Gateway for Windows

rss:cisa-advisories 25d ago

INFO

ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities

rss:cisa-advisories 25d ago

INFO

Siemens Siemens ROS#

rss:cisa-advisories 23d ago

INFO

Siemens gWAP

rss:cisa-advisories 23d ago

INFO

Siemens SIMATIC

rss:cisa-advisories 23d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 23d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 23d ago

INFO

Siemens Simcenter Femap

rss:cisa-advisories 23d ago

INFO

Universal Robots Polyscope 5

rss:cisa-advisories 23d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 23d ago

INFO

Siemens Teamcenter

rss:cisa-advisories 23d ago

INFO

Siemens Solid Edge

rss:cisa-advisories 23d ago

INFO

Siemens SENTRON 7KT PAC1261 Data Manager

rss:cisa-advisories 23d ago

INFO

Siemens Opcenter RDnL

rss:cisa-advisories 23d ago

INFO

Siemens Ruggedcom Rox

rss:cisa-advisories 23d ago

INFO

Siemens Industrial Devices

rss:cisa-advisories 23d ago

INFO

Siemens SIMATIC S7 PLC Web Server

rss:cisa-advisories 23d ago

INFO

Siemens SIPROTEC 5

rss:cisa-advisories 23d ago

INFO

Siemens SIMATIC

rss:cisa-advisories 23d ago

INFO

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

The Hacker News 20d ago

INFO

Kieback & Peter DDC Building Controllers

rss:cisa-advisories 18d ago

INFO

Siemens RUGGEDCOM APE1808 Devices

rss:cisa-advisories 18d ago

INFO

ABB CoreSense HM and CoreSense M10

rss:cisa-advisories 18d ago

INFO

ScadaBR

rss:cisa-advisories 18d ago

INFO

ZKTeco CCTV Cameras

rss:cisa-advisories 18d ago

INFO

CISA Exposes Secrets, Credentials in 'Private' Repo

rss:darkreading 17d ago

INFO

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories

The Hacker News 17d ago

INFO

GitHub investigates internal repositories breach claimed by TeamPCP

BleepingComputer 17d ago

INFO

GitHub confirms breach of 3,800 repos via malicious VSCode extension

BleepingComputer 17d ago

INFO

Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)

rss:cisa-advisories 17d ago

INFO

Senator presses CISA for answers about alleged GitHub repository leak

The Record 17d ago

INFO

GitHub confirms being hacked by TeamPCP, says customer data unaffected

The Record 17d ago

INFO

Grafana breach caused by missed token rotation after TanStack attack

BleepingComputer 16d ago

INFO

GitHub Confirms Breach, 4K Internal Repos Stolen

rss:darkreading 16d ago

INFO

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

The Hacker News 16d ago

INFO

GitHub links repo breach to TanStack npm supply-chain attack

BleepingComputer 16d ago

INFO

ABB Terra AC Wallbox

rss:cisa-advisories 16d ago

INFO

ABB B&R Automation Studio

rss:cisa-advisories 16d ago

INFO

ABB B&R Automation Runtime

rss:cisa-advisories 16d ago

INFO

ABB B&R PCs

rss:cisa-advisories 16d ago

INFO

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack

SecurityWeek 15d ago

INFO

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

The Hacker News 15d ago

INFO

CISA Security Leak

rss:schneier 14d ago

INFO

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Krebs 14d ago

INFO

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

The Hacker News 13d ago

INFO

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

The Hacker News 13d ago

INFO

Laravel Lang packages hijacked to deploy credential-stealing malware

BleepingComputer 13d ago

INFO

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

SecurityWeek 12d ago

INFO

ABB Terra AC

rss:cisa-advisories 11d ago

INFO

ABB LVS MConfig

rss:cisa-advisories 11d ago

INFO

ABB Ability Camera Connect

rss:cisa-advisories 11d ago

INFO

Eppendorf BioFlo 320

rss:cisa-advisories 11d ago

INFO

ABB AbilityTM Zenon Remote Transport Vulnerability

rss:cisa-advisories 11d ago

INFO

ABB AC500 V2

rss:cisa-advisories 11d ago

INFO

ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)

rss:cisa-advisories 11d ago

INFO

Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos

rss:darkreading 10d ago

INFO

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

The Hacker News 9d ago

INFO

ABB EIBPORT

rss:cisa-advisories 9d ago

INFO

Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter

rss:cisa-advisories 9d ago

INFO

ABB Busch-Welcome 2 Wire Door Opener Actuator

rss:cisa-advisories 9d ago

INFO

Fourth Frontier Frontier X Mobile Application, Frontier X2

rss:cisa-advisories 9d ago

INFO

CP Plus 8 Ch. Network Video Recorder

rss:cisa-advisories 9d ago

INFO

XCharge C6

rss:cisa-advisories 9d ago

INFO

KMW CCTV Security Cameras

rss:cisa-advisories 9d ago

INFO

MacGregor Voyage Data Recorder (VDR) G4e

rss:cisa-advisories 9d ago

INFO

Supply Chain Compromises Impact Nx Console and GitHub Repositories

rss:cisa-advisories 9d ago

INFO

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

The Hacker News 8d ago

INFO

Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more

The Record 8d ago

INFO

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

The Hacker News 5d ago

INFO

Red Hat removes tainted packages after software pipeline compromise

The Record 3d ago

INFO

VS Code zero-day lets hackers steal GitHub tokens in one click

BleepingComputer 3d ago

INFO

NAVTOR NavBox

rss:cisa-advisories 2d ago

INFO

Hitachi Energy MACH HiDraw

rss:cisa-advisories 2d ago

INFO

Hitachi Energy ITT600 Explorer

rss:cisa-advisories 2d ago

INFO

B&R PPT30 Operating System

rss:cisa-advisories 2d ago

INFO

Hitachi Energy RTU500

rss:cisa-advisories 2d ago

INFO

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

The Hacker News 1d ago

INFO

Canadian man gets 33 years for using social media to coerce US children into sending sexual content

The Record breachesransomwarenation-state 8d ago

INFO

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

The Hacker News supply-chainbreachesmalware 9d ago

INFO

Chinese-speaking fraud gang could be stealing millions from 2026 World Cup fans

The Record breachesransomwarenation-state 9d ago

Prev Page 13 / 44 Next

INFO BleepingComputer Thu, 28 May 2026 22:24:49 UTC

GreyVibe hackers use ChatGPT, Gemini to power cyberattacks

https://www.bleepingcomputer.com/news/security/greyvibe-hackers-use-chatgpt-gemini-to-power-cyberattacks/

TL;DR AI

A major cybersecurity incident occurred when a vulnerability in the Netflix data compression software was discovered, allowing hackers to access sensitive customer data. The vulnerability, which was patched by Netflix after a short period, allowed attackers to read and modify data stored on the company's servers. The incident highlights the importance of regular software updates and patch management to prevent similar vulnerabilities from being exploited.

breachesransomwaresupply-chainmalwarenation-state

Read full story ↗