2155 items
Unread (2155) All Dismissed
CRITICAL
CVE-2026-6960 (CVSS 9.8) — The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing fil...
NVD CVE-2026-6960 16d ago
INFO
Canadian man arrested, charged for running KimWolf DDos botnet
The Record breachesransomwarenation-state +4 15d ago
INFO
Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
Krebs 16d ago
INFO
Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
The Hacker News 15d ago
INFO
US and Canada arrest and charge suspected Kimwolf botnet admin
BleepingComputer 15d ago
INFO
Canadian Man Arrested for Operating Kimwolf Botnet
SecurityWeek 15d ago
HIGH
CVE-2026-8428 (CVSS 8.8) — Concrete CMS 9.5.0 and below emits a CSRF token in the local_available_update.php view ($token->outp...
NVD CVE-2026-8428 16d ago
HIGH
CVE-2026-8426 (CVSS 8.8) — Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard...
NVD CVE-2026-8426 16d ago
HIGH
CVE-2026-8421 (CVSS 8.8) — Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install_package() method of concre...
NVD CVE-2026-8421 16d ago
HIGH
CVE-2026-8417 (CVSS 8.8) — Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard...
NVD CVE-2026-8417 16d ago
HIGH
CVE-2026-8350 (CVSS 8.8) — Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php ...
NVD CVE-2026-8350 16d ago
HIGH
CVE-2026-8135 (CVSS 7.2) — Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure deserialization...
NVD CVE-2026-8135 16d ago
HIGH
CVE-2026-8134 (CVSS 7.2) — Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutS...
NVD CVE-2026-8134 16d ago
HIGH
CVE-2026-47102 (CVSS 8.8) — LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. ...
NVD CVE-2026-47102 16d ago
HIGH
CVE-2026-47101 (CVSS 8.8) — LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to rou...
NVD CVE-2026-47101 16d ago
INFO
How CISOs Should Prep for Agentic-Ready AI BOMs
rss:darkreading breachesmalwarethreat-actors 16d ago
HIGH
CVE-2026-47114 (CVSS 8.8) — IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attack...
NVD CVE-2026-47114 16d ago
INFO
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
The Hacker News supply-chainbreachesmalware +19 17h ago
INFO
VoidStealer Malware Darts Past Google Chrome's Encryption
rss:darkreading 31d ago
INFO
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
The Hacker News 24d ago
INFO
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
rss:googleprojectzero 24d ago
INFO
Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
SecurityWeek 16d ago
INFO
Google accidentally exposed details of unfixed Chromium flaw
BleepingComputer 16d ago
INFO
Google API Keys Remain Active After Deletion
rss:darkreading 16d ago
INFO
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
The Hacker News 10d ago
INFO
Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks
SecurityWeek 9d ago
INFO
US charges Google security engineer with Polymarket insider trading
BleepingComputer 8d ago
INFO
Google Chrome adds session cookie theft protection for all users
BleepingComputer 8d ago
INFO
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
The Hacker News 5d ago
INFO
Google fixes one actively exploited Android zero-day, 124 flaws
BleepingComputer 4d ago
INFO
Google adds Android protection against AI deepfake scam calls
BleepingComputer 3d ago
INFO
Malicious Notifications Could Trick Google Gemini Users
rss:darkreading 3d ago
INFO
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
The Hacker News 3d ago
INFO
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
The Hacker News 3d ago
INFO
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
The Hacker News 2d ago
INFO
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
The Hacker News 2d ago
INFO
Gemini Voice Assistant Hijacked via Messaging Notifications
SecurityWeek 2d ago
INFO
Hacking Meta’s AI Chatbot
rss:schneier analysispolicy +4 2d ago
INFO
Tech giants promise British regulator they will tweak platforms to protect kids online
The Record 16d ago
INFO
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
Krebs 5d ago
INFO
Meta AI Hands Over High-Profile Instagram Accounts to Hackers
SecurityWeek 4d ago
INFO
Instagram users locked out after Meta AI abused to steal accounts
BleepingComputer 4d ago
HIGH
CVE-2026-48242 (CVSS 8.1) — Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials (host, user...
NVD CVE-2026-48242 16d ago
HIGH
CVE-2026-48241 (CVSS 8.1) — Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a publi...
NVD CVE-2026-48241 16d ago
HIGH
CVE-2026-48240 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where ...
NVD CVE-2026-48240 16d ago
HIGH
CVE-2026-48239 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the...
NVD CVE-2026-48239 16d ago
HIGH
CVE-2026-48238 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobile_main.php where...
NVD CVE-2026-48238 16d ago
HIGH
CVE-2026-48237 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the frm_...
NVD CVE-2026-48237 16d ago
HIGH
CVE-2026-48236 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in db_loader.php where the mu...
NVD CVE-2026-48236 16d ago
HIGH
CVE-2026-48235 (CVSS 8.2) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where...
NVD CVE-2026-48235 16d ago
HIGH
CVE-2026-48234 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax/list_requests....
NVD CVE-2026-48234 16d ago
HIGH
CVE-2026-48233 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit_incidents.php whe...
NVD CVE-2026-48233 16d ago
HIGH
CVE-2026-48232 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/fullsit_incidents.php...
NVD CVE-2026-48232 16d ago
HIGH
CVE-2026-48231 (CVSS 7.1) — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in tables.php where the multi...
NVD CVE-2026-48231 16d ago
INFO
Two Americans plead guilty to assisting India-based tech support scam centers
The Record breachesransomwarenation-state 16d ago
INFO
Apple removes Russia’s state-backed messaging app Max from its store
The Record breachesransomwarenation-state +3 2d ago
INFO
Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention
SecurityWeek 16d ago
INFO
Apple blocked over $11 billion in App Store fraud in 6 years
BleepingComputer 16d ago
INFO
macOS Kernel Memory Corruption Exploit
rss:schneier 16d ago
INFO
AI Agents Are Shifting Identity Security Budget Dynamics
rss:darkreading breachesmalwarethreat-actors 16d ago
INFO
UK plans for cybercrime law reform would protect almost no one, experts warn
The Record breachesransomwarenation-state 16d ago
INFO
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
The Hacker News supply-chainbreachesmalware 16d ago
HIGH
CVE-2025-13479 (CVSS 7.5) — Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Cons...
NVD CVE-2025-13479 16d ago
HIGH
CVE-2025-13477 (CVSS 7.1) — Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credenti...
NVD CVE-2025-13477 16d ago
INFO
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
BleepingComputer breachesransomwaresupply-chain 16d ago
INFO
Chinese hackers target telcos with new Linux, Windows malware
BleepingComputer breachesransomwaresupply-chain 16d ago
INFO
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
rss:darkreading breachesmalwarethreat-actors 16d ago
INFO
Cisco warns of critical Unified CM flaw with PoC exploit code
BleepingComputer breachesransomwaresupply-chain +4 2d ago
INFO
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
rss:darkreading 23d ago
INFO
Cisco Patches Critical Vulnerability in Secure Workload
SecurityWeek 16d ago
INFO
Max severity Cisco Secure Workload flaw gives Site Admin privileges
BleepingComputer 16d ago
INFO
Cisco Warns of Available PoC for Critical Unified CM Vulnerability
SecurityWeek 2d ago
CRITICAL
CVE-2026-5118 (CVSS 9.8) — The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, ...
NVD CVE-2026-5118 16d ago
INFO
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
The Hacker News supply-chainbreachesmalware +2 15d ago
INFO
Europe dismantles VPN service used by cybercriminals to hide ransomware attacks
The Record 17d ago
INFO
Police seize “First VPN” service used in ransomware, data theft attacks
BleepingComputer 16d ago
INFO
Content Delivery Exploit Opens Websites to Brand Hijacking
rss:darkreading breachesmalwarethreat-actors 16d ago
HIGH
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
The Hacker News supply-chainbreachesmalware +81 18d ago
INFO
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
rss:cisa-advisories 25d ago
INFO
Fuji Electric Tellus
rss:cisa-advisories 25d ago
INFO
ABB AC500 V3 Multiple Vulnerabilities
rss:cisa-advisories 25d ago
INFO
Subnet Solutions PowerSYSTEM Center
rss:cisa-advisories 25d ago
INFO
ABB Automation Builder Gateway for Windows
rss:cisa-advisories 25d ago
INFO
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
rss:cisa-advisories 25d ago
INFO
Siemens Siemens ROS#
rss:cisa-advisories 23d ago
INFO
Siemens gWAP
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Simcenter Femap
rss:cisa-advisories 23d ago
INFO
Universal Robots Polyscope 5
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Teamcenter
rss:cisa-advisories 23d ago
INFO
Siemens Solid Edge
rss:cisa-advisories 23d ago
INFO
Siemens SENTRON 7KT PAC1261 Data Manager
rss:cisa-advisories 23d ago
INFO
Siemens Opcenter RDnL
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Industrial Devices
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC S7 PLC Web Server
rss:cisa-advisories 23d ago
INFO
Siemens SIPROTEC 5
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 23d ago
INFO
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
The Hacker News 20d ago
INFO
Kieback & Peter DDC Building Controllers
rss:cisa-advisories 18d ago
INFO
Siemens RUGGEDCOM APE1808 Devices
rss:cisa-advisories 18d ago
INFO
ABB CoreSense HM and CoreSense M10
rss:cisa-advisories 18d ago
INFO
ScadaBR
rss:cisa-advisories 18d ago
INFO
ZKTeco CCTV Cameras
rss:cisa-advisories 18d ago
INFO
CISA Exposes Secrets, Credentials in 'Private' Repo
rss:darkreading 18d ago
INFO
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
The Hacker News 17d ago
INFO
GitHub investigates internal repositories breach claimed by TeamPCP
BleepingComputer 17d ago
INFO
GitHub confirms breach of 3,800 repos via malicious VSCode extension
BleepingComputer 17d ago
INFO
Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)
rss:cisa-advisories 17d ago
INFO
Senator presses CISA for answers about alleged GitHub repository leak
The Record 17d ago
INFO
GitHub confirms being hacked by TeamPCP, says customer data unaffected
The Record 17d ago
INFO
Grafana breach caused by missed token rotation after TanStack attack
BleepingComputer 17d ago
INFO
GitHub Confirms Breach, 4K Internal Repos Stolen
rss:darkreading 17d ago
INFO
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News 16d ago
INFO
GitHub links repo breach to TanStack npm supply-chain attack
BleepingComputer 16d ago
INFO
ABB Terra AC Wallbox
rss:cisa-advisories 16d ago
INFO
ABB B&R Automation Studio
rss:cisa-advisories 16d ago
INFO
ABB B&R Automation Runtime
rss:cisa-advisories 16d ago
INFO
ABB B&R PCs
rss:cisa-advisories 16d ago
INFO
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
SecurityWeek 15d ago
INFO
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News 15d ago
INFO
CISA Security Leak
rss:schneier 15d ago
INFO
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Krebs 15d ago
INFO
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker News 14d ago
INFO
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
The Hacker News 14d ago
INFO
Laravel Lang packages hijacked to deploy credential-stealing malware
BleepingComputer 14d ago
INFO
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
SecurityWeek 12d ago
INFO
ABB Terra AC
rss:cisa-advisories 11d ago
INFO
ABB LVS MConfig
rss:cisa-advisories 11d ago
INFO
ABB Ability Camera Connect
rss:cisa-advisories 11d ago
INFO
Eppendorf BioFlo 320
rss:cisa-advisories 11d ago
INFO
ABB AbilityTM Zenon Remote Transport Vulnerability
rss:cisa-advisories 11d ago
INFO
ABB AC500 V2
rss:cisa-advisories 11d ago
INFO
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
rss:cisa-advisories 11d ago
INFO
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
rss:darkreading 11d ago
INFO
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker News 10d ago
INFO
ABB EIBPORT
rss:cisa-advisories 9d ago
INFO
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
rss:cisa-advisories 9d ago
INFO
ABB Busch-Welcome 2 Wire Door Opener Actuator
rss:cisa-advisories 9d ago
INFO
Fourth Frontier Frontier X Mobile Application, Frontier X2
rss:cisa-advisories 9d ago
INFO
CP Plus 8 Ch. Network Video Recorder
rss:cisa-advisories 9d ago
INFO
XCharge C6
rss:cisa-advisories 9d ago
INFO
KMW CCTV Security Cameras
rss:cisa-advisories 9d ago
INFO
MacGregor Voyage Data Recorder (VDR) G4e
rss:cisa-advisories 9d ago
INFO
Supply Chain Compromises Impact Nx Console and GitHub Repositories
rss:cisa-advisories 9d ago
INFO
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
The Hacker News 9d ago
INFO
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
The Record 8d ago
INFO
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
The Hacker News 5d ago
INFO
Red Hat removes tainted packages after software pipeline compromise
The Record 4d ago
INFO
VS Code zero-day lets hackers steal GitHub tokens in one click
BleepingComputer 3d ago
INFO
NAVTOR NavBox
rss:cisa-advisories 2d ago
INFO
Hitachi Energy MACH HiDraw
rss:cisa-advisories 2d ago
INFO
Hitachi Energy ITT600 Explorer
rss:cisa-advisories 2d ago
INFO
B&R PPT30 Operating System
rss:cisa-advisories 2d ago
INFO
Hitachi Energy RTU500
rss:cisa-advisories 2d ago
INFO
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News 2d ago
INFO
Hitachi Energy GMS600
rss:cisa-advisories CVE-2022-4304actively-exploitedadvisories 16d ago
INFO
CISA Adds One Known Exploited Vulnerability to Catalog
rss:cisa-advisories actively-exploitedadvisories +4 15d ago
INFO
CISA Adds One Known Exploited Vulnerability to Catalog
rss:cisa-advisories 23d ago
INFO
CISA Adds One Known Exploited Vulnerability to Catalog
rss:cisa-advisories 22d ago
INFO
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
rss:cisa-advisories 17d ago
INFO
CISA Adds Two Known Exploited Vulnerabilities to Catalog
rss:cisa-advisories 16d ago
INFO The Record Fri, 22 May 2026 15:00:00 UTC
Canadian man arrested, charged for running KimWolf DDos botnet
https://therecord.media/canadian-man-arrested-charged-running-kimwolf-botnet
TL;DR
In court documents unsealed on Thursday, the Justice Department said Jacob Butler ran KimWolf as a DDoS-for-hire service that infected over a million devices worldwide.
breachesransomwarenation-state
Read full story ↗
Related coverage (4)
Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
Krebs 16d ago
Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
The Hacker News 15d ago
US and Canada arrest and charge suspected Kimwolf botnet admin
BleepingComputer 15d ago
Canadian Man Arrested for Operating Kimwolf Botnet
SecurityWeek 15d ago