Aggregator

A vulnerability, which was classified as problematic, has been found in WatchGuard Fireware OS up to 12.5.16/12.11.7/2026.1.1. Affected is an unknown function of the component OS Filesystem Integrity Check. The manipulation leads to expected behavior violation. This vulnerability is referenced as CVE-2026-3344. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as critical was found in WatchGuard Fireware OS up to 11.12.4+541730/12.5.16/12.11.7/2026.1.1. This impacts an unknown function. Executing a manipulation can lead to out-of-bounds write. The identification of this vulnerability is CVE-2026-3342. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Morkva UA Shipping Plugin up to 1.7.9 on WordPress. This affects an unknown function. Performing a manipulation of the argument kg results in cross site scripting. This vulnerability was named CVE-2026-2292. The attack may be initiated remotely. There is no available exploit.

A vulnerability described as critical has been identified in PostX Plugin up to 5.0.8 on WordPress. The impacted element is the function starter_dummy_post of the file /ultp/v3/starter_dummy_post/ of the component REST API Endpoint. Such manipulation leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2026-1273. The attack can be launched remotely. No exploit exists.

A vulnerability marked as problematic has been reported in Taskbuilder Plugin up to 5.0.3 on WordPress. The affected element is an unknown function of the component Setting Handler. This manipulation of the argument Block Emails causes cross site scripting. This vulnerability is handled as CVE-2026-2289. The attack can be initiated remotely. There is not any exploit available.

A vulnerability labeled as problematic has been found in WPBookit Plugin up to 1.0.8 on WordPress. Impacted is an unknown function. The manipulation of the argument wpb_user_name/wpb_user_email results in cross site scripting. This vulnerability is known as CVE-2026-1945. It is possible to launch the attack remotely. No exploit is available.

A vulnerability identified as critical has been detected in Icegram Express Email Subscribers Plugin up to 5.9.16 on WordPress. This issue affects some unknown processing. The manipulation of the argument workflow_ids leads to sql injection. This vulnerability is traded as CVE-2026-1651. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as problematic has been discovered in WPBookit Plugin up to 1.0.8 on WordPress. This vulnerability affects the function get_customer_list of the component Customer Information Handler. Executing a manipulation can lead to missing authorization. This vulnerability appears as CVE-2026-1980. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in Canonical LXD 6.6 on Linux. It has been rated as problematic. This affects an unknown part of the file /1.0/certificates of the component API Endpoint. Performing a manipulation results in missing authorization. This vulnerability is reported as CVE-2026-3351. The attack is possible to be carried out remotely. No exploit exists. It is suggested to install a patch to address this issue.

On February 28, 2026, the United States and Israel launched a coordinated offensive — code-named Operation Epic Fury by the U.S. and Operation Roaring Lion by Israel — setting off a wide-ranging cyber conflict that spread across the Middle East and beyond. Within hours of the strikes, Iran launched a multi-vector retaliatory campaign involving hacktivist […]

The post Epic Fury/Roaring Lion Sparks Escalating Cyber Conflict as Iran Goes Offline, Hacktivists Step Up Retaliation appeared first on Cyber Security News.

Любая попытка помешать работе лишь подтверждает прочность системы.

本文将恶意提示词驱动的个人信息诱导从理论设想推进到实证验证阶段，揭示了对话式 LLM 在部署层面可能带来的新型隐私风险，并为平台治理与对话安全设计提供了重要参考。

Чтобы сделать электронику мощнее, материал пришлось раскатать до толщины атома и заморозить до -150°C.

Europol’s Project Compass targets The Com (aka 764 network), an online group exploiting minors. After 30 arrests, officials say the hunt for those involved is far from over.

In boardrooms and security operations centers alike, one metric has risen from a niche KPI to a defining measure of organizational resilience: Mean Time to Respond (MTTR). But why has this particular number captured so much attention, and does it deserve the hype?  MTTR measures the average time elapsed between the moment a threat is […]

The post How to Cut MTTR by Improving Threat Visibility in Your SOC  appeared first on Cyber Security News.

Workloads keep getting more complicated and organizations are struggling to keep up. So what's the play?

嗯，用户发来了一段英文内容，看起来像是一个项目介绍。他让我用中文总结一下，控制在100字以内，而且不需要特定的开头。首先，我需要理解原文内容。 原文提到作者开发了一个实时漏洞情报仪表盘，整合了CVE趋势、严重程度和社会媒体活动。目标是让用户快速了解哪些漏洞值得关注，而不是翻阅原始数据流。每个CVE都有单独页面，包含概述、CVSS评分、影响摘要、参考链接和相关社交媒体帖子。仪表盘是免费的，无需登录，并邀请用户提供反馈。 接下来，我需要将这些信息浓缩到100字以内。要抓住关键点：实时漏洞情报仪表盘、整合CVE数据、严重性、社交媒体活动、免费浏览以及用户反馈邀请。 然后，确保语言简洁明了，避免使用复杂的词汇。同时，按照用户的要求，不要以“文章内容总结”或“这篇文章”开头。 最后，检查字数是否符合要求，并确保信息准确传达。 作者开发了一个实时漏洞情报仪表盘，整合了CVE趋势、严重性评分及社交媒体动态。用户可免费浏览每个CVE的详细信息和相关链接，并受邀提供反馈以改进功能。

Хакеры эксплуатируют массовый переход россиян из Telegram в MAX.

好的，我现在需要帮用户总结一篇关于亚马逊AWS数据中心被无人机袭击的文章，控制在100字以内。首先，我得仔细阅读文章内容，抓住关键点。 文章提到AWS在中东的多个数据中心遭受无人机攻击，导致服务中断。具体来说，阿联酋的MEC1数据中心的AZ2和AZ3可用区被袭击，巴林的MES1数据中心也受到影响。亚马逊建议客户备份数据并考虑迁移到其他区域。 接下来，我需要把这些信息浓缩成一句话。要注意时间、地点、事件以及影响。同时，要避免使用“这篇文章”这样的开头，直接描述内容。 可能的结构是：时间地点事件影响建议。比如，“亚马逊AWS中东多地数据中心遭无人机袭击，服务中断，建议客户备份并迁移。”这样既涵盖了主要信息，又符合字数要求。 检查一下是否遗漏了关键点：阿联酋和巴林的数据中心都被攻击了，导致可用区中断，并且亚马逊给出了应对措施。确保这些都包含在内。 最后确认字数是否在100字以内，并且表达清晰简洁。 亚马逊AWS中东多地数据中心遭无人机袭击，导致可用区中断，建议客户备份数据并考虑迁移至其他区域以降低风险。