Aggregator

Machine-speed threats demand machine-speed defense—see how AI and automation cut dwell time and outpace attackers.

Chartered Institute of Bankers of Nigeria (CIBN) Database Breached: 250GB Including Member PII, Source Code, and ID Documents Leaked

Как специалисты NASA спасают технику на краю Солнечной системы.

The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. [...]

Currently trending CVE - Hype Score: 1 - A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex ...

A vulnerability was found in GFI HelpDesk up to 4.99.9 and classified as problematic. Affected by this issue is the function SWIFT_Report::Create of the component Reports Module. Executing a manipulation of the argument report title can lead to cross site scripting. This vulnerability appears as CVE-2026-23757. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability has been found in GFI HelpDesk up to 4.99.8 and classified as problematic. Affected by this vulnerability is the function SWIFT_Language::Create of the component Languages Page. Performing a manipulation of the argument charset results in cross site scripting. This vulnerability is reported as CVE-2026-23753. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

A vulnerability, which was classified as problematic, was found in GFI HelpDesk up to 4.99.8. Affected is an unknown function of the component Groups Page. Such manipulation of the argument companyname leads to cross site scripting. This vulnerability is documented as CVE-2026-23752. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in OpenClaw up to 2026.4.14. This impacts an unknown function of the component UNC File Handler. This manipulation causes file inclusion. This vulnerability is registered as CVE-2026-41389. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan, a 24-year-old from Scotland linked to the Scattered Spider group, admitted in a US court that he hacked dozens of companies, committed fraud, and stole millions in cryptocurrency. Spanish police arrested the British national […]

A vulnerability classified as critical was found in DeepCool DeepCreative up to 1.2.7. This affects an unknown function of the component File Handler. The manipulation results in permission issues. This vulnerability is cataloged as CVE-2026-30266. The attack must be initiated from a local position. There is no exploit available.

A vulnerability classified as problematic has been found in GFI HelpDesk up to 4.99.8. The impacted element is the function Controller_Ticket.EditSubmit of the component POST Parameter Handler. The manipulation of the argument editsubject leads to cross site scripting. This vulnerability is listed as CVE-2026-23758. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Vexa-ai vexa. The affected element is an unknown function of the component HTTP POST Request Handler. Executing a manipulation can lead to server-side request forgery. This vulnerability is tracked as CVE-2026-25883. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.