New Mobile Spyware ZeroDayRAT Targets Android and iOS
ZeroDayRAT is a new mobile spyware targeting Android and iOS, offering attackers persistent access
Threat Intelligence Feed
Aggregating 3075 articles from trusted cybersecurity sources
LATEST CVEs
CVE-2026-40199
Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass.
_pa
CVE-2026-40198
Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass.
_pack_
CVE-2026-33119
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized
CVE-2026-33118
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2026-5724
The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper
CVE-2026-40252
FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability (IDOR/BOLA) allows any
CVE-2026-40242
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.17.3, the /api/template
CVE-2026-40194
phpseclib is a PHP secure communications library. Prior to 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::get_binary_pa
CVE-2026-40191
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.4-beta
CVE-2026-40190
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.5.18, the LangSmith JavaScri
CVE-2026-40189
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.4, goshs enforces the documented per-folder .goshs ACL/ba
CVE-2026-40188
goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the
CVE-2026-40185
TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo m
CVE-2026-40184
TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. Th
CVE-2026-40180
Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs generation. Prior to 2.
CVE-2026-40178
ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was a
CVE-2026-40177
ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was a
CVE-2026-40175
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0, the Axios library is vulnerable to a
CVE-2026-40168
Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Al
CVE-2026-39922
GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability in the servic
CVE-2026-39921
GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows a
CVE-2026-32252
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c
CVE-2026-30232
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c
CVE-2026-3446
When calling base64.b64decode() or related functions the decoding process would stop after encountering the first padded
CVE-2026-33737
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexml_load_string()
CVE-2026-33736
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user (including ROLE_STUDENT) can en
CVE-2026-33710
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5(time
CVE-2026-33708
Chamilo LMS is a learning management system. Prior to 1.11.38, the get_user_info_from_username REST API endpoint returns
CVE-2026-33707
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism gener
CVE-2026-33706
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify the
CVE-2026-33705
Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files (.tpl) under /main/template/default/
CVE-2026-33704
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including students) can write arb
CVE-2026-33703
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerabili
CVE-2026-33702
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Ob
CVE-2026-33698
Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code fr
CVE-2026-33618
Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray
CVE-2026-27460
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.5, a c
CVE-2026-5483
A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Ha
CVE-2026-40163
Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.5, 1.5.5, and 1.6.0-beta.4, t
CVE-2026-40162
Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugs
Latest News
Singapore Takes Down Chinese Hackers Targeting Telco Networks
Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation
NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure
NCSC call firms to ‘act now’ following disruptive malware attacks targeting Polish energy providers
Taxing times: Top IRS scams to look out for in 2026
It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy.
European Governments Breached in Zero-Day Attacks Targeting Ivanti
The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches
SolarWinds Web Help Desk Exploitation - February 2026
Elastic Security detection and prevention capabilities for the recently-disclosed SolarWinds Web Help Desk vulnerabilities.
New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix
Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution
Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme
Two Connecticut men face federal charges for a $3m scheme targeting online gambling platforms
VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code
VoidLink, a Linux-based C2 framework, facilitates credential theft, data exfiltration across clouds
ClawSec: Hardening OpenClaw Agents from the Inside Out
Learn about how ClawSec, by Prompt Security, secures OpenClaw agents, stopping malicious skills with zero-trust defenses.
UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering
Written by: Ross Inman, Adrian Hernandez Introduction North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentr...
9th February – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 9th February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Romania...
Data Breaches
Claude and ChatGPT Exploited in Sweeping Cyber Campaign Against Government Agencies
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting governm...
ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met.
All Brazilians potentially impacted by alleged breach of Experian subsidiary
Cybernews reports that Serasa Experian, the Brazilian subsidiary of credit risk and fraud prevention firm Experian, had 1.8 TB of data belonging to 223 milli...
China supercomputer breach: 10 petabytes of military data allegedly stolen by 'FlamingChina'
The stolen data, reportedly offered for sale, is said to contain simulations and schematics of aircraft, missiles, and bombs, originating from top organizati...
Bitcoin Depot loses $3.6 million in Bitcoin after system breach
The breach allowed unauthorized access to Bitcoin Depot's corporate IT systems, leading to the theft of 50.903 Bitcoin, valued at roughly $3.
UNC6783 Hackers Use Fake Okta Pages in Corporate Breach Campaign
UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensiti...
Over 300K Americans compromised in Eurail breach
Eurail B.V.
Major Colombian banks purportedly breached, data leaked
Grupo Bancolombia and Banco De Bogota, two of the leading banks in Colombia, were claimed to have been compromised by the same threat actor, who also exposed...
Eurail data breach impacted 308,777 people
Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail i...
Sensitive LAPD documents reportedly leaked online by World Leaks
The breach, attributed to the extortion gang World Leaks, reportedly exposed approximately 7.7 terabytes of data, including over 337,000 files.
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users.
Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
Bitcoin Depot has disclosed a cyber-attack that led to the theft of more than 50 Bitcoin, worth $3.