Researchers Uncover “Haxor” SEO Poisoning Marketplace
Fortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO”
Threat Intelligence Feed
Aggregating 3072 articles from trusted cybersecurity sources
LATEST CVEs
CVE-2026-40199
Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass.
_pa
CVE-2026-40198
Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass.
_pack_
CVE-2026-33119
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized
CVE-2026-33118
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2026-5724
The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper
CVE-2026-40252
FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability (IDOR/BOLA) allows any
CVE-2026-40242
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.17.3, the /api/template
CVE-2026-40194
phpseclib is a PHP secure communications library. Prior to 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::get_binary_pa
CVE-2026-40191
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.4-beta
CVE-2026-40190
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.5.18, the LangSmith JavaScri
CVE-2026-40189
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.4, goshs enforces the documented per-folder .goshs ACL/ba
CVE-2026-40188
goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the
CVE-2026-40185
TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo m
CVE-2026-40184
TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. Th
CVE-2026-40180
Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs generation. Prior to 2.
CVE-2026-40178
ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was a
CVE-2026-40177
ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was a
CVE-2026-40175
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0, the Axios library is vulnerable to a
CVE-2026-40168
Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Al
CVE-2026-39922
GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability in the servic
CVE-2026-39921
GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows a
CVE-2026-32252
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c
CVE-2026-30232
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c
CVE-2026-3446
When calling base64.b64decode() or related functions the decoding process would stop after encountering the first padded
CVE-2026-33737
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexml_load_string()
CVE-2026-33736
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user (including ROLE_STUDENT) can en
CVE-2026-33710
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5(time
CVE-2026-33708
Chamilo LMS is a learning management system. Prior to 1.11.38, the get_user_info_from_username REST API endpoint returns
CVE-2026-33707
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism gener
CVE-2026-33706
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify the
CVE-2026-33705
Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files (.tpl) under /main/template/default/
CVE-2026-33704
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including students) can write arb
CVE-2026-33703
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerabili
CVE-2026-33702
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Ob
CVE-2026-33698
Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code fr
CVE-2026-33618
Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray
CVE-2026-27460
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.5, a c
CVE-2026-5483
A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Ha
CVE-2026-40163
Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.5, 1.5.5, and 1.6.0-beta.4, t
CVE-2026-40162
Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugs
Latest News
Law Firm Investigates Coupang Security Failures Ahead of Class Action Deadline
The US law firm Hagens Berman will lead a class action lawsuit against Coupang over security failures that led to a June 2025 data breach
Okta Flags Customized, Reactive Vishing Attacks Which Bypass MFA
Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials
Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm
A destructive cyber attack targeting Poland’s energy sector has been linked to Russian APT group Sandworm
Bypassing Windows Administrator Protection
A headline feature introduced in the latest release of Windows 11, 25H2 is Administrator Protection. The goal of this feature is to replace User Account Cont...
ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper
NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers
Open letter by NHS technology leaders outlines plans to identify risks to software supply chain security across health and social care system
Under Armour Investigates Data Breach After 72 Million Records Allegedly Exposed
Under Armour said there is no evidence at this point to suggest the incident affected systems used to process payments or store customer passwords
Children and chatbots: What parents should know
As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development
Critical Appsmith Flaw Enables Account Takeovers
Critical vulnerability in Appsmith allows account takeover via flawed password reset process
RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites
Security flaw in RealHomes CRM plugin allowed file uploads; patches released for 30,000+ sites
Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure
VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.
Data Breaches
Claude and ChatGPT Exploited in Sweeping Cyber Campaign Against Government Agencies
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting governm...
ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met.
All Brazilians potentially impacted by alleged breach of Experian subsidiary
Cybernews reports that Serasa Experian, the Brazilian subsidiary of credit risk and fraud prevention firm Experian, had 1.8 TB of data belonging to 223 milli...
China supercomputer breach: 10 petabytes of military data allegedly stolen by 'FlamingChina'
The stolen data, reportedly offered for sale, is said to contain simulations and schematics of aircraft, missiles, and bombs, originating from top organizati...
Bitcoin Depot loses $3.6 million in Bitcoin after system breach
The breach allowed unauthorized access to Bitcoin Depot's corporate IT systems, leading to the theft of 50.903 Bitcoin, valued at roughly $3.
UNC6783 Hackers Use Fake Okta Pages in Corporate Breach Campaign
UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensiti...
Over 300K Americans compromised in Eurail breach
Eurail B.V.
Major Colombian banks purportedly breached, data leaked
Grupo Bancolombia and Banco De Bogota, two of the leading banks in Colombia, were claimed to have been compromised by the same threat actor, who also exposed...
Eurail data breach impacted 308,777 people
Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail i...
Sensitive LAPD documents reportedly leaked online by World Leaks
The breach, attributed to the extortion gang World Leaks, reportedly exposed approximately 7.7 terabytes of data, including over 337,000 files.
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users.
Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
Bitcoin Depot has disclosed a cyber-attack that led to the theft of more than 50 Bitcoin, worth $3.