Privacy/Governance Feed
A new CISA‑led guide explains how zero‑trust security can be applied to operational technology, balancing cyber defence with safety and system availability – Read More –
Attack Feeds
Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO) – Read More – The Hacker News
Attack Feeds
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. “The intrusion chain begins with execution of a batch script (‘install_obf.bat’) that disables Windows security controls, dynamically extracts an – Read More – … Read More “New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials – The Hacker News” »
Privacy/Governance Feed
European police arrested 10 suspects after dismantling Albanian scam call centers linked to a €50m ($58m) online investment fraud operation – Read More –
Attack Feeds
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori. “An unprivileged local user can write four controlled bytes into the page cache of … Read More “New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions – The Hacker News” »
Attack Feeds
Anthropic recently announced that it would not release Mythos, its most powerful AI model, to the public. The model discovered thousands of previously unknown software vulnerabilities — flaws that had sat undetected in major operating systems and web browsers for as long as nearly three decades. Anthropic said the model was too dangerous to deploy … Read More “Everyone’s building AI agents. Almost nobody’s ready for what they do to identity. – CyberScoop” »
Privacy/Governance Feed
Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise – Read More –
Privacy/Governance Feed
Data has become the most regulated asset in modern enterprises. For organizations operating in tightly governed sectors, the challenge… The post Cloud HSM for Regulated Industries: Strengthening Compliance and Data Security appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Attack Feeds
Linux Kernel Vulnerability “Copy Fail” lets attackers gain root access via memory flaw. Patch now or disable algif_aead to stay secure. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes. Read more in my article on the Hot for Security blog. – Read More – GRAHAM CLULEY
Attack Feeds
Google has addressed a maximum severity security flaw in Gemini CLI — the “@google/gemini-cli” npm package and the “google-github-actions/run-gemini-cli” GitHub Actions workflow — that could have allowed attackers to execute arbitrary commands on host systems. “The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,” – Read … Read More “Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution – The Hacker News” »
Attack Feeds
A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency. Meanwhile, there’s a 1980s phone protocol called … Read More “Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions – GRAHAM CLULEY” »
Attack Feeds
Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting asks: “So, are we actually safer now?” Crickets. The room goes quiet because an honest answer requires context – which is something that patch counts … Read More “What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong) – The Hacker News” »
Attack Feeds
PocketOS founder says Cursor AI agent deleted its production database in 9 seconds after misusing a root API token, exposing major Railway security flaws. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
The growth of data centers — and adversaries’ targeting of them — left lawmakers at a hearing Wednesday contemplating whether the federal government has the right setup for defending them. Some industry witnesses and experts at the hearing of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection testified that the answer might be … Read More “Congress, industry ponder government posture for protecting data centers – CyberScoop” »
Attack Feeds
A hacker using the alias “Xorcat” claims to have breached Polymarket using API flaws, but research suggests the leak could be just data scraping incident. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
Bluekit Phishing Kit is a new PhaaS tool that targets major platforms, using AiTM techniques to steal session data and bypass MFA protections. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29 SEC Consult Vulnerability Lab Security Advisory < 20260423-0 > ======================================================================= title: DLL Hijacking product: EfficientLab Controlio (cloud-based employee monitoring service) vulnerable version: <1.3.95 fixed version: 1.3.95 CVE number: CVE-2025-10549 impact: High … Read More “SEC Consult SA-20260423-0 :: DLL Hijacking in EfficientLab Controlio (cloud-based employee monitoring service) – Full Disclosure” »
Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29 SEC Consult Vulnerability Lab Security Advisory < 20260427-0 > ======================================================================= title: Missing TLS Certificate Validation leading to RCE product: DeskTime Time Tracking App vulnerable version: 1.3.671 fixed version: – CVE number: CVE-2025-10539 impact: medium homepage:https://desktime.com… – Read More … Read More “SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App – Full Disclosure” »
Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29 *Update 2026-04-28:* The vendor contacted us and now provides a patched version v1.3.674 which can be obtained at the following URL: https://desktime.com/download – Read More – Full Disclosure
Alert Feeds
Posted by Milan Berger via Fulldisclosure on Apr 29 # Security Advisory: ESP-RFID-Tool v2 PRO **Product:** ESP-RFID-Tool v2 PRO **Vendor:** Raik Schneider (Einstein2150), foto-video-it.de **Repository:** https://github.com/Einstein2150/ESP-RFID-Tool-v2 **Affected Version:** v2.2.1 (latest as of 2026-04-28) **Severity:** CRITICAL **Disclosure Type:** Full Public Disclosure **Disclosure Date:** 2026-04-28 **Researcher:** Milan ‘t4c’ Berger — ## Disclosure Timeline | Date | … Read More “ESP-RFID-Tool v2 PRO — Full Public Disclosure – Full Disclosure” »
![[SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection – Full Disclosure](https://attackfeed.com/wp-content/uploads/2026/04/fulldisclosure-img-Gcb2CJ.webp "[SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection")
Alert Feeds
Posted by SBA Research Security Advisory via Fulldisclosure on Apr 29 # GoAnywhere MFT Email HTML Injection # Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20251120-01_GoAnywhere_MFT_Email_HTML_Injection ## Vulnerability Overview ## GoAnywhere MFT before 7.10.0 is affected by an HTML injection vulnerability in its email templating functionality. If an attacker is able to influence the content of a template variable, malicious … Read More “[SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection – Full Disclosure” »
![[IWCC 2026] CfP: 15th International Workshop on Cyber Crime – Linköping, Sweden, Aug 24-27, 2026 – Full Disclosure](https://attackfeed.com/wp-content/uploads/2026/04/fulldisclosure-img-UEfQSI.webp "[IWCC 2026] CfP: 15th International Workshop on Cyber Crime – Linköping, Sweden, Aug 24-27, 2026")
Alert Feeds
Posted by Artur Janicki via Fulldisclosure on Apr 29 [APOLOGIES FOR CROSS-POSTING] CALL FOR PAPERS 15th International Workshop on Cyber Crime (IWCC 2026 – https://www.ares-conference.eu/iwcc) to be held in conjunction with the International Conference on Availability, Reliability and Security (ARES 2026 – https://www.ares-conference.eu/) in Linköping, Sweden, August 24-27, 2026 IMPORTANT DATES Submission Deadline May … Read More “[IWCC 2026] CfP: 15th International Workshop on Cyber Crime – Linköping, Sweden, Aug 24-27, 2026 – Full Disclosure” »
Alert Feeds
Posted by malvuln on Apr 29 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2026 Original source: https://malvuln.com/advisory/8c15ec5f0137d097a345b693f0bffedb.txt Malvuln Intelligence Feed: https://intel.malvuln.com/ Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Trojan-Spy.Win32.Small Vulnerability: Remote Command Execution Description: The malware opens a listener on TCP port 65535, allowing unauthenticated remote attackers with network access… – Read … Read More “Trojan-Spy.Win32.Small / Remote Command Execution – Full Disclosure” »
![[KIS-2026-07] SocialEngine](https://attackfeed.com/wp-content/uploads/2026/04/fulldisclosure-img-t6Ehd0.webp "[KIS-2026-07] SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability")
Alert Feeds
Posted by Egidio Romano on Apr 29 ——————————————————————— SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability ——————————————————————— [-] Software Link: https://socialengine.com [-] Affected Versions: Versions 7.8.0, 7.7.0, and likely prior versions. [-] Vulnerability Description: User input passed through the “uri” request parameter to the… – Read More – Full Disclosure
![[KIS-2026-08] SocialEngine](https://attackfeed.com/wp-content/uploads/2026/04/fulldisclosure-img-zusPCZ.webp "[KIS-2026-08] SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability")
Alert Feeds
Posted by Egidio Romano on Apr 29 —————————————————————– SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability —————————————————————– [-] Software Link: https://socialengine.com [-] Affected Versions: Versions 7.8.0, 7.7.0, and likely prior versions. [-] Vulnerability Description: User input passed through the “text” request parameter to the… – Read More – Full Disclosure
Alert Feeds
Posted by Nir Yehoshua on Apr 29 Hi Full Disclosure list, I published a technical research article titled: When Trusted Tools Become Attack Primitives The article examines how trusted local utilities can become security-relevant primitives when used inside automated processing pipelines. It covers two case studies: 1. macOS textutil resolving remote resources during HTML-to-text … Read More “Research: When Trusted Tools Become Attack Primitives – Full Disclosure” »
Alert Feeds
Posted by Apple Product Security via Fulldisclosure on Apr 29 APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2 iOS 26.4.2 and iPadOS 26.4.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127002. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Notification Services Available … Read More “APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2 – Full Disclosure” »
Alert Feeds
Posted by Apple Product Security via Fulldisclosure on Apr 29 APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8 iOS 18.7.8 and iPadOS 18.7.8 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127003. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Notification Services Available … Read More “APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8 – Full Disclosure” »
Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29 SEC Consult Vulnerability Lab Security Advisory < 20260415-0 > ======================================================================= title: Exposed Private Key of X.509 Certificate product: SAP HANA Cockpit & SAP HANA Database Explorer vulnerable version: HANA Cockpit <2.18.2 (HRTT <2.16.254002) fixed … Read More “SEC Consult SA-20260415-0 :: Exposed Private Key of X.509 Certificate in SAP HANA Cockpit & SAP HANA Database Explorer – Full Disclosure” »
Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29 SEC Consult Vulnerability Lab Security Advisory < 20260421-0 > ======================================================================= title: Broken Access Control in Config Endpoint product: LiteLLM vulnerable version: <=v1.83.0 fixed version: v1.83.0-nightly CVE number: CVE-2026-35029 impact: high … Read More “SEC Consult SA-20260421-0 :: Broken Access Control in Config Endpoint in LiteLLM – Full Disclosure” »
Attack Feeds
Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. According to reports from Aikido Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, the campaign – calling itself the mini Shai-Hulud – has affected the following packages associated with SAP’s JavaScript and cloud application – Read … Read More “SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware – The Hacker News” »
Attack Feeds
Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic’s Claude Opus large language model (LLM). The package in question is “@validate-sdk/v2,” which is listed on npm as a utility software development kit (SDK) for hashing, validation, encoding/decoding, and secure random generation. However, … Read More “New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs – The Hacker News” »
Privacy/Governance Feed
Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX – Read More –
Privacy/Governance Feed
Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes crypto wallets – Read More –
Attack Feeds
In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate attacks directly into the kill chain. We aren’t just talking about AI writing better phishing emails anymore. We’re talking about autonomous agents mapping Active Directory and seizing Domain Admin credentials in minutes. The … Read More “Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks – The Hacker News” »
Attack Feeds
WILMINGTON, Delaware, 29th April 2026, CyberNewswire – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Privacy/Governance Feed
KELA claims infostealers remained the primary access vector for attacks in 2025 – Read More –
Attack Feeds
US-Estonian suspect Peter Stokes arrested in Finland over alleged ties to Scattered Spider, facing US charges for cyberattacks, fraud, and data breaches. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
A man accused of working as a hacker for China’s Ministry of State Security has been extradited to the USA from Italy, and faces – if found guilty – the prospect of decades behind bars. Read more in my article on the Hot for Security blog. – Read More – GRAHAM CLULEY
Attack Feeds
cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software. The problem affects all currently supported versions, according to an alert released by cPanel on Tuesday. The issue has been addressed in the following versions – 11.110.0.97 11.118.0.63 … Read More “Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately – The Hacker News” »
Privacy/Governance Feed
The Vect 2.0 ransomware wipes large files instead of merely encrypting them, making recovery impossible – even for the attackers – Read More –
Privacy/Governance Feed
RunSafe report reveals most attacks on medical devices disrupt patient care – Read More –
Attack Feeds
Top AI-powered vendor risk platforms for SaaS companies in 2026, compare tools, features, and how to choose the… – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below – CVE-2024-1708 (CVSS score: 8.4) – A path traversal vulnerability in ConnectWise ScreenConnect – Read More – … Read More “CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV – The Hacker News” »
Attack Feeds
Novee researchers find high-severity CVE-2026-26268 flaw in Cursor AI, allowing hackers to run malicious code when developers clone repositories. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI’s LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge. The vulnerability, tracked as CVE-2026-42208 (CVSS score: 9.3), is an SQL injection that could … Read More “LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure – The Hacker News” »
Attack Feeds
Like many organizations, the National Geospatial Intelligence Agency is moving to integrate AI tools into their business operations. Jay Harless, director of human development at NGA, said the agency is trying to strike a balance: move fast enough to keep pace in what U.S. national security officials increasingly view as an AI arms race with … Read More “Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul – CyberScoop” »
Attack Feeds
Like many organizations, the National Geospatial Intelligence Agency is moving to integrate AI tools into their business operations. Jay Harless, director of human development at NGA, said the agency is trying to strike a balance: move fast enough to keep pace in what U.S. national security officials increasingly view as an AI arms race with … Read More “Spy agency officials say job loss anxiety, moving fast ‘safely’ among top challenges in AI workforce overhaul – CyberScoop” »
Attack Feeds
Crypto Custody Concentration hits $152.9B as institutions shift to derivatives, consolidating capital on top exchanges amid Q1 market slowdown. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More