Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak
The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic. The post Medtronic Hack Confirmed ...
Threat Intelligence Feed
Aggregating 4594 articles from trusted cybersecurity sources
LATEST CVEs
CVE-2026-7194
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown functi
CVE-2026-7183
A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMess
CVE-2026-7179
A security vulnerability has been detected in OSPG binwalk up to 2.4.3. This vulnerability affects the function read_nul
CVE-2026-40971
When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification w
CVE-2026-28747
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization
CVE-2026-7178
A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file a
CVE-2026-7177
A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function prox
CVE-2026-7160
A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boafor
CVE-2026-7159
A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function read_document/list_document
CVE-2026-7191
Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may all
CVE-2026-7158
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected
CVE-2026-7157
A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulner
CVE-2026-7156
A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function CsteSystem of the file /c
CVE-2026-7155
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPa
CVE-2026-7154
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of
CVE-2026-5362
An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed
CVE-2026-3087
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then th
CVE-2026-29971
A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version 2.31.1. User-controlled input is refle
CVE-2024-46636
NASA Earth Observing System Data and Information System (EOSDIS) MODAPS v8.1 was discovered to contain a SQL injection v
CVE-2026-7153
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMin
CVE-2026-7152
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCf
CVE-2026-7151
A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6
CVE-2026-6741
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Esca
CVE-2026-5394
An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled
CVE-2026-7150
A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the
CVE-2026-7149
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerabilit
CVE-2026-7148
A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Execut
CVE-2026-7147
A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functiona
CVE-2026-40970
When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verificat
CVE-2026-35903
MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP s
CVE-2026-35902
The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication att
CVE-2026-35901
A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attac
CVE-2026-32655
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A l
CVE-2026-31256
A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931
CVE-2026-31255
A command injection vulnerability exists in Tenda AC18 V15.03.05.05_multi. The vulnerability is located in the /goform/S
CVE-2025-69428
An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdi
CVE-2021-36438
SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobpor
CVE-2026-7146
A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b49
CVE-2026-7145
A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/C
CVE-2026-7144
A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown functi
Latest News
No articles found.
Data Breaches
Claude Opus 4.6-Powered AI Coding Agent Wipes Production Database in 9 Seconds
A Claude Opus 4.6-powered AI coding agent operating through the Cursor editor autonomously deleted the production database and backups of SaaS startup Pocket...
ADT confirms data breach after ShinyHunters threatens data leak
The breach affected customer and prospective customer data, including names, phone numbers, and addresses.
Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records
Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corpo...
ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach
ShinyHunters has leaked data linked to Udemy, Zara, and 7-Eleven, with claims of exposed Salesforce records and cloud-based systems.
Home security giant ADT data breach affects 5.5 million people
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier thi...
Medtronic confirms breach after hackers claim 9 million records theft
Medical device giant Medtronic disclosed last week that hackers breached its network and accessed data in "certain corporate IT systems." [.
LINKEDIN BROWSERGATE
BrowserGate claims LinkedIn secretly fingerprints users via extensions and device data, sending encrypted results to third parties for tracking. BrowserGate ...
Hackers impersonate Microsoft Teams help desk to breach corporate networks
Hackers are impersonating Microsoft Teams help desk workers to trick victims into installing data-stealing malware, researchers found.
UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware
UNC6692 hackers exploit Microsoft Teams with fake IT alerts to deploy SNOW malware, steal credentials, and breach corporate networks in advanced attacks.
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in...
Itron Discloses Data Breach After Hackers Access Internal Systems
Itron, Inc., a leading smart metering and energy infrastructure technology company, has disclosed a cybersecurity incident after an unauthorized third party ...