Vimeo Confirms User and Customer Data Breach
The ShinyHunters group is threatening to leak stolen files unless Vimeo agrees to pay a ransom. The post Vimeo Confirms User and Customer Data Breach appeare...
Threat Intelligence Feed
Aggregating 4655 articles from trusted cybersecurity sources
LATEST CVEs
CVE-2026-7194
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown functi
CVE-2026-7183
A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMess
CVE-2026-7179
A security vulnerability has been detected in OSPG binwalk up to 2.4.3. This vulnerability affects the function read_nul
CVE-2026-40971
When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification w
CVE-2026-28747
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization
CVE-2026-7178
A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file a
CVE-2026-7177
A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function prox
CVE-2026-7160
A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boafor
CVE-2026-7159
A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function read_document/list_document
CVE-2026-7191
Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may all
CVE-2026-7158
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected
CVE-2026-7157
A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulner
CVE-2026-7156
A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function CsteSystem of the file /c
CVE-2026-7155
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPa
CVE-2026-7154
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of
CVE-2026-5362
An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed
CVE-2026-3087
If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then th
CVE-2026-29971
A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. U
CVE-2024-46636
NASA Earth Observing System Data and Information System (EOSDIS) MODAPS v8.1 was discovered to contain a SQL injection v
CVE-2026-7153
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMin
CVE-2026-7152
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCf
CVE-2026-7151
A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6
CVE-2026-6741
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Esca
CVE-2026-5394
An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled
CVE-2026-7150
A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the
CVE-2026-7149
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerabilit
CVE-2026-7148
A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Execut
CVE-2026-7147
A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functiona
CVE-2026-40970
When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verificat
CVE-2026-35903
MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP s
CVE-2026-35902
The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication att
CVE-2026-35901
A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attac
CVE-2026-32655
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A l
CVE-2026-31256
A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931
CVE-2026-31255
A command injection vulnerability exists in Tenda AC18 V15.03.05.05_multi. The vulnerability is located in the /goform/S
CVE-2025-69428
An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdi
CVE-2021-36438
SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobpor
CVE-2026-7146
A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b49
CVE-2026-7145
A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/C
CVE-2026-7144
A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown functi
Latest News
No articles found.
Data Breaches
Video site Vimeo blames security incident on Anodot breach
The hackers did not access video content, user logins or payment card information, and there was no disruption to Vimeo’s services,
Udemy allegedly breached by ShinyHunters, data leak warned
Cybernews reports that U.S-based.
Medtronic Confirms Data Breach After ShinyHunters Claims
Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [.
Checkmarx Confirms Security Incident Involving GitHub Repository Exposure
Application security provider Checkmarx has officially confirmed a new security incident involving the exposure of its internal GitHub repository. On April 2...
Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak
The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic. The post Medtronic Hack Confirmed ...
Claude Opus 4.6-Powered AI Coding Agent Wipes Production Database in 9 Seconds
A Claude Opus 4.6-powered AI coding agent operating through the Cursor editor autonomously deleted the production database and backups of SaaS startup Pocket...
Lazarus Doesn't Need AGI
Explore the 2026 Claude Mythos breach, supply chain risks, and the $2B+ crypto theft pipeline.
ADT confirms data breach after ShinyHunters threatens data leak
The breach affected customer and prospective customer data, including names, phone numbers, and addresses.
Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records
Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corpo...
ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach
ShinyHunters has leaked data linked to Udemy, Zara, and 7-Eleven, with claims of exposed Salesforce records and cloud-based systems.