[webapps] Xibo CMS 4.3.0 - RCE via SSTI
Xibo CMS 4.3.
Aggregating 7497 articles from trusted cybersecurity sources
Xibo CMS 4.3.
Fedora - Local Privilege Escalation
LangChain Core 1.2.
Atlona ATOMERX21 - Authenticated Command Injection
How we built an open-source, drop-in CI template that uses signal extraction and LLM reasoning to catch CI/CD abuse in GitHub Actions, GitLab CI, and Azure D...
The AWS Customer Incident Response Team (AWS CIRT) regularly encounters patterns that repeat across their engagements when helping customers respond to secur...
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an a...
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer...
As organizations expand their Amazon Web Services (AWS) footprint, managing secure, scalable, and cost-efficient access across multiple accounts becomes incr...
Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote atta...
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encrypti...
Welcome to this week’s edition of the GBHackers cybersecurity newsletter — your weekly cybersecurity bulletin covering the 40 most important stories from Jul...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Securing the inbox: Where identity, brand and security meet...
The breach, which occurred on February 7 and was disclosed on February 12, affected 6.2 million Odido customers.
The breach, which Miinto reported to the police and data protection authorities, may have compromised customer names, email addresses, physical addresses, an...
The Dutch National Police (Politie) says it has found "strong indications" that Dutch hackers have been involved in a February breach at the telecommunicatio...
Authorities launch Operation First Light 2026, attackers deploy Forg365 to hijack Microsoft accounts, and rival cyberspies breach Pakistani police networks.
When done correctly, regulations can help companies restore operations quickly and maintain trust after a breach.
Other noteworthy stories that might have slipped under the radar: Abnormal AI sued by Anthropic, AssuranceAmerica data breach affects 7 million people, NSA b...
AssuranceAmerica discovered unauthorized access to its systems on March 17, concluding its investigation on June 15.
AssuranceAmerica confirmed a breach exposing nearly 7 million driver’s licenses after hackers compromised an employee account and stole customer data. U.
Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs. The post 12 Million Impacted by Data Breach at Jap...
AssuranceAmerica, a U.S.