CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats

“Defenders cannot afford to take weeks to patch,” one Cybersecurity and Infrastructure Security Agency official warned on Wednesday...

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The...

AnomalyMatch security vulnerability

AnomalyMatch is a semi-supervised image anomaly detection tool open source by the European Space Agency. Versions of AnomalyMatch prior to 1.3.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of torch.load to load model files without proper deserialization...

CVE-2026-5386

creationtimestamp| type| source ---|---|--- 2026-05-28 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-06 2026-05-29 19:01:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmz7wtzwag27 2026-05-29 20:38:47+00:00| seen|...

WordPress Line Agency theme <= 1.3.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Line Agency versions = 1.3.1...

CVE-2026-7251

creationtimestamp| type| source ---|---|--- 2026-05-26 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-146-01 2026-05-26 20:03:26+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mmrryieg2w23...

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025...

CVE-2026-8602

creationtimestamp| type| source ---|---|--- 2026-05-19 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03 2026-05-19 20:30:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmaab4idvm2e...

CVE-2019-14200

creationtimestamp| type| source ---|---|--- 2026-05-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-16...

Disneyland Now Uses Face Recognition on Visitors

Plus: The NSA tests Anthropic’s Mythos Preview to find vulnerabilities, a Finnish teen is charged over the Scattered Spider hacking spree, and more...

GRASSMARLIN 代码问题漏洞

GRASSMARLIN is an open-source network security posture awareness tool for industrial control systems developed by the NSA Cybersecurity Directorate. Version GRASSMARLIN v3.2.1 contains a code vulnerability. This vulnerability stems from insufficient hardening of the XML parsing process, which may...

CVE-2024-46636

NASA Earth Observing System Data and Information System EOSDIS MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter...

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of...

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

The Office of Inspector General OIG of the U.S. National Aeronautics and Space Administration NASA has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities,...

CVE-2026-27785

creationtimestamp| type| source ---|---|--- 2026-04-23 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03 2026-04-28 01:01:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjf4pllmh2e...

CVE-2026-32649

creationtimestamp| type| source ---|---|--- 2026-04-23 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03...

PT-2026-34832

Critical vulnerability in Anthropic Mythos and reported NSA adoption CVE-2026-21841 https://t.co/ZwHNBc0RF8 machinelearning ai...

CVE-2026-1354

creationtimestamp| type| source ---|---|--- 2026-04-21 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-06 2026-04-21 23:03:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk23qvraqb2r...

CVE-2026-35546

creationtimestamp| type| source ---|---|--- 2026-04-16 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03 2026-04-17 20:00:15+00:00| seen| https://infosec.exchange/users/offseq/statuses/116421821298546503 2026-04-17 20:00:16+00:00| seen|...

AVEVA Pipeline Simulation

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training configuration and training records. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...