Roblox clamps down on chats and age checks as legal pressure builds

Roblox has long faced criticism over child safety on its platform. Now it has started settling with state attorneys over the issue, and the total is climbing fast. On April 21, Alabama Attorney General Steve Marshall announced a $12.2 million settlement with the child-focused online gaming...

WordPress Kids Online Store theme <= 0.8.9 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Kids Online Store versions = 0.8.9...

WordPress Kids Gift Shop theme <= 0.5.4 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Kids Gift Shop versions = 0.5.4...

@kids-reporter/cms-core (>=1.0.17 <=1.0.32), @kids-reporter/draft-editor (>=1.0.19 <=1.0.32) potentially affected by CVE-2025-46720 +1 more via @keystone-6/core (=6.5.1)

@keystone-6/core NPM version =6.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on @keystone-6/core and may be impacted: - @kids-reporter/cms-core =1.0.17, =1.0.19, =1.0.32 Source cves: CVE-2025-46720, CVE-2026-33326 Source advisory:...

CVE-2025-67619

Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through = 3.2...

CVE-2025-67619

Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through = 3.2...

CVE-2025-67619

Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through = 3.2...

CVE-2025-67619

CVE-2025-67619 describes a PHP object-injection via deserialization in the WordPress Kids Heaven theme (Kids Heaven: kids-world) for versions up to and including 3.2. Root cause: deserialization of untrusted data leading to object injection. Impact: high (per CVSS) across confidentiality, integri...

CVE-2025-67619 WordPress Kids Heaven theme <= 3.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through = 3.2...

CVE-2025-67619 WordPress Kids Heaven theme <= 3.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through = 3.2...

PT-2026-4017

Name of the Vulnerable Software and Affected Versions designthemes Kids Heaven kids-world versions prior to 3.2 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This issue impacts the Kids Heaven kids-world application...

WordPress plugin Kids Heaven: Code-related vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

WordPress Kids Heaven theme <= 3.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Kids Heaven versions = 3.2...

Disney Fined $10M for Violating Children’s Privacy Laws on YouTube

Disney agrees to a $10M settlement with the DOJ and FTC over YouTube privacy violations. Learn how the COPPA ruling affects kids' data and Disney's new rules...

AI Toys for Kids Talk About Sex, Drugs, and Chinese Propaganda

Plus: Travelers to the US may have to hand over five years of social media history, South Korean CEOs are resigning due to cyberattacks, and more...

EUVD-2014-6588

Malware in sbrugna...

EUVD-2015-1023

Malware in sbrugna...

EUVD-2014-5440

Malware in sbrugna...

EUVD-2014-5446

Malware in sbrugna...

EUVD-2025-28203

Malicious code in bioql PyPI...