The Broken System That Keeps Shipping Crews Stranded in the Strait of Hormuz

Vessels are increasingly being abandoned during the war on Iran, revealing a hidden failure in the global systems that keep goods—and people—moving...

CVE-2026-28018

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

EUVD-2026-9680

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

CVE-2026-28018

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

CVE-2026-28018

CVE-2026-28018 is a WordPress Local File Inclusion vulnerability in the ThemeREX Global Logistics WordPress theme (globallogistics) versions

CVE-2026-28018 WordPress Global Logistics theme <= 3.20 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

CVE-2026-28018 WordPress Global Logistics theme <= 3.20 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

CVE-2026-28018

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

WordPress plugin Global Logistics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-23300

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

CVE-2026-26892

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...

EUVD-2026-9309

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...

PT-2026-22788

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage parcel type.php...

PT-2026-22789

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage carrier.php...

CVE-2026-26891

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

CVE-2026-26892

CVE-2026-26892 affects Sourcecodester Logistics Hub Parcel’s Management System v1.0, with SQL Injection in /manage_carrier.php. Documents confirm a network-accessible vulnerability impacting confidentiality, integrity, and availability (CVSSv3.1: C/H, I/H, A/H; AV:N/AC:L/PR:H/UI:N/S:U). No remedi...

WordPress Global Logistics theme <= 3.20 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Global Logistics versions = 3.20...

CVE-2025-23591

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in blulogistics1 blu Logistics blu-logistics allows Reflected XSS.This issue affects blu Logistics: from n/a through = 1.0.0...

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics formerly CJ Korea Express. "The threat actor leveraged QR codes...

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

This week's cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers kee...