CVE-2025-41029 SQL injection in Zeon Academy Pro by Zeon Global Tech

SQL injection vulnerability in Zeon Academy Pro by Zeon Global Tech. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a POST request using the parameter 'phonenumber' in '/private/continue-upload.php'...

CVE-2025-41029

SQL injection vulnerability in Zeon Academy Pro by Zeon Global Tech. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a POST request using the parameter 'phonenumber' in '/private/continue-upload.php'...

CVE-2025-41029

CVE-2025-41029 describes a SQL injection vulnerability in Zeon Academy Pro (Zeon Global Tech). The flaw affects the application’s handling of a POST parameter named ‘phonenumber’ in /private/continue-upload.php, enabling an attacker to retrieve, create, update, or delete databases. The CVSS v4.0 ...

PT-2026-33991

SQL injection vulnerability in Zeon Academy Pro by Zeon Global Tech. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a POST request using the parameter 'phonenumber' in '/private/continue-upload.php'...

Big Tech can stop scams. They just don’t (Lock and Code S07E08)

This week on the Lock and Code podcast … A dreadful thing happens far too often whenever an older adult falls for a scam: They get blamed for it. Not the scammers who lied and cheated their victim out of money. Not law enforcement for failing to recover funds. Not even the Big Tech companies that...

More than pretty pictures: Wendy Bishop on visual storytelling in tech

In this episode of Humans of Talos, Amy sits down with Wendy Bishop, Head of Creative, to explore the vital role of design in the world of cybersecurity. From her early beginnings in web design and journalism to leading the creative vision for Talos, Wendy shares the unique challenges and rewards...

CVE-2026-39709

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.4...

EUVD-2026-20416

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.4...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.9.3 release.

Red Hat Developer Hub 1.9.3 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

CVE-2026-0049

creationtimestamp| type| source ---|---|--- 2026-04-06 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0399/ 2026-04-08 14:21:04+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3miyii2rd5w2x 2026-04-09 01:18:15+00:00| seen|...

METATRON AI Penetration Testing

Metatron is a CLI-based AI penetration testing assistant that runs entirely on your local machine - no cloud, no API keys, no subscriptions. You give it a target IP or domain. It runs real recon tools nmap, whois, whatweb, curl, dig, nikto, feeds all results to a locally running AI model, and the...

CVE-2025-58136

creationtimestamp| type| source ---|---|--- 2026-04-02 22:22:04+00:00| published-proof-of-concept| Telegram/23ZcvUWmnJsq-zA1xOv2ctyvywAVz8hRL5r96BcfYjQKx08 2026-04-07 14:12:03+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3mivxj2e77x24...

CVE-2026-34982

creationtimestamp| type| source ---|---|--- 2026-04-02 17:03:39+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3mijorcb6532p 2026-04-06 16:20:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mitoamwgvc2m 2026-04-06 17:32:59+00:00| seen|...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.8.5 release.

Red Hat Developer Hub 1.8.5 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

We Are At War

Rising geopolitical tensions are reflected or in some cases preceded by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it. Introduction: One tech power to rule them all is a thing of the past The relative safety, peace and prosperity that...

Malicious Package

Overview @ev-tech/eva-container-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

MAL-2026-2246 Malicious code in @ev-tech/eva-container-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 000e7dc4c22d822e052329e85f5a615743547eaafc111f35576b780059ca2afb The package @ev-tech/eva-container-api was found to contain malicious code. Source: ghsa-malware...

PT-2026-28798

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands...

Academia and the “AI Brain Drain”

In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher this year, to $650 billion, to fund the building of physical infrastructure, such as data centers see go.nature.com/3lzf79q...

EUVD-2026-9642

Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through = 1.0.1...