351864 matches found
ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files
ACR Stealer, an infostealer in circulation since 2024, is walking out of enterprise networks with saved browser passwords, live session tokens, PDFs, Microsoft 365 documents, and files from synced OneDrive and SharePoint folders. It gets in because someone pasted a command into a Run box and...
New GoSerpent Malware Targets Southeast Asian Governments and Diplomats for Espionage
Cybersecurity researchers have discovered a previously undocumented malware called GoSerpent that has been put to use in cyber attacks targeting entities in Southeast Asia since late 2025 with a focus on long-term access and intelligence gathering. Russian cybersecurity company Kaspersky, which...
CVE-2018-14816
creationtimestamp| type| source ---|---|--- 2026-07-17 07:00:04+00:00| seen| Telegram/pS736wy1q4JTpyQ27GThkrd-KM7MPYTW9rtTHg4MZzf-Jty...
CVE-2018-5359
creationtimestamp| type| source ---|---|--- 2026-07-17 07:00:04+00:00| seen| Telegram/k80Taa8IY7nxLnumeY-H3x3jlcrPeyDdpP7VuHsdGYbQmc...
CVE-2026-13352
creationtimestamp| type| source ---|---|--- 2026-07-17 06:55:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqt67iafs42k...
CVE-2026-59173
creationtimestamp| type| source ---|---|--- 2026-07-17 06:39:19+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mqt5cimvnh2p...
CVE-2026-62764
creationtimestamp| type| source ---|---|--- 2026-07-17 06:34:18+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mqt4zjdzoo2e...
CVE-2026-15982
creationtimestamp| type| source ---|---|--- 2026-07-17 05:50:05+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqt2kgy3tm2y 2026-07-17 06:00:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116933789451136259 2026-07-17 06:00:30+00:00| seen|...
CVE-2026-15457
The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.0.13 via the 'family' parameter. This makes it possible for authenticated attackers, with editor-level access and above, to delete...
CVE-2026-13765
The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.1 via the checkanswer. This makes it possible for unauthenticated attackers to extract the correct-answer markers...
CVE-2026-9046
creationtimestamp| type| source ---|---|--- 2026-07-17 05:13:21+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mqsyirmdtq2e 2026-07-17 05:13:36+00:00| seen| https://mastodon.social/users/hugovalters/statuses/116933605175540875...
CVE-2004-2761
creationtimestamp| type| source ---|---|--- 2026-07-17 05:00:09+00:00| seen| https://t.me/PositiveTechnologies/355...
CVE-2022-26383
creationtimestamp| type| source ---|---|--- 2026-07-17 05:00:09+00:00| seen| https://t.me/EchelonEyes/38...
CVE-2022-24044
creationtimestamp| type| source ---|---|--- 2026-07-17 05:00:05+00:00| seen| https://t.me/EchelonEyes/276...
CVE-2022-24043
creationtimestamp| type| source ---|---|--- 2026-07-17 05:00:05+00:00| seen| https://t.me/EchelonEyes/276...
CVE-2022-24045
creationtimestamp| type| source ---|---|--- 2026-07-17 05:00:05+00:00| seen| https://t.me/EchelonEyes/276...
CVE-2026-8616
The Fense Proxy & VPN Blocker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce validation on the fensebpvtsavesettings function in versions up to, and including, 3.0.1. The callback is registered to both wpajax and...
CVE-2026-24227
creationtimestamp| type| source ---|---|--- 2026-07-17 03:46:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqstmpirax2a...
CVE-2026-62387
creationtimestamp| type| source ---|---|--- 2026-07-17 03:45:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqstlcndcq2n...
CVE-2026-13765 LearnPress <= 4.4.1 - Missing Authorization to Unauthenticated Sensitive Information Exposure via /lp/v1/users/check-answer and /start-quiz REST Endpoints
The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.1 via the checkanswer. This makes it possible for unauthenticated attackers to extract the correct-answer markers...