Aggregator

CVE-2026-47349 | TYPO3 CMS up to 14.3.2 Recycler authorization (WID-SEC-2026-1835)

2 weeks ago

A vulnerability marked as critical has been reported in TYPO3 CMS up to 10.4.56/11.5.50/12.4.45/13.4.30/14.3.2. This impacts an unknown function of the component Recycler Module. This manipulation causes missing authorization. The identification of this vulnerability is CVE-2026-47349. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

vuldb.com

CVE-2026-47350 | TYPO3 CMS up to 13.4.30/14.3.2 authorization (WID-SEC-2026-1835)

Vuldb Updates

2 weeks ago

A vulnerability classified as problematic was found in TYPO3 CMS up to 13.4.30/14.3.2. Affected by this issue is some unknown functionality. Executing a manipulation can lead to missing authorization. This vulnerability is tracked as CVE-2026-47350. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.

vuldb.com

CVE-2026-47348 | TYPO3 CMS up to 13.4.30/14.3.2 cross site scripting (WID-SEC-2026-1835)

Vuldb Updates

2 weeks ago

A vulnerability, which was classified as problematic, has been found in TYPO3 CMS up to 13.4.30/14.3.2. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-47348. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

vuldb.com

Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs

darkreading

2 weeks ago

Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine.

Elizabeth Montalbano

Fortinet security advisory (AV26-568)

CCCS - Alerts and advisories

2 weeks ago

Canadian Centre for Cyber Security

How Threat Intelligence Feeds Help Automate SOCs to Reduce MTTR

Cyber Security News

2 weeks ago

Security operations center (SOC) automation has become one of the biggest trends in cybersecurity. Organizations are investing heavily in AI, orchestration, and automated response technologies in pursuit of faster detection and reduced operational costs. However, effective SOC automation requires a practical approach grounded in business priorities, realistic expectations, and measurable outcomes. SOC Automation Starts with […]

The post How Threat Intelligence Feeds Help Automate SOCs to Reduce MTTR appeared first on Cyber Security News.

Balaji N

iPhone 与美国生育率下降相关

Solidot

2 weeks ago

美国总生育率自 2007 年以来下降了 22%，这一下降趋势难以用经济状况、避孕、住房或托儿成本等进行解释，智能手机的普及被认为与生育率下降相关，2007 年就是第一代 iPhone 发布之年。在美国，从 2007 年 6 月到 2011 年 2 月，iPhone 仅在 AT&T 网络销售。这就是为研究智能手机对生育影响提供了一个天然的实验环境。研究人员利用 AT&T 移动网络覆盖范围的差异去识别 iPhone 对生育的影响。结果显示，iPhone 的普及使 15-19 岁女性的生育率下降了 4.5%-8.0%，20-24 岁女性的生育率下降了 3.2%-6.6%。iPhone 的普及加速了 30 岁以下女性生育率的下降，抑制了 30 岁以上女性生育率的上升。研究人员称，iPhone 的普及能解释 15-44 岁女性总体生育率下降的 33%-52%。原因被认为是智能手机减少了线下的面对面人际交往，增加了色情内容的使用，降低了性生活频率。

Компьютер из материала толщиной в один атом: кремний впервые получил реального конкурента

Securitylab.ru

2 weeks ago

Следующая эра электроники только что началась в лаборатории.

75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds

Information Security Magazine

2 weeks ago

Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip

Australian Health Care Data Leak Detected on Darknet Forum

Dark Feed IO

2 weeks ago

You must login to view this content

cohenido

Ochre Health Data Breach: 25K+ Patients' Medical Records for Sale

Dark Web Informer - Cyber Threat Intelligence

2 weeks ago

A threat actor using the alias 2019 claims to be selling a patient database stolen from Ochre Health, an Australian medical-centre network providing general practice and allied health services.

Dark Web Informer

Israeli Law Firm Email Access for Sale on Darknet Forum

Dark Feed IO

2 weeks ago

You must login to view this content

cohenido

Zeemart Data Breach: 510K+ Records Leaked From Singapore F&B Platform

Dark Web Informer - Cyber Threat Intelligence

2 weeks ago

A threat actor using the alias 2019 claims to have leaked the database of Zeemart, a Singapore-based B2B procurement and supply-chain platform for restaurants, cafes, and other food and beverage businesses.

Dark Web Informer

Napoleon Perdis Data Breach: 339K Australian Customer Records Leaked

Dark Web Informer - Cyber Threat Intelligence

2 weeks 1 day ago

A threat actor using the alias 2019 claims to have leaked the customer database of Napoleon Perdis, the Australian luxury cosmetics brand.

Dark Web Informer

Рунет отвязывают от Запада рублем. Кого и на сколько накажут за иностранные кнопки входа на сайты?

Securitylab.ru

2 weeks 1 day ago

Госдума утвердила штрафы за неисполнение правил авторизации через российские системы и Госуслуги.

AI Coding Adoption Hits 97% but Governance Lags Behind

Information Security Magazine

2 weeks 1 day ago

Most dev teams use AI coding assistants but only 30% have full governance in place

CVE-2026-23255 | Linux Kernel up to 6.18.9 net /proc/net/ptype ptype_seq_next/ptype_seq_show state issue (Nessus ID 319993 / WID-SEC-2026-0790)

Vuldb Updates

2 weeks 1 day ago

A vulnerability has been found in Linux Kernel up to 6.18.9 and classified as critical. Affected by this vulnerability is the function ptype_seq_next/ptype_seq_show of the file /proc/net/ptype of the component net. This manipulation causes state issue. This vulnerability is handled as CVE-2026-23255. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.

vuldb.com

CVE-2026-23411 | Linux Kernel up to 7.0-rc3 apparmor i_private privilege escalation (EUVD-2026-17843 / Nessus ID 319993)

Vuldb Updates

2 weeks 1 day ago

A vulnerability was found in Linux Kernel up to 6.6.129/6.12.76/6.18.17/6.19.7/7.0-rc3. It has been declared as critical. This affects the function i_private of the component apparmor. Such manipulation leads to privilege escalation. This vulnerability is documented as CVE-2026-23411. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2026-23409 | Linux Kernel up to 7.0-rc3 apparmor encoding error (EUVD-2026-17839 / Nessus ID 319993)

Vuldb Updates

2 weeks 1 day ago

A vulnerability was found in Linux Kernel up to 6.6.129/6.12.76/6.18.17/6.19.7/7.0-rc3 and classified as critical. The affected element is an unknown function of the component apparmor. The manipulation results in encoding error. This vulnerability is cataloged as CVE-2026-23409. The attack must originate from the local network. There is no exploit available. It is suggested to upgrade the affected component.

vuldb.com

Fortinet FortiSandbox Vulnerability Allows Attackers to Execute Unauthorized Commands

Cyber Security News

2 weeks 1 day ago

Fortinet has disclosed a critical security vulnerability in its FortiSandbox product line that could allow unauthenticated remote attackers to execute arbitrary OS commands through the web interface. The flaw, tracked as CVE-2026-25089 and assigned a CVSSv3 score of 9.1 (Critical), affects multiple versions of FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS deployments. The vulnerability stems from […]

The post Fortinet FortiSandbox Vulnerability Allows Attackers to Execute Unauthorized Commands appeared first on Cyber Security News.

Guru Baran

Aggregator

Managed ad