News Archives • Page 5 of 650 • Daily CyberSecurity

1M WordPress Sites at Risk: Critical Unauthenticated Arbitrary File Deletion in Avada Builder (CVSS 9.1) Avada Builder vulnerability CVE-2026-8713 unauthenticated arbitrary file deletion in WordPress

Avada Builder vulnerability CVE-2026-8713 unauthenticated arbitrary file deletion in WordPress

1M WordPress Sites at Risk: Critical Unauthenticated Arbitrary File Deletion in Avada Builder (CVSS 9.1)

Do Son June 19, 2026

Around one million WordPress sites just got an urgent reason to patch. A critical Avada Builder...

APT37 NarwhalRAT Malware: A Python Backdoor Threat APT37 NarwhalRAT malware diagram

APT37 NarwhalRAT Malware: A Python Backdoor Threat

Do Son June 19, 2026

Genians Security Center recently confirmed the continued distribution of compiled Python-based malware. This threat targets Korean users...

Google Calendar custom colors RGB picker event organization

Google Calendar Adds 200 Custom Colors and a Full RGB Picker

Do Son June 19, 2026

Color-coding enthusiasts have a real reason to celebrate. Google is finally retiring Calendar’s long-standing limit of 11...

Claude Code Quota Reset Follows Morning Outage Claude Code quota reset notification displayed on a developer workstation screen

Claude Code Quota Reset Follows Morning Outage

Do Son June 19, 2026

On the morning of June 19, a server anomaly within Claude Code erroneously obscured users’ weekly quotas....

Chrome Extension Vulnerabilities: Millions at Risk Illustration of Chrome extension vulnerabilities and hacker exploiting MaXSS and Spyder flaws

Illustration of Chrome extension vulnerabilities and hacker exploiting MaXSS and Spyder flaws

Chrome Extension Vulnerabilities: Millions at Risk

Do Son June 19, 2026

Rebora Security Research recently uncovered severe Chrome extension vulnerabilities. These critical flaws impact two widely used AI...

Apple Opens iOS to Third-Party App Stores in Brazil Under CADE Settlement iOS third-party app stores Brazil Apple CADE settlement

Apple Opens iOS to Third-Party App Stores in Brazil Under CADE Settlement

Do Son June 19, 2026

Apple’s walled garden has another crack in it. Following the EU’s Digital Markets Act, Brazil has become...

F5 Patches Two Critical NGINX Flaws in HTTP/3 and HTTP/2 Modules (CVE-2026-42530, CVE-2026-42055) NGINX vulnerabilities CVE-2026-42530 HTTP/3 use-after-free and HTTP/2 buffer overflow

NGINX vulnerabilities CVE-2026-42530 HTTP/3 use-after-free and HTTP/2 buffer overflow

F5 Patches Two Critical NGINX Flaws in HTTP/3 and HTTP/2 Modules (CVE-2026-42530, CVE-2026-42055)

Do Son June 19, 2026

F5 has issued out-of-band patches for two serious flaws in its NGINX web server. The critical NGINX...

iba deserialization vulnerability enabling remote code execution in ibaPDA and ibaDatCoordinator (CVE-2026-8024)

Critical iba Deserialization Vulnerability Exposes ibaPDA and ibaDatCoordinator to RCE (CVE-2026-8024)

Do Son June 19, 2026

Unauthenticated RCE hits iba industrial software A critical iba deserialization vulnerability could let remote attackers run arbitrary...

OpenBSD authentication bypass PoC exploit for the PPP PAP CVE-2026-55706 vulnerability

27-Year-Old OpenBSD Authentication Bypass: Details and PoC Exploit Publicly Disclosed

Do Son June 19, 2026

A one-line bug that survived 27 years Researchers at Argus have publicly disclosed an OpenBSD authentication bypass...

LiteLLM authentication bypass via Host Header Injection in the AI Gateway proxy (CVE-2026-49468)

LiteLLM Authentication Bypass via Host Header Injection (CVE-2026-49468)

Do Son June 19, 2026

Critical bug exposes LiteLLM management routes A newly disclosed LiteLLM authentication bypass could let unauthenticated attackers...

Langflow File Upload Flaw: Details and PoC Exploit Publicly Disclosed (CVE-2026-55450) Langflow file upload flaw enabling unauthenticated denial-of-service and path leak (CVE-2026-55450)

Langflow file upload flaw enabling unauthenticated denial-of-service and path leak (CVE-2026-55450)

Langflow File Upload Flaw: Details and PoC Exploit Publicly Disclosed (CVE-2026-55450)

Do Son June 19, 2026

Unauthenticated upload exposes Langflow servers A newly published Langflow file upload flaw lets anyone with network...

Rockwell Automation patches multiple ICS flaws Rockwell Automation vulnerabilities in FactoryTalk Historian and FLEX I/O EtherNet/IP adapters

Rockwell Automation vulnerabilities in FactoryTalk Historian and FLEX I/O EtherNet/IP adapters

Rockwell Automation patches multiple ICS flaws

Do Son June 19, 2026

Rockwell Automation has disclosed two security advisories that reveal several Rockwell Automation vulnerabilities across its industrial product...

Splunk CVE-2026-20253: CVSS 9.8 RCE Exploited in the Wild Splunk CVE-2026-20253 remote code execution vulnerability diagram

Splunk CVE-2026-20253: CVSS 9.8 RCE Exploited in the Wild

Do Son June 18, 2026

The cybersecurity landscape faces a critical threat today. CISA confirmed active exploitation of Splunk CVE-2026-20253. Consequently,...

Node.js Security Updates: Urgent Action Required Node.js security updates patch critical vulnerabilities

Node.js Security Updates: Urgent Action Required

Do Son June 18, 2026

Critical Node.js Security Updates Released Developers must quickly apply the newest Node.js security updates. The Node.js project...

Velvet Ant’s Operation Highland: A Decade Inside Critical Infrastructure

Do Son June 18, 2026

A China-nexus threat group known as Velvet Ant hid inside one organization’s network for nearly a decade....

ChatGPT Scheduled Tasks Transform AI into an Active Agent ChatGPT Scheduled Tasks feature transforming AI into an active agent

ChatGPT Scheduled Tasks Transform AI into an Active Agent

Do Son June 18, 2026

To imbue its AI assistant with more proactive, agentic capabilities, OpenAI recently announced a groundbreaking feature. They...

Microsoft China AI Business Thrives on OpenAI Sales Microsoft China AI business growth via OpenAI and ByteDance partnership

Microsoft China AI Business Thrives on OpenAI Sales

Do Son June 18, 2026

The artificial intelligence rivalry and technological warfare between the United States and China continue to escalate. This...

Moxa Patches NPort Flaws: Root RCE and Format String Bugs (CVE-2026-10829) Moxa NPort vulnerability CVE-2026-10829 stack buffer overflow in serial device server

Moxa NPort vulnerability CVE-2026-10829 stack buffer overflow in serial device server

Moxa Patches NPort Flaws: Root RCE and Format String Bugs (CVE-2026-10829)

Do Son June 18, 2026

Industrial network gear is back in the spotlight. Moxa has disclosed two flaws in its NPort serial...

AsyncRAT AI Lures Target Users Hunting AI Skills

AsyncRAT AI Lures Target Users Hunting AI Skills

Do Son June 18, 2026

As artificial intelligence dominates tech headlines, cybercriminals are riding the wave. FortiGuard Labs has detailed a fresh...

Apple Intelligence developer tools showcase at WWDC 2026

Apple Intelligence Developer Tools Revealed at WWDC 2026

Do Son June 18, 2026

During the recent WWDC 2026 special session, Apple profoundly explored the underlying operational mechanisms of its artificial...

Critical Alert 2 Active Exploits Detected Today