Aggregator

Alleged Breach of Therapeutes Exposes 71,500 Patient Records and 199,000 Therapy Appointments From French Mental Health Platform

A vulnerability identified as problematic has been detected in JetBrains Datalore up to 2026.0. Affected by this issue is some unknown functionality of the component Cookie Setting Handler. This manipulation causes sensitive cookie without secure attribute. The identification of this vulnerability is CVE-2026-32745. The attack needs to be done within the local network. There is no exploit available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in nyariv SandboxJS up to 0.8.33. Affected by this vulnerability is an unknown functionality. The manipulation results in code injection. This vulnerability was named CVE-2026-26954. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Google Clasp up to 3.1.x. It has been rated as critical. Affected is an unknown function of the component Filenames Handler. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2026-4092. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses

A vulnerability was found in Digilent DASYLab. It has been declared as critical. This impacts an unknown function. Executing a manipulation can lead to out-of-bounds read. This vulnerability is handled as CVE-2026-0956. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Digilent DASYLab. It has been classified as problematic. This affects an unknown function. Performing a manipulation results in out-of-bounds read. This vulnerability is known as CVE-2026-0955. Remote exploitation of the attack is possible. No exploit is available.

Positive Technologies представила мартовский дайджест трендовых уязвимостей.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

Sophisticated phishing attacks are bypassing on-device protections with troubling frequency, making it more critical than ever for users to protect themselves from potential threats, new research from Omdia shows.

Threat Actor Selling Alleged Databases From Crypto, AI, and Finance Platforms Including MagicSlides, TLDR.Tech, and 365.loans

U.S. prosecutors accused an incident responder of conducting cyberattacks and helping ransomware gangs negotiate higher payouts from the same victims he was working for.

Российский кибербез превращается в закрытый клуб для гигантов.

近期，美国 AI 初创公司 Anthropic 与五角大楼的激烈争端，将生成式 AI 的军用边界问题推到了公众

INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency's ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams. The effort is part of an international law enforcement operation that involved 72 countries and territories.