File read flaw in Smart Slider plugin impacts 500K WordPress sites
A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary…
Author: Cybernoz
Microsoft Issues Critical WinRE and Setup Updates Ahead of 2026 Secure Boot Certificate Expiration
Microsoft has rolled out two new dynamic updates, KB5081494 and KB5083482, designed for Windows 11 versions 24H2 and 25H2. Released on March 26, 2026, these…
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Ravie LakshmananMar 27, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape New Malware Targets Users of Cobra…
Hiding in Plain Sight with App Domain Manager Injection
A little-known feature of the .NET framework allows attackers to execute malicious code inside trusted, Microsoft-signed applications without exploiting a software flaw or dropping a…
The breaches we still talk about.
In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire’s Maria Varmazis and Dave Bittner discuss the biggest breaches over the past 10…
Coruna iOS exploit framework linked to Triangulation attacks
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage…
Hackers Probe Citrix NetScaler Instances Ahead of Likely CVE-2026-3055 Exploitation
Cybersecurity researchers are sounding the alarm over imminent in-the-wild exploitation of a recently disclosed critical vulnerability in Citrix NetScaler ADC and Gateway appliances. Threat intelligence…
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
Ravie LakshmananMar 27, 2026Threat Intelligence / Vulnerability A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since…
Iran-linked hackers open low-cost digital front as US-Israeli attacks mount
As they fled an Iranian missile strike, some Israelis with Android phones received a text offering a link to real-time information about bomb shelters. But…
The Growing Reality of AI-Enhanced Candidate Fraud
Within the world of recruiting, more specifically the tech and remote-work world, the conversation about AI in hiring has moved past “if” to “how often.”…
From Bot Signups to Account Takeovers
Modern fraud attacks look like a relay race where different tools and actors handle each stage of the journey from signup to cash-out. When you…