https://shimiscyberworld.com/posts/2026-05-18-nvd-CVE-2026-47090/ Shimi's Cyber World en 2026-05-23T01:19:55+03:00 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-22T23:00:00+03:00 Daily Security Digest — 2026-05-22daily-digest, vulnerability, cve, high-severity, cwe-88, privilege-escalation, cwe-863, critical, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/ghostwriter-targets-ukraine-government-entities-with-prometh-bwi6o/ Shimi's Cyber World en 2026-05-22T19:20:32+03:00 Ghostwriter Targets Ukraine Government with Prometheus Phishingthreat-intel, vulnerability, malware, phishing https://shimiscyberworld.com/posts/in-other-news-industrial-router-exploitation-cisa-kev-nomi-biz1y/ Shimi's Cyber World en 2026-05-22T17:07:06+03:00 Huawei Router Flaw Triggered Telecom Blackout, SecurityWeek Reportsthreat-intel, vulnerability, identity https://shimiscyberworld.com/posts/trend-micro-warns-of-apex-one-zero-day-exploited-in-the-wild-lf7fe/ Shimi's Cyber World en 2026-05-22T16:39:19+03:00 Trend Micro Apex One Zero-Day Under Active Exploitationthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/tracking-iranian-apt-screening-serpens-2026-espionage-campa-bwdjf/ Shimi's Cyber World en 2026-05-22T16:00:42+03:00 Iranian APT Screening Serpens Uses AppDomainManager Hijacking in Espionage Campaignsthreat-intel, apt, malware, research, unit-42 https://shimiscyberworld.com/posts/telegram-1542954397-4607/ Shimi's Cyber World en 2026-05-22T15:03:46+03:00 Chromium Exploit Code Leaked for Unpatched Browser Fetch Vulnerabilityvulnerability https://shimiscyberworld.com/posts/ubiquiti-patches-three-max-severity-unifi-os-vulnerabilities-phgxb/ Shimi's Cyber World en 2026-05-22T15:00:42+03:00 Ubiquiti Patches Three Max Severity UniFi OS Vulnerabilitiesthreat-intel, data-breach, malware, vulnerability, tools https://shimiscyberworld.com/posts/megalodon-github-attack-targets-5-561-repos-with-malicious-c-n7fj3/ Shimi's Cyber World en 2026-05-22T14:55:24+03:00 Megalodon GitHub Attack: 5,561 Repos Hit with Malicious CI/CD Workflowsthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/making-vulnerable-drivers-exploitable-without-hardware-the-tr7vj/ Shimi's Cyber World en 2026-05-22T14:38:12+03:00 Windows Kernel Drivers Can Be Exploited Without Hardware, The Hacker News Reportsthreat-intel, vulnerability, microsoft, the-hacker-news https://shimiscyberworld.com/posts/paved-with-intent-roadtools-and-nation-state-tactics-in-the-rwgfz/ Shimi's Cyber World en 2026-05-22T13:00:24+03:00 ROADtools Misused by Nation-States in Cloud Intrusionsthreat-intel, apt, malware, research, cloud, tools https://shimiscyberworld.com/posts/first-vpn-cybercrime-service-disrupted-administrator-arre-paajp/ Shimi's Cyber World en 2026-05-22T12:24:22+03:00 First VPN Cybercrime Service Disrupted, Administrator Arrestedthreat-intel, vulnerability, malware, ransomware https://shimiscyberworld.com/posts/nvd-CVE-2026-9011/ Shimi's Cyber World en 2026-05-22T12:16:33+03:00 WordPress Ditty Plugin: Authorization Bypass Exposes Non-Public Contentvulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-8692/ Shimi's Cyber World en 2026-05-22T12:16:33+03:00 CVE-2026-8692 — The Vedrixa Forms – User Registration Form, Signup Form &vulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-8684/ Shimi's Cyber World en 2026-05-22T12:16:33+03:00 CVE-2026-8684 — The MotoPress Hotel Booking plugin for WordPress isvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-8679/ Shimi's Cyber World en 2026-05-22T12:16:32+03:00 CVE-2026-8679: WordPress AudioIgniter Plugin Exposes Playlist Datavulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-8381/ Shimi's Cyber World en 2026-05-22T12:16:32+03:00 CVE-2026-8381 — A broken access control vulnerability exists in thevulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-7798/ Shimi's Cyber World en 2026-05-22T12:16:32+03:00 CVE-2026-7798 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7636/ Shimi's Cyber World en 2026-05-22T12:16:32+03:00 CVE-2026-7636 — The Slider by Soliloquy – Responsive Image Slider forvulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-7615/ Shimi's Cyber World en 2026-05-22T12:16:32+03:00 CVE-2026-7615 — The Widget Context plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/kimwolf-ddos-botnet-operator-arrested-in-canada-over-ddos-fo-q0w3w/ Shimi's Cyber World en 2026-05-22T11:50:18+03:00 Kimwolf DDoS Botnet Operator Arrested in Canadathreat-intel, vulnerability, malware https://shimiscyberworld.com/posts/grafana-says-codebase-and-other-data-stolen-via-tanstack-sup-pmbhp/ Shimi's Cyber World en 2026-05-22T10:49:38+03:00 Grafana Codebase Stolen via Unrotated Token in TanStack Supply Chain Attackthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-9104/ Shimi's Cyber World en 2026-05-22T08:16:28+03:00 CVE-2026-9104 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-9018/ Shimi's Cyber World en 2026-05-22T08:16:28+03:00 CVE-2026-9018: Easy Elements WordPress Plugin Privilege Escalationvulnerability, cve, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-7509/ Shimi's Cyber World en 2026-05-22T08:16:27+03:00 CVE-2026-7509 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7249/ Shimi's Cyber World en 2026-05-22T08:16:27+03:00 CVE-2026-7249 — The Location Weather plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-6864/ Shimi's Cyber World en 2026-05-22T08:16:27+03:00 CVE-2026-6864 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4070/ Shimi's Cyber World en 2026-05-22T08:16:27+03:00 CVE-2026-4070 — The Alfie – Feed Plugin plugin for WordPress is vulnerablevulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-44409/ Shimi's Cyber World en 2026-05-22T08:16:26+03:00 CVE-2026-44409 — Information Disclosurevulnerability, cve, medium-severity, information-disclosure, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-3481/ Shimi's Cyber World en 2026-05-22T08:16:25+03:00 CVE-2026-3481 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-2518/ Shimi's Cyber World en 2026-05-22T08:16:24+03:00 CVE-2026-2518 — The FastX theme for WordPress is vulnerable to unauthorizedvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/telegram-1542954397-4606/ Shimi's Cyber World en 2026-05-22T07:30:04+03:00 GitHub Breached: Supply Chain Attack on Nx Console Compromises Internal Reposmalware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-4834/ Shimi's Cyber World en 2026-05-22T07:16:26+03:00 WP ERP Pro SQL Injection (CVE-2026-4834) Exposes Sensitive Datavulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-34911/ Shimi's Cyber World en 2026-05-22T05:16:34+03:00 UniFi OS Path Traversal (CVE-2026-34911) Puts System Files at Riskvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-34910/ Shimi's Cyber World en 2026-05-22T05:16:34+03:00 UniFi OS Critical Command Injection (CVE-2026-34910) Demands Immediate Attentionvulnerability, cve, critical, high-severity, command-injection, cwe-20 https://shimiscyberworld.com/posts/nvd-CVE-2026-34909/ Shimi's Cyber World en 2026-05-22T05:16:34+03:00 UniFi OS Critical Path Traversal Vulnerability (CVE-2026-34909)vulnerability, cve, critical, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-34908/ Shimi's Cyber World en 2026-05-22T05:16:34+03:00 UniFi OS Critical Improper Access Control Vulnerability: CVE-2026-34908vulnerability, cve, critical, high-severity, improper-access-control, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-33000/ Shimi's Cyber World en 2026-05-22T05:16:33+03:00 UniFi OS Critical Command Injection (CVE-2026-33000)vulnerability, cve, critical, high-severity, command-injection, cwe-20 https://shimiscyberworld.com/posts/nvd-CVE-2026-6960/ Shimi's Cyber World en 2026-05-22T01:16:48+03:00 BookingPress Pro Plugin: Critical RCE via Unauthenticated File Uploadvulnerability, cve, critical, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-22678/ Shimi's Cyber World en 2026-05-22T01:16:46+03:00 CVE-2026-22678 — The Email Template Description Field Of The System And Serve Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-47102/ Shimi's Cyber World en 2026-05-22T00:16:32+03:00 LiteLLM Privilege Escalation: User Role Manipulation Grants Admin Access (CVE-2026-47102)vulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-47101/ Shimi's Cyber World en 2026-05-22T00:16:32+03:00 LiteLLM Privilege Escalation Via API Key Misconfiguration (CVE-2026-47101)vulnerability, cve, high-severity, privilege-escalation, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-4843/ Shimi's Cyber World en 2026-05-21T23:16:14+03:00 CVE-2026-4843 — The GSheet For Woo Importer plugin for WordPress isvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-47114/ Shimi's Cyber World en 2026-05-21T23:16:14+03:00 IINA CVE-2026-47114: macOS Command Execution via Malicious URLvulnerability, cve, high-severity, cwe-88 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-21T23:00:00+03:00 Daily Security Digest — 2026-05-21daily-digest, vulnerability, cve, critical, high-severity, buffer-overflow, cwe-122, sql-injection, cwe-89, cwe-121 https://shimiscyberworld.com/posts/tech-giants-promise-british-regulator-they-will-tweak-platfo-6lxcl/ Shimi's Cyber World en 2026-05-21T22:01:00+03:00 Tech Giants Commit to UK Child Safety Tweaks for Ofcomthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-48247/ Shimi's Cyber World en 2026-05-21T21:16:21+03:00 CVE-2026-48247 — Open ISES Tickets before 3.44.2 disables TLS certificatevulnerability, cve, medium-severity, cwe-295 https://shimiscyberworld.com/posts/nvd-CVE-2026-48246/ Shimi's Cyber World en 2026-05-21T21:16:21+03:00 CVE-2026-48246 — Open ISES Tickets before 3.44.2 disables TLS certificatevulnerability, cve, medium-severity, cwe-295 https://shimiscyberworld.com/posts/nvd-CVE-2026-48242/ Shimi's Cyber World en 2026-05-21T21:16:21+03:00 Open ISES Tickets CVE-2026-48242: Hardcoded MySQL Credentials Exposedvulnerability, cve, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-48241/ Shimi's Cyber World en 2026-05-21T21:16:21+03:00 CVE-2026-48241: Hardcoded MySQL Credentials in Open ISES Tickets Expose Datavulnerability, cve, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-48240/ Shimi's Cyber World en 2026-05-21T21:16:20+03:00 Open ISES Tickets SQLi: Authenticated Attackers Can Destroy Database Contentvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48239/ Shimi's Cyber World en 2026-05-21T21:16:20+03:00 Open ISES Tickets SQL Injection (CVE-2026-48239) Allows Database Manipulationvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48238/ Shimi's Cyber World en 2026-05-21T21:16:20+03:00 Open ISES Tickets SQLi: Authenticated Attackers Can Corrupt Databasesvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48237/ Shimi's Cyber World en 2026-05-21T21:16:20+03:00 Open ISES Tickets SQLi: Authenticated Attackers Can Destroy Databasevulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48236/ Shimi's Cyber World en 2026-05-21T21:16:20+03:00 Open ISES Tickets SQL Injection (CVE-2026-48236) Exposes Databasesvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48235/ Shimi's Cyber World en 2026-05-21T21:16:20+03:00 CVE-2026-48235: SQLi in Open ISES Tickets via GPS Datavulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48234/ Shimi's Cyber World en 2026-05-21T21:16:20+03:00 Open ISES Tickets SQL Injection Vulnerability (CVE-2026-48234)vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48233/ Shimi's Cyber World en 2026-05-21T21:16:20+03:00 Open ISES Tickets CVE-2026-48233: SQL Injection Exposes Databasevulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48232/ Shimi's Cyber World en 2026-05-21T21:16:19+03:00 Open ISES Tickets SQL Injection (CVE-2026-48232) Allows Data Manipulationvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-48231/ Shimi's Cyber World en 2026-05-21T21:16:19+03:00 Open ISES Tickets SQLi: Authenticated Attackers Can Corrupt Databasesvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-39593/ Shimi's Cyber World en 2026-05-21T21:16:17+03:00 CVE-2026-39593 — VillaTheme HAPPY Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/google-accidentally-exposed-details-of-unfixed-chromium-flaw-zg4ik/ Shimi's Cyber World en 2026-05-21T21:13:50+03:00 Google Accidentally Exposes Chromium RCE Flaw Detailsthreat-intel, data-breach, malware https://shimiscyberworld.com/posts/two-americans-plead-guilty-to-assisting-india-based-tech-sup-kvvko/ Shimi's Cyber World en 2026-05-21T21:02:00+03:00 US Citizens Plead Guilty to Aiding India-Based Tech Support Scamsthreat-intel, data-breach, government, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-48213/ Shimi's Cyber World en 2026-05-21T20:16:22+03:00 CVE-2026-48213 — Add.Php That Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-9089/ Shimi's Cyber World en 2026-05-21T19:16:23+03:00 ConnectWise Automate Agent Fails Plugin Verification, CVSS 8.8vulnerability, cve, high-severity, cwe-494 https://shimiscyberworld.com/posts/nvd-CVE-2026-39531/ Shimi's Cyber World en 2026-05-21T19:16:23+03:00 CVE-2026-39531: WP Directory Kit Blind SQL Injection Flaw Rated Criticalvulnerability, cve, critical, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-1816/ Shimi's Cyber World en 2026-05-21T18:16:22+03:00 CVE-2026-1816 — Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Vulnerabilityvulnerability, cve, medium-severity, cwe-307 https://shimiscyberworld.com/posts/nvd-CVE-2026-1815/ Shimi's Cyber World en 2026-05-21T18:16:22+03:00 CVE-2026-1815 — Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Vulnerabilityvulnerability, cve, medium-severity, cwe-613 https://shimiscyberworld.com/posts/uk-plans-for-cybercrime-law-reform-would-protect-almost-no-o-bph85/ Shimi's Cyber World en 2026-05-21T17:47:00+03:00 UK Cybercrime Law Reform Threatens Vulnerability Researchthreat-intel, data-breach, government, vulnerability https://shimiscyberworld.com/posts/showboat-linux-malware-hits-middle-east-telecom-with-socks5-c13t6/ Shimi's Cyber World en 2026-05-21T17:17:09+03:00 Showboat Linux Malware Targets Middle East Telecom with SOCKS5 Proxythreat-intel, vulnerability, malware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-45208/ Shimi's Cyber World en 2026-05-21T17:16:48+03:00 CVE-2026-45208: Apex One/SEP Agent Vulnerability Allows Local Privilege Escalationvulnerability, cve, high-severity, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-45207/ Shimi's Cyber World en 2026-05-21T17:16:48+03:00 CVE-2026-45207: Apex One/SEP Agent Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-45206/ Shimi's Cyber World en 2026-05-21T17:16:47+03:00 CVE-2026-45206: Privilege Escalation in Apex One/SEP Agentvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34930/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34930: Trend Micro Apex One/SEP Agent Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34929/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34929: Trend Micro Apex One/SEP Agent Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34928/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34928: Trend Micro Apex One/SEP Agent Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34927/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34927: Trend Micro Apex One/SEP Agent Local Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34926/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34926 — The Apex One (On-Premise) Server Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-2740/ Shimi's Cyber World en 2026-05-21T17:16:44+03:00 Zohocorp ManageEngine RCE in ADSelfService Plus, DataSecurity Plus, RecoveryManager Plusvulnerability, cve, high-severity, remote-code-execution, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2025-71213/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 Trend Micro Apex One CVE-2025-71213: Local Privilege Escalation Riskvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2025-71212/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 Trend Micro Apex One Vulnerability Allows Local Privilege Escalationvulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2025-71211/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 Trend Micro Apex One Console Vulnerability Allows Remote Code Executionvulnerability, cve, critical, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2025-71210/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 Trend Micro Apex One Console RCE (CVE-2025-71210) — Patch Nowvulnerability, cve, critical, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2025-13479/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 PosCube QR Menu: Authorization Bypass via User-Controlled Key (CVE-2025-13479)vulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2025-13477/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 CVE-2025-13477: WifiBurada Authentication Bypass Exposes Private Datavulnerability, cve, high-severity, authentication-bypass, cwe-359, cwe-522 https://shimiscyberworld.com/posts/inside-a-crypto-drainer-how-to-spot-it-before-it-empties-yo-swdre/ Shimi's Cyber World en 2026-05-21T17:00:10+03:00 Crypto Drainers Scale Wallet Theft via Phishing and Automationthreat-intel, data-breach, malware, phishing, bleepingcomputer https://shimiscyberworld.com/posts/nvd-CVE-2026-5118/ Shimi's Cyber World en 2026-05-21T16:16:20+03:00 Divi Form Builder Privilege Escalation: Unauthenticated Admin Account Creationvulnerability, cve, critical, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/police-seize-first-vpn-service-used-in-ransomware-data-th-5fshx/ Shimi's Cyber World en 2026-05-21T16:09:51+03:00 Law Enforcement Seizes 'First VPN' Service Used in Ransomware, Data Theftthreat-intel, data-breach, malware, ransomware, bleepingcomputer https://shimiscyberworld.com/posts/cisco-patches-critical-vulnerability-in-secure-workload-3b5qv/ Shimi's Cyber World en 2026-05-21T15:04:13+03:00 Cisco Patches Critical Secure Workload API Vulnerabilitythreat-intel, vulnerability, identity https://shimiscyberworld.com/posts/telegram-1427288221-8967/ Shimi's Cyber World en 2026-05-21T15:01:37+03:00 TeamPCP Interview Reveals Motives: Anti-Establishment, Not Ideologicalisrael, data-breach, threat-intel, tools https://shimiscyberworld.com/posts/cisa-kev-CVE-2025-34291/ Shimi's Cyber World en 2026-05-21T15:00:00+03:00 CVE-2025-34291 — Langflow Langflow: Langflow Origin Validation Error Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/threatsday-bulletin-linux-rootkits-router-0-day-ai-intrus-n6m5z/ Shimi's Cyber World en 2026-05-21T14:52:14+03:00 Attackers Exploit Trusted Components: A New Era of Stealththreat-intel, vulnerability, cloud, tools, the-hacker-news https://shimiscyberworld.com/posts/apple-rejected-2-million-app-store-submissions-in-2025-for-s-vuxt8/ Shimi's Cyber World en 2026-05-21T14:17:15+03:00 Apple Rejected 2 Million App Store Submissions for Security and Fraud Preventionthreat-intel, vulnerability https://shimiscyberworld.com/posts/flipper-one-project-needs-community-help-to-build-open-linux-7i42e/ Shimi's Cyber World en 2026-05-21T14:00:00+03:00 Flipper Devices Seeks Community for Flipper One Linux Platformthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/when-identity-is-the-attack-path-7rspt/ Shimi's Cyber World en 2026-05-21T13:30:00+03:00 Cached AWS Access Keys: A Cloud Identity Attack Paththreat-intel, vulnerability, cloud, microsoft, identity https://shimiscyberworld.com/posts/telegram-1373735086-5042/ Shimi's Cyber World en 2026-05-21T13:19:04+03:00 New Breaches Expose Sensitive Business Data, PII for Targeted Attacksdarkweb, threat-intel, ransomware, vulnerability, data-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-42396/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-42396 — Insufficient Validation of Member Zone Data May Causevulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-42002/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-42002 — Concurrency and locking defects invulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-42001/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-42001: Autoprimary SOA Queries Vulnerabilityvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-42000/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-42000 — Insufficient Validation of Names Duringvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-41999/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-41999 — Incorrect Behaviour of Views with TCP PROXYvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-28764/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 MediaInfoLib LXF Parsing Heap Overflow: High-Severity Vulnerability Disclosedvulnerability, cve, high-severity, buffer-overflow, cwe-823 https://shimiscyberworld.com/posts/telegram-1427288221-8966/ Shimi's Cyber World en 2026-05-21T12:42:55+03:00 Microsoft Patches YellowKey: Public PoC Violates Disclosureisrael, vulnerability, microsoft https://shimiscyberworld.com/posts/google-s-surge-in-chrome-vulnerability-discoveries-likely-dr-rbzlu/ Shimi's Cyber World en 2026-05-21T12:37:08+03:00 Google Chrome Vulnerability Surge Suggests AI's Role in Discoverythreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/telegram-1542954397-4605/ Shimi's Cyber World en 2026-05-21T12:30:04+03:00 DOJ, FBI Crack Down on AI Deepfake Pornography Under 'Take It Down Act' https://shimiscyberworld.com/posts/nvd-CVE-2026-9157/ Shimi's Cyber World en 2026-05-21T12:16:30+03:00 Gmission Web Fax Vulnerability (CVE-2026-9157) Allows Remote Code Inclusionvulnerability, cve, high-severity, unrestricted-file-upload, cwe-20, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-5434/ Shimi's Cyber World en 2026-05-21T12:16:30+03:00 CVE-2026-5434 — Honeywell Control Network Module (CNM) contains insertionvulnerability, cve, medium-severity, cwe-538 https://shimiscyberworld.com/posts/nvd-CVE-2026-5433/ Shimi's Cyber World en 2026-05-21T12:16:30+03:00 Honeywell Control Network Module: Critical RCE Vulnerability Discoveredvulnerability, cve, critical, high-severity, remote-code-execution https://shimiscyberworld.com/posts/nvd-CVE-2026-4858/ Shimi's Cyber World en 2026-05-21T12:16:30+03:00 Mattermost Path Traversal Allows API Calls with Admin Tokenvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-27393/ Shimi's Cyber World en 2026-05-21T12:16:26+03:00 CVE-2026-27393 — Tobias CF7 WOW Styler Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-27349/ Shimi's Cyber World en 2026-05-21T12:16:26+03:00 CVE-2026-27349 — WPFunnels Team Mail Mint Vulnerabilityvulnerability, cve, medium-severity, cwe-497 https://shimiscyberworld.com/posts/nvd-CVE-2026-22880/ Shimi's Cyber World en 2026-05-21T12:16:26+03:00 CVE-2026-22880 — Mattermost Mobile Apps versions <=2.37 11.4 2.0.37 11.0.4vulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-44076/ Shimi's Cyber World en 2026-05-21T11:16:23+03:00 CVE-2026-44076 — In Netatalk 3.1.0 through 4.4.2, shell injection via volumevulnerability, cve, medium-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-44068/ Shimi's Cyber World en 2026-05-21T11:16:22+03:00 Netatalk Path Traversal (CVE-2026-44068) Poses High Riskvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-44066/ Shimi's Cyber World en 2026-05-21T11:16:22+03:00 CVE-2026-44066: Netatalk Heap Out-of-Bounds Read Poses High Riskvulnerability, cve, high-severity, out-of-bounds-1, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-44064/ Shimi's Cyber World en 2026-05-21T11:16:22+03:00 Netatalk CVE-2026-44064: Out-of-Bounds Access Poses High Riskvulnerability, cve, high-severity, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-44062/ Shimi's Cyber World en 2026-05-21T11:16:21+03:00 Netatalk CVE-2026-44062: High-Severity RCE Risk in Legacy File Sharingvulnerability, cve, high-severity, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-44060/ Shimi's Cyber World en 2026-05-21T11:16:21+03:00 CVE-2026-44060: Netatalk DoS Vulnerability Poses High Riskvulnerability, cve, high-severity, denial-of-service, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-44058/ Shimi's Cyber World en 2026-05-21T11:16:21+03:00 Netatalk Authentication Bypass (CVE-2026-44058) Allows Admin Accessvulnerability, cve, high-severity, authentication-bypass, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-44055/ Shimi's Cyber World en 2026-05-21T11:16:21+03:00 Netatalk CVE-2026-44055: Shell Injection Vulnerability Disclosedvulnerability, cve, high-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-44053/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 CVE-2026-44053: Netatalk dhcast128 Weak Crypto Exposes File Sharesvulnerability, cve, high-severity, cwe-327 https://shimiscyberworld.com/posts/nvd-CVE-2026-44052/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 CVE-2026-44052: Netatalk Exposes LDAP Passwords in Logsvulnerability, cve, high-severity, cwe-532 https://shimiscyberworld.com/posts/nvd-CVE-2026-44051/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 Netatalk Arbitrary File Read (CVE-2026-44051) Poses High Riskvulnerability, cve, high-severity, arbitrary-file-access, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-44050/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 Netatalk Heap Buffer Overflow (CVE-2026-44050) — Critical RCE Riskvulnerability, cve, critical, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-44049/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 CVE-2026-44049: Netatalk Out-of-Bounds Write Poses High Riskvulnerability, cve, high-severity, out-of-bounds-1, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-44048/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 Netatalk Stack Buffer Overflow (CVE-2026-44048) Poses High Riskvulnerability, cve, high-severity, buffer-overflow, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-44047/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 Netatalk SQL Injection (CVE-2026-44047) Poses High Riskvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/microsoft-warns-of-new-defender-zero-days-exploited-in-attac-eiqxs/ Shimi's Cyber World en 2026-05-21T10:49:48+03:00 Microsoft Defender Zero-Days Under Active Exploitationthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/9-year-old-linux-kernel-flaw-enables-root-command-execution-7f38n/ Shimi's Cyber World en 2026-05-21T10:35:53+03:00 Linux Kernel Flaw CVE-2026-46333 Allows Root Command Executionthreat-intel, vulnerability, the-hacker-news https://shimiscyberworld.com/posts/telegram-1427288221-8964/ Shimi's Cyber World en 2026-05-21T10:02:58+03:00 Ukrainian Teen Arrested for $721K Infostealer Operation Targeting USisrael, malware https://shimiscyberworld.com/posts/telegram-1427288221-8959/ Shimi's Cyber World en 2026-05-21T09:55:21+03:00 Operation Ramz: INTERPOL Arrests 201 Cybercriminals in MENA Regionisrael https://shimiscyberworld.com/posts/github-links-repo-breach-to-tanstack-npm-supply-chain-attack-13d14/ Shimi's Cyber World en 2026-05-21T09:54:01+03:00 GitHub Repo Breach Linked to TanStack npm Supply Chain Attackthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6279/ Shimi's Cyber World en 2026-05-21T08:16:23+03:00 Avada Builder RCE (CVE-2026-6279) Exposes WordPress Sitesvulnerability, cve, critical, high-severity, remote-code-execution, cwe-74 https://shimiscyberworld.com/posts/nvd-CVE-2026-2734/ Shimi's Cyber World en 2026-05-21T08:16:22+03:00 CVE-2026-2734 — In mlflow/mlflow versions up to 3.9.0, thevulnerability, cve, medium-severity, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-1543/ Shimi's Cyber World en 2026-05-21T08:16:22+03:00 CVE-2026-1543 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/dragonica-lunaris-126-293-breached-accounts-lzbup/ Shimi's Cyber World en 2026-05-21T07:41:32+03:00 Dragonica Lunaris Breach Exposes 126K Player Accountsdata-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-4811/ Shimi's Cyber World en 2026-05-21T07:16:31+03:00 CVE-2026-4811 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/windows93-myspace93-46-105-breached-accounts-nasew/ Shimi's Cyber World en 2026-05-21T06:45:15+03:00 Windows93 / Myspace93 Breach Exposes 46K Accounts in Plaintextdata-breach, vulnerability, microsoft https://shimiscyberworld.com/posts/highly-critical-drupal-core-flaw-exposes-postgresql-sites-to-j9qzr/ Shimi's Cyber World en 2026-05-21T06:44:11+03:00 Drupal Core RCE Flaw (CVE-2026-9082) Impacts PostgreSQL Sitesthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-1881/ Shimi's Cyber World en 2026-05-21T05:16:32+03:00 CVE-2026-1881 — The Broadstreet plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-9149/ Shimi's Cyber World en 2026-05-21T03:16:35+03:00 CVE-2026-9149 — Libsolv Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-40165/ Shimi's Cyber World en 2026-05-21T03:16:28+03:00 authentik Authentication Bypass: SAML NameID XML Comment Injection (CVE-2026-40165)vulnerability, cve, high-severity, authentication-bypass, cwe-91, cwe-287, cwe-436 https://shimiscyberworld.com/posts/nvd-CVE-2026-9150/ Shimi's Cyber World en 2026-05-21T02:16:36+03:00 CVE-2026-9150 — Libsolv Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-121 https://shimiscyberworld.com/posts/xi-and-putin-pledge-closer-cooperation-on-ai-cyberspace-and-43246/ Shimi's Cyber World en 2026-05-21T02:00:00+03:00 China and Russia Forge Deeper Cyber, AI, and Satellite Cooperationthreat-intel, data-breach, government