Main Menu

Application Security

SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Application Security
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
March 12, 2026
An SQL injection flaw in the Ally WordPress plugin poses data breach risks on over 400,000 websites.
'PhantomRaven' Supply-Chain Campaign Floods npm Registry with Malicious Packages
Application Security
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
March 12, 2026
'PhantomRaven' attacks are affecting JavaScript developers by targeting the npm registry with dozens of malicious packages designed to steal sensitive...
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
Application Security
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
March 11, 2026
New npm threat involves package posing as OpenClaw installer deploying RAT to steal sensitive data.
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant's Own Tool
Application Security
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
March 11, 2026
ShinyHunters claims responsibility for a high-profile data breach affecting Salesforce and other major companies, utilizing an open-source tool develo...
Salesforce's Experience Cloud Platform Faces Vulnerability Challenges
Application Security
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
March 11, 2026
Salesforce's Experience Cloud under scrutiny as vulnerabilities expose extensive data risks.
Perplexity's Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Application Security
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
March 6, 2026
A vulnerability in Perplexity's Comet browser exposed local files to potential theft via calendar events.
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
Application Security
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
March 6, 2026
A critical flaw in WordPress's User Registration & Membership plugin threatens over 60,000 sites, risking exploitation.
Cryptojacking Campaign Exploits Pirated Software to Deploy XMRig Miner
Application Security
Cryptojacking Campaign Exploits Pirated Software to Deploy XMRig Miner
February 25, 2026
New cryptojacking campaign uses pirated software to deliver XMRig miner payloads onto hosts.
Microsoft Investigates Vanishing Mouse Pointer Bug in Classic Outlook
Application Security
Microsoft Investigates Vanishing Mouse Pointer Bug in Classic Outlook
February 25, 2026
Microsoft investigates an issue causing Outlook's mouse pointer to disappear for some users.
GitHub's Dependabot is Under Fire for Alert Accuracy Issues
Application Security
GitHub’s Dependabot is Under Fire for Alert Accuracy Issues
February 25, 2026
A Go library maintainer questions the effectiveness of GitHub's Dependabot due to alert fatigue from inaccurate dependency-scanning alerts.
Load More
Trending
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
Phishing Attack Masquerades as Google Security Page to Steal Sensitive Information
Optimizely Suffers a Data Breach Through a Voice Phishing Attack
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns
Germany Warns of Phishing Threats via Signal Targeting High-Profile Individuals

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.