…The other security issue received the identifier CVE-2026-4798 and is an SQL injection that can be leveraged without authentication. However, exploitation is possible only if the WooCommerce e-commerce plugin…
…database information and could potentially crash the application. This vulnerability has a high impact on the confidentiality and availability of the application, while integrity remains unaffected." SAP's May 2026 security advisory…
…The flaw was reported by security researcher Lyra Rebane and acknowledged as valid in December 2022, as per the thread on Chromium Issue Tracker. An attacker could exploit the problem to create…
NVIDIA confirms GeForce NOW data breach affecting Armenian users By Bill Toulas May 8, 2026 12:18 PM NVIDIA has confirmed in a statement for BleepingComputer that GeForce NOW user information has…
…provide relevant updates as more information becomes available," the cybersecurity company said, adding that customers can find recommendations on the Support Portal or in the Security Updates sections. Checkmarx has published a…
…The recent supply-chain attack was detected by multiple application security companies, including Socket , Ox Security , and Upwind , who confirmed the following three versions as malicious: node-ipc@9.1.6 node…
OpenAI confirms security breach in TanStack supply chain attack By Lawrence Abrams May 14, 2026 03:07 PM OpenAI says two employees' devices were breached in the recent TanStack supply chain attack…
…The security feature was added after many hacking groups exploited ProxyLogon and ProxyShell zero-days (which lacked patches or mitigation information) to breach Internet-exposed Exchange servers. Admins with servers in air…
SHub macOS infostealer variant spoofs Apple security updates By Bill Toulas May 18, 2026 05:42 PM A new variant of the ‘SHub’ macOS infostealer uses AppleScript to show a fake security…
…The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger…