CyberSecure Specialist

Threat actors are exploiting a critical-severity vulnerability in the WP Maps Pro WordPress plugin to take over websites, Defiant warns. WP Maps Pro allows site administrators to embed Google Maps in their installations, customizable with advanced location, markers, and categories. The exploited vulnerability, tracked as CVE-2026-8732 (CVSS score of 9.8), allows unauthenticated threat actors to create new administrative accounts and take over vulnerable sites. WP Maps Pro has been designed to support tooling, which exposes…

Read More

Russia’s intelligence agencies have grown more aggressive in their efforts to steal Western technology and defense secrets as sanctions squeeze the country’s wartime economy, three senior European intelligence officials told The Associated Press. Moscow’s agents are building fake companies, recruiting middlemen and deploying cyber spies and hackers who are gathering information that could also be used to attack key infrastructure, they said. Four years of international sanctions have hampered Moscow’s ability to procure machinery, technology…

Read More

Obsidian Security has released technical information and proof-of-concept (PoC) code targeting a remote code execution (RCE) vulnerability in Flowise. The issue, tracked as CVE-2026-40933 (CVSS score of 9.9), was disclosed in April along with several other security defects impacting AI ecosystems that rely on Anthropic’s MCP protocol. Flowise, a popular open source platform that provides developers with a drag-and-drop interface for building LLM flows and AI agents, and which has over 52,000 GitHub stars, was…

Read More

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: Trump Mobile data breach Phone provider Trump Mobile has confirmed that…

Read More

AI security and governance startup Geordie today announced raising $30 million in a Series A funding round that brings the total raised by the company to $36.5 million. Founded in early 2025, London-based Geordie has built a platform that helps organizations secure and govern AI agents deployed across their environments, at scale. As organizations are increasingly relying on AI agents to automate operations at scale, they also require visibility, governance, and operational control to deploy…

Read More