News

Threat actors are exploiting a critical-severity vulnerability in the WP Maps Pro WordPress plugin to take over websites, Defiant warns. WP Maps Pro allows site administrators to embed Google Maps in their installations, customizable with advanced location, markers, and categories. The exploited vulnerability, tracked as CVE-2026-8732 (CVSS score of 9.8), allows unauthenticated threat actors to create new administrative accounts and take over vulnerable sites. WP Maps Pro has been designed to support tooling, which exposes…

Read More

Russia’s intelligence agencies have grown more aggressive in their efforts to steal Western technology and defense secrets as sanctions squeeze the country’s wartime economy, three senior European intelligence officials told The Associated Press. Moscow’s agents are building fake companies, recruiting middlemen and deploying cyber spies and hackers who are gathering information that could also be used to attack key infrastructure, they said. Four years of international sanctions have hampered Moscow’s ability to procure machinery, technology…

Read More

Obsidian Security has released technical information and proof-of-concept (PoC) code targeting a remote code execution (RCE) vulnerability in Flowise. The issue, tracked as CVE-2026-40933 (CVSS score of 9.9), was disclosed in April along with several other security defects impacting AI ecosystems that rely on Anthropic’s MCP protocol. Flowise, a popular open source platform that provides developers with a drag-and-drop interface for building LLM flows and AI agents, and which has over 52,000 GitHub stars, was…

Read More

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: Trump Mobile data breach Phone provider Trump Mobile has confirmed that…

Read More

AI security and governance startup Geordie today announced raising $30 million in a Series A funding round that brings the total raised by the company to $36.5 million. Founded in early 2025, London-based Geordie has built a platform that helps organizations secure and govern AI agents deployed across their environments, at scale. As organizations are increasingly relying on AI agents to automate operations at scale, they also require visibility, governance, and operational control to deploy…

Read More

Artificial intelligence is “an unstoppable force” that is being weaponized in ways that fall just short of traditional warfare, Britain’s cyberspying chief warned Wednesday. Anne Keast-Butler, director of the communications intelligence agency GCHQ, also said Britain and its allies are in “a space between peace and war” as Russia increases its “daily hybrid activity” against the West — even as Russian combat deaths in Ukraine approach 500,000. She said the West risks losing the conflict…

Read More

Securing software-as-a-service (SaaS) apps is hard. The standard cybersecurity controls are not designed for SaaS. The difficulty is the software doesn’t belong to the user and usually runs on somebody else’s infrastructure. Standard cybersecurity products are designed to operate on software owned by the user and housed on the users’ infrastructure. SaaS providers attempt to maintain security inside their apps, but they cannot control how they are used. Usage varies from user to user and…

Read More

A vulnerability patched a few months ago in the Ghost content management system (CMS) has been exploited to hack hundreds of websites, including ones belonging to major organizations, according to Chinese cybersecurity company Qianxin. The exploited vulnerability is tracked as CVE-2026-26980 and its existence came to light in February when it was patched. Ghost is a widely used open source CMS designed specifically for blogging, newsletters, and publishing, offering built-in tools for memberships, subscriptions, and…

Read More

Threat actors are exploiting a vulnerability in shared content delivery network (CDN) infrastructure to hide connections to malicious domains. Dubbed Underminr, the issue is a variant of domain fronting, a now-mitigated type of attack that enabled threat actors to place an allowed domain in the SNI and TLS certificate validation fields of an HTTPS request, while embedding a different target domain in the TLS tunnel’s encrypted HTTP host header. Because CDNs routed requests internally based…

Read More

Drupal is warning users that it’s already seeing attempts to exploit CVE-2026-9082, the highly critical vulnerability patched this week. The vulnerability affects an API designed to ensure that database queries are sanitized to prevent SQL injection. “A vulnerability in this API allows an attacker to send specially crafted requests, resulting in arbitrary SQL injection for sites using PostgreSQL databases,” Drupal explains.  The flaw can be exploited by unauthenticated attackers to obtain information and in some…

Read More