Cybersecurity & AI News
A curated digest of the latest security alerts, CVEs, threat intelligence and AI risk — gathered automatically from trusted official and industry sources, updated through the day.
New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code
An anonymous HTTP request can run code on a WordPress site. The bug is in core, so a bare install…
Read at source ↗CVE-2026-55518
Avo: Missing Authorization in Avo Association Attach Endpoint Allows Unauthorized Relationship Manipulation and Privilege Escalation
Read at source ↗CVE-2026-54498
view_component: around_render HTML-Safety Bypass
Read at source ↗CVE-2026-54163
secure_headers: CSP directive injection via sandbox, plugin_types, and report_to when given untrusted input
Read at source ↗CVE-2026-54242
Statamic: Server-Side Request Forgery via Glide (DNS rebinding)
Read at source ↗CVE-2026-54243
Statamic: CSV formula injection in form submission exports
Read at source ↗CVE-2026-54244
Statamic: Incorrect authorization lets view-only users submit Live Preview content reserved for editors
Read at source ↗Third Kansas District Taps State Funds for AI Security
Third Kansas District Taps State Funds for AI Security Campus Security Today
Read at source ↗OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests
Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that…
Read at source ↗Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT
Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of…
Read at source ↗HollowByte DDoS flaw bloats OpenSSL server memory with 11-byte payload
HollowByte DDoS flaw bloats OpenSSL server memory with 11-byte payload BleepingComputer
Read at source ↗Ernst & Young discloses data breach after support system hack
Ernst & Young discloses data breach after support system hack BleepingComputer
Read at source ↗Inside the Search for "Clean" Residential Proxies for Carding
Inside the Search for "Clean" Residential Proxies for Carding BleepingComputer
Read at source ↗Cloudastructure Reports 78% Q1 Revenue Growth, Expands AI Security Adoption Across Key Verticals
Cloudastructure Reports 78% Q1 Revenue Growth, Expands AI Security Adoption Across Key Verticals Quiver Quantitative
Read at source ↗OpenAI gets AI security boost with SoftBank Japan deployment
OpenAI gets AI security boost with SoftBank Japan deployment SDxCentral
Read at source ↗ISC Stormcast For Friday, July 17th, 2026
Read at source ↗Rockwell Automation FactoryTalk DataMosaix
Rockwell Automation FactoryTalk DataMosaix CISA (.gov)
Read at source ↗CISA Urges SharePoint Hardening After New Exploitations
CISA Urges SharePoint Hardening After New Exploitations CISA (.gov)
Read at source ↗Siemens SICAM 8
Siemens SICAM 8 CISA (.gov)
Read at source ↗ISC Stormcast For Thursday, July 16th, 2026
Read at source ↗NYSNA Allege Montefiore Plans to Replace Some Nurses with AI Systems
The New York State Nurses Association (NYSNA) alleged Wednesday, July 1, that Montefiore Health System, a private hospital system operating…
Read at source ↗THE BRONX NEEDS REAL NURSES, NOT AI!
Bronx, NY-- Montefiore is planning to lay off real nurses and replace them with artificial intelligence (AI)-powered software. These are…
Read at source ↗AI-slop pages targeting the Geelong Cats, Meta asked to step in
The Cats have asked Facebook to take action against pages that are repeatedly posting false and malicious AI-generated content about…
Read at source ↗Helping small businesses with free, hands-on cyber consultancy
Cyber Advisors are offering free 30-minute consultations to help small businesses get started with cyber security.
Read at source ↗ISC Stormcast For Wednesday, July 15th, 2026
Read at source ↗Microsoft Patches a Record 570 Security Flaws
Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other…
Read at source ↗Partner Portal
Partner Portal Cyber.gov.au
Read at source ↗Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting
Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting Cyber.gov.au
Read at source ↗NSA, CISA, FBI, NCSC Warn Russian Hackers Are Targeting Internet-Facing Routers Worldwide
NSA, CISA, FBI, NCSC Warn Russian Hackers Are Targeting Internet-Facing Routers Worldwide LinkedIn
Read at source ↗NSA Warns Poorly Configured Routers Are Fueling Russian State-Sponsored Cyberattacks
NSA Warns Poorly Configured Routers Are Fueling Russian State-Sponsored Cyberattacks cyberpress.org
Read at source ↗Lessons Learned from CISA’s Recent GitHub Leak
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published…
Read at source ↗UK and Allies urge critical sectors to improve defences against Russian intelligence targeting
New advisory highlights Russian state cyber actors’ global exploitation of poorly configured routers
Read at source ↗UK and Allies urge critical sectors to improve defences against Russian intelligence targeting
UK and Allies urge critical sectors to improve defences against Russian intelligence targeting National Cyber Security Centre
Read at source ↗Frontier AI models and their impact on cyber security – an update on AI model harnesses
Frontier AI models and their impact on cyber security – an update on AI model harnesses Cyber.gov.au
Read at source ↗Cyber Essentials Pathways: from proof of concept to cyber confidence
An alternative path to Cyber Essentials Plus certification, without compromising the integrity of the scheme.
Read at source ↗Felons, Fraudsters Flog Offensive Cybersecurity Startup
A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair…
Read at source ↗Key AI risk frameworks
The standards and knowledge bases behind responsible AI security — useful references when assessing AI systems.
Headlines, dates and summaries are sourced automatically from trusted public feeds and link to the original publisher. Cianaa Technologies does not author this content and is not affiliated with these sources.
Need help acting on an advisory?
Talk to an independent auditor or assessor — conflict-free, across New Zealand & Australia.
Book a scoping call →