Posted on AI Security Identity & Governance Incidents & Breaches Security Operations

AhnLab April 2026 Dark Web Intelligence: High-Value Defense and Aerospace Data Leak Trends

The April 2026 dark web landscape was dominated by the leak of critical aerospace, defense, and military intelligence, including Boeing Artemis and Virginia-class submarine data. Notable activity from threat groups like ShinyHunters and the resurgence of BreachForums highlighted high-risk exposure across technology, financial, and government sectors, alongside the increasing commoditization of Phishing-as-a-Service and advanced malware builders. Read more

Posted on AI Security Identity & Governance Incidents & Breaches Security Operations

AhnLab April 2026 Report Highlights Surge in Targeted Critical Infrastructure Ransomware Attacks

The April 2026 Ransomware Threat Trend Report from AhnLab reveals a significant shift in ransomware operations, with groups increasingly focusing on critical infrastructure sectors. The report details heighted activity in the manufacturing, healthcare, and finance industries globally, alongside the emergence of new threat groups and sustained campaigns by established actors like Qilin and INC Ransom. Read more

Posted on Cloud Security Incidents & Breaches Security Operations Vulnerability Intelligence

CVE-2025-29865: Arbitrary File Download Vulnerability in Tagfree X-Free Uploader

KISA and KrCERT/CC have identified a high-severity arbitrary file download vulnerability in Tagfree X-Free Uploader. Designated as CVE-2025-29865, the flaw stems from insufficient validation of server communication parameters. If exploited, attackers could leak sensitive information or download arbitrary files. Users are urged to update to XFU versions 1.0.1.0085 or 2.0.1.0035. Read more

Posted on AI Infrastructure Risk Incidents & Breaches Security Operations Vulnerability Intelligence

KISA Issues Warning for Type Confusion Vulnerability in Hancom Office

South Korea's KISA and KrCERT/CC have disclosed a high-severity type confusion vulnerability (CVE-2025-29867) in Hancom Office. The flaw resides in the DOC file processing logic, potentially allowing remote attackers to execute arbitrary code. Users of Hancom Office versions 2018 through 2024 must apply security updates to mitigate risks of system compromise through malicious documents. Read more

Posted on AI Infrastructure Risk Incidents & Breaches Security Operations Vulnerability Intelligence

CVE-2026-24497: Critical Buffer Overflow in SimTech Systems ThinkWise Facilitates Remote Code Execution

A high-severity buffer overflow vulnerability (CVE-2026-24497) has been identified in SimTech Systems' ThinkWise mind-mapping software. Affecting versions 7 through 22, the flaw allows remote attackers to execute arbitrary code. Users are urged to upgrade to ThinkWise 23 immediately to mitigate the risk of complete system compromise via malicious file formats. Read more

Posted on AI Infrastructure Risk Identity & Governance Incidents & Breaches Vulnerability Intelligence

CVE-2026-24498: EFM-Networks ipTIME Routers Vulnerable to Wi-Fi Password Exposure

A security bypass vulnerability (CVE-2026-24498) in EFM-Networks ipTIME wireless routers allows unauthorized actors to extract Wi-Fi passwords in plaintext. Impacting multiple models including the T5008 and AX-series, the flaw bypasses internal security controls. Users must update to firmware version 15.27.2 or higher to remediate the risk of local credential theft. Read more

Posted on Cloud Security Incidents & Breaches Security Operations Vulnerability Intelligence

Cisco Unity Connection Security Update Addresses Critical Path Traversal and SSRF Vulnerabilities

Cisco has released critical security patches for Cisco Unity Connection to address vulnerabilities including Path Traversal (CVE-2026-20034) and Server-Side Request Forgery (CVE-2026-20035). These flaws affect versions 12.5 through 15.0, potentially allowing unauthorized system access. Organizations are advised to upgrade to version 15SU4 or 14SU5 to mitigate these infrastructure risks. Read more

Posted on AI Security Cloud Security Incidents & Breaches Vulnerability Intelligence

Ollama Issues Security Update to Patch Critical Out-of-Bounds Read Vulnerability

Ollama has released a critical security update to address CVE-2026-7482, an out-of-bounds read vulnerability. KISA has issued an advisory recommending that users upgrade to version 0.17.1 or higher. The flaw could allow unauthorized memory access, necessitating immediate patching or temporary mitigation by restricting external API access and rotating keys. Read more

Posted on Cloud Security Incidents & Breaches Security Operations Vulnerability Intelligence

cPanel and WP Squared Address Critical Security Vulnerabilities in Global Update

cPanel has released urgent security updates for cPanel & WHM and WP Squared to address three critical vulnerabilities: improper input validation, code injection, and symbolic link following. These flaws affect numerous legacy and current versions, potentially allowing unauthorized system access. Administrators should immediately verify their software versions and apply the recommended patches to mitigate the risk of server compromise. Read more

Posted on AI Infrastructure Risk Identity & Governance Incidents & Breaches Security Operations

KISA Issues Urgent Warning on Smishing Exploiting Breached Travel Platform Data

South Korea's internet security agency, KISA, has issued an urgent advisory regarding highly targeted smishing attacks. Cybercriminals are using stolen data from hacked travel platforms, such as accommodation reservation details, to impersonate hotel staff. These attacks aim to deceive travelers into entering credit card information on fraudulent sites to avoid supposed booking cancellations, posing significant secondary financial risk. Read more