Security – Page 3 – TheCyberThrone

Google Chrome 148 Security Update

Overview Google has pushed a major Chrome Stable update fixing 151 security flaws, including 22 critical vulnerabilities affecting core graphics, networking, media, and UI components across Windows, macOS, and Linux.…

PravinKarthik May 29, 2026

CISA adds Three Vulnerabilities to KEV Catalog

Overview CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-8398 (Daemon Tools Lite Embedded Malicious Code) CVE-2026-45321 (TanStack Unspecified Vulnerability) CVE-2026-48027 (Nx Console Embedded Malicious Code).…

PravinKarthik May 28, 2026

CVE-2026-48172 — LiteSpeed User-End cPanel Plugin Privilege Escalation

Overview CISA has added CVE-2026-48172 to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. The flaw is a maximum-severity privilege escalation vulnerability (CVSS v4.0: 10.0) residing in…

PravinKarthik May 28, 2026

7-Eleven’s Breach — ShinyHunters Claims Another Scalp

When the Soft Underbelly of Enterprise Infrastructure Becomes the Attack Surface The world's largest convenience store chain has confirmed a data breach. Not through its point-of-sale systems. Not through its…

PravinKarthik May 27, 2026

CVE-2026-45659 — Microsoft SharePoint RCE

OverviewDeserialization of untrusted data in Microsoft Office SharePoint allows an authenticated attacker to execute code remotely over a network. Any authenticated attacker with a minimum of Site Member permissions (PR:L)…

PravinKarthik May 26, 2026

OpenHack: AI Just Became Every Hacker’s Co-Pilot

The offensive security community has spent the last two years debating whether AI can truly find vulnerabilities — or whether it just sounds convincing while hallucinating CVEs that don't exist.…

PravinKarthik May 25, 2026

CVE-2026-9082 – Drupal Core SQL Injection

CVE-2026-9082 is a highly critical SQL injection vulnerability in Drupal core's database abstraction API, specifically in the PostgreSQL EntityQuery condition handler. An unauthenticated, remote attacker can exploit this vulnerability by…

PravinKarthik May 24, 2026

CVE-2026-2005 | PostgreSQL pgcrypto — Heap Buffer Overflow

Vulnerability Summary CVE-2026-2005 is a heap buffer overflow vulnerability in the PostgreSQL pgcrypto extension. A ciphertext provider can trigger the overflow to execute arbitrary code as the operating system user…

PravinKarthik May 24, 2026