Security – Page 39 – Yet Another News Aggregator Channel

January 13, 2026 Yanac

CVE-2026-22800 | THM-Health PILOS up to 4.9.x API Endpoint cross-site request forgery (GHSA-r24c-9p4j-rqw9)

A vulnerability was found in THM-Health PILOS up to 4.9.x and classified as problematic. Impacted is an unknown function of

Security Vulns

January 13, 2026 Yanac

CVE-2026-0493 | SAP Fiori App up to UIS4H 109 cross-site request forgery

A vulnerability was found in SAP Fiori App up to UIS4H 109. It has been classified as problematic. The affected

Security Vulns

January 13, 2026 Yanac

CVE-2025-14001 | WP Duplicate Page Plugin up to 1.8 on WordPress Post authorization

A vulnerability was found in WP Duplicate Page Plugin up to 1.8 on WordPress. It has been declared as problematic.

Security Vulns

January 13, 2026 Yanac

CVE-2025-14507 | EventPrime Plugin up to 4.2.7.0 on WordPress REST API information disclosure

A vulnerability was found in EventPrime Plugin up to 4.2.7.0 on WordPress. It has been rated as problematic. This affects

Security Vulns

January 13, 2026 Yanac

CVE-2026-0684 | CP Image Store with Slideshow Plugin up to 1.1.9 on WordPress XML File Parser cpis_admin_init authorization

A vulnerability categorized as problematic has been discovered in CP Image Store with Slideshow Plugin up to 1.1.9 on WordPress.

Security Vulns

January 13, 2026 Yanac

CVE-2026-0775 | npm CLI permission

A vulnerability identified as critical has been detected in npm CLI. Affected is an unknown function. The manipulation leads to

Security Vendor

January 13, 2026 Yanac

CastleLoader: A Deep Dive into Stealthy Loader Targeting Government Sector

ANY.RUN’s team conducted an extensive malware analysis of CastleLoader, the first link in the chain of attacks impacting various industries, including government agencies and critical infrastructures. It’s a unique walkthrough of its entire execution path, from a packaged