RE: https://infosec.exchange/@brian_greenberg/116397041642984392

What.
The.
Fuck.

#SchoolSafety #Cybersecurity #Leadership #security #privacy #cloud #infosec

EPA proposes $19M cybersecurity boost for water systems.

AI security, infra resilience, rising threats—critical shift.

Is it enough?

Source: https://www.epa.gov/system/files/documents/2026-04/00_fy-2027-bib_combined_final.pdf

Follow @technadu & share your take.

#Infosec #Cybersecurity #CriticalInfrastructure

WordPress sites, check your plug-ins. Stat.

https://techcrunch.com/2026/04/14/someone-planted-backdoors-in-dozens-of-wordpress-plugins-used-in-thousands-of-websites/

#WordPress #infosec

That Chrome still has a user base is a bit astounding to me.

It has capability by design... and that capability is sort of like a friend who keeps gossiping about what you do.

🙄

https://thehackernews.com/2026/04/108-malicious-chrome-extensions-steal.html?m=1

#chrome #telegram #google #infosec #privacy

🚨New ransom group blog post!🚨

Group name: akira
Post title: Fletcher Chrysler Products
Info: https://cti.fyi/groups/akira.html

#ransomware #cti #threatintelligence #cybersecurity #infosec

wolfSSL Patches Critical Certificate Forgery Vulnerability Affecting Billions of Devices

wolfSSL version 5.9.1 patched a critical flaw (CVE-2026-5194) that allows attackers to use forged certificates to impersonate trusted servers.

**If you use devices or software built on wolfSSL (common in IoT, routers, industrial controllers, and embedded systems), make sure they are isolated from the internet and accessible from trusted networks only, then check with your device vendor for firmware updates that include wolfSSL version 5.9.1 to patch CVE-2026-5194. Be aware that older or unsupported devices may never get this fix, so network isolation and monitoring are your only protection for those.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/wolfssl-patches-critical-certificate-forgery-vulnerability-affecting-billions-of-devices-d-z-4-g-0/gD2P6Ple2L

🚨 EUVD-2026-22915

📊 Score: 6.5/10 (CVSS v3.1)
📦 Product: Mattermost, Mattermost, Mattermost (+2 more)
🏢 Vendor: Mattermost
📅 Updated: 2026-04-15

📝 Mattermost versions 10.11.x <= 10.11.12, 11.5.x <= 11.5.0, 11.4.x <= 11.4.2, 11.3.x <= 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid ma...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-22915

#cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-22913

📊 Score: n/a
📦 Product: Apache SkyWalking
🏢 Vendor: Apache Software Foundation
📅 Updated: 2026-04-15

📝 The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL.

This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0.

Users are recommended to upgrade to version 10.4.0, which fi...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-22913

#cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-22911

📊 Score: 6.1/10 (CVSS v3.1)
📦 Product: Product Pricing Table by WooBeWoo
🏢 Vendor: woobeewoo
📅 Updated: 2026-04-15

📝 The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel() and remo...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-22911

#cybersecurity #infosec #euvd #cve #vulnerability

ASN: AS22369
Location: Parsippany, US
Added: 2026-04-09T09:05

#shodansafari #infosec