๐ Yazoul Security โ CVE Advisories ยท Data Breaches ยท Cyber News
Automated security intelligence: daily CVE alerts, breach reports, correlated news, and learning resources.
๐ www.yazoul.net
๐จ Newsletter: www.yazoul.net/
๐ @[email protected]
#InfoSec #Cybersecurity #CVE #ThreatIntel #DataBreach
๐จ New security advisory:
CVE-2026-33557 affects multiple systems.
โข Impact: Remote code execution or complete system compromise possible
โข Risk: Attackers can gain full control of affected systems
โข Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-33557-kafka-oauth-jwt-bypass-grants-unauth-access
๐ New security advisory:
CVE-2026-5807 affects multiple systems.
โข Impact: Significant security breach potential
โข Risk: Unauthorized access or data exposure
โข Mitigation: Apply patches within 24-48 hours
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-5807-vault-unauth-denial-of-service-blocks-admin
๐ก THREAT INTEL | McCuaig and associates Engineering
๐ Actor "coinbasecartel" claims Undisclosed
โ ๏ธ Unverified claim
๐ New security advisory:
CVE-2025-40899 affects multiple systems.
โข Impact: Significant security breach potential
โข Risk: Unauthorized access or data exposure
โข Mitigation: Apply patches within 24-48 hours
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2025-40899-assets-and-nodes-stored-xss-in-admin-panel
๐ถ DATA BREACH ALERT
Amtrak - 2.1M accounts exposed
Compromised data:
Email Addresses, Names, Physical Addresses
Check if you're affected and what to do:
https://www.yazoul.net/breaches/breach/amtrak-breach-2-1m-emails-names-addresses-exposed-2026
In April 2026, the hacking group ShinyHunters claimed they had breached Amtrak . The group typically compromises organisations' Salesforce instances before demanding a ransom and later, if not paid, dumping the data publicly. They subsequently published the alleged data which contained over 2M uniqu...
๐ด New security advisory:
CVE-2026-27245 affects multiple systems.
โข Impact: Remote code execution or complete system compromise possible
โข Risk: Attackers can gain full control of affected systems
โข Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-27245-adobe-connect-reflected-xss-unauthenticated
๐ก THREAT INTEL | Gastroenterology & Hepatology of CNY
๐ด Actor "exitium" claims Undisclosed
Allegedly exposed (+4 more)
โข Email addresses
โข Phone numbers
โข Physical addresses
โ ๏ธ Unverified claim
๐ง Formbook Daily Report
โฌ๏ธ Trend: rising (229%)
๐ 24 new samples
๐ 55 C2 servers
Full analysis, IOCs, and hashes:
https://www.yazoul.net/malware/formbook/reports/2026-04-15
๐ด New security advisory:
CVE-2026-40288 affects multiple systems.
โข Impact: Remote code execution or complete system compromise possible
โข Risk: Attackers can gain full control of affected systems
โข Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-40288-praisonai-workflow-engine-unauthenticated-rce
๐ด New security advisory:
CVE-2026-27681 affects multiple systems.
โข Impact: Remote code execution or complete system compromise possible
โข Risk: Attackers can gain full control of affected systems
โข Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-27681-sap-bpc-bw-sql-injection-unauth-data-access
