CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts. 2,858 attacks blocked in 24 hours. WP Maps Pro plugin allows WordPress site owners to embed Google Maps and OpenStreetMap with markers, listings, and location search. It’s a store locator tool. Unremarkable. The plugin is installed on over 15,000 websites, according to sale…
Tag: Admin
AI, Global Security News, Risk Management
The hidden risk of non-human identities in AI adoption
An employee with persistent, unsupervised admin access across critical systems, with no audit trail, no clear owner, and no regular access reviews, would raise immediate concern in most organizations. Yet non-human identities and AI agents are often granted that same kind of persistent, broadly privileged access. As AI adoption grows, that gap is becoming harder…
Exploits, Global Security News
Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in further malicious activity.
AI, Data Breaches, Global Security News, malware, Russia
Russian authorities arrest alleged LeakBase admin behind stolen data marketplace
Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has arrested the suspected administrator of LeakBase, a cybercrime forum used to trade stolen personal data. The suspect, from Taganrog, is accused of running the platform since 2021. During a search of his home, authorities seized…
AI, Global Security News
OutSystems Named a Leader for AI Agent Builders in the 2026 G2 Grid Report
COMPANY NEWS: With a 95 NPS and 100% Ease of Admin score, OutSystems sets the standard for enterprise AI agent development
AI, Global Security News, Government & Policy, Network Security
Romanian hacker pleads guilty to selling access to Oregon state networks
A Romanian man pleaded guilty to selling admin access to Oregon’s state network for $3,000 in Bitcoin and repeatedly accessing it to prove control. Catalin Dragomir (45) from Romania, pleaded guilty in the U.S. for selling unauthorized admin access to an Oregon state emergency management network. He gained access in June 2021, advertised it, and…
Global Security News
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud. The high-severity vulnerability, tracked as CVE-2026-26119,…
Global Security News
Microsoft reveals critical Windows Admin Center vulnerability (CVE-2026-26119)
Microsoft has disclosed a privilege-escalation vulnerability in Windows Admin Center (WAC), a browser-based platform widely used by IT administrators and infrastructure teams to manage Windows clients, servers, clusters, Hyper-V hosts and virtual machines, as well as Active Directory-joined systems. Although the issue was patched in early December 2025 with the release of Windows Admin Center…
AI, Exploits, Global Security News
Telegram channels expose rapid weaponization of SmarterMail flaws
Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE-2026-24423 and CVE-2026-23760 tied to ransomware activity. […]
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Windows Admin Center Flaw Opens Door to Privilege Escalation
A vulnerability in Windows Admin Center (WAC) could allow authorized attackers to escalate privileges in enterprise environments. The issue affects WAC version 2.6.4 and has been assigned a CVSS score of 8.8. “Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network,” said Microsoft in its advisory. How the…