剣 KENSAI
← All posts · security · 2026-03-30 · 7 min

Smart Slider WordPress CVE ने 500K साइट्स को फ़ाइल चोरी के खतरे में डाला, Coruna iOS एक्सप्लॉइट किट ने Operation Triangulation को पुनर्जीवित किया, OpenAI ने दुरुपयोग और सुरक्षा बग बाउंटी लॉन्च की

Smart Slider 3 WordPress प्लगइन में एक गंभीर भेद्यता सब्सक्राइबर-स्तर के हमलावरों को 500,000 से अधिक कमजोर वेबसाइटों पर डेटाबेस क्रेडेंशियल सहित मनमानी सर्वर फ़ाइलें पढ़ने की अनुमति देती है। शोधकर्ताओं ने Operation Triangulation से अपडेटेड कर्नेल एक्सप्लॉइट वाले Coruna iOS एक्सप्लॉइट किट की खोज की। OpenAI ने अपने बग बाउंटी प्रोग्राम को दुरुपयोग और सुरक्षा जोखिमों तक विस्तारित किया। Cisco ने कई उच्च-गंभीरता IOS भेद्यताओं को पैच किया। Hightower Holding ने 130,000 व्यक्तियों को प्रभावित करने वाले उल्लंघन का खुलासा किया।


🔴 Smart Slider 3 WordPress Plugin: Arbitrary File Read Exposes 500K+ Websites

A critical vulnerability in the Smart Slider 3 WordPress plugin — installed on more than 800,000 websites — allows authenticated attackers with minimal privileges (subscriber-level) to read arbitrary files from the server, including the sensitive wp-config.php file containing database credentials, cryptographic keys, and salt values.

⚠️ CVE-2026-3098 — Arbitrary File Read

Tracked as CVE-2026-3098, the vulnerability stems from missing capability checks in the plugin's AJAX export actions. The actionExportAll function lacks file type and source validation, allowing any authenticated user to invoke it and include arbitrary server files — including .php files — in the export archive. While nonces are present, they can be obtained by any authenticated user, providing no meaningful protection.

Impact & Timeline

Why This Matters

The vulnerability is rated medium severity due to the authentication requirement, but any website offering membership, subscription, or registration functionality — an extremely common feature — is at risk. Attackers who exfiltrate wp-config.php can obtain database credentials, potentially leading to complete site takeover including user data theft.

Recommended action: Update Smart Slider 3 to version 3.5.1.34 or later immediately. If you cannot update, consider temporarily disabling the plugin and auditing subscriber-level accounts for suspicious activity.

🟠 Coruna iOS Exploit Kit: Operation Triangulation's Successor Surfaces

Security researchers have identified a new iOS exploit kit dubbed Coruna that contains an updated version of a kernel exploit originally used in Operation Triangulation — the sophisticated zero-click attack chain that targeted iPhones via iMessage and was first exposed by Kaspersky in 2023.

From Triangulation to Coruna

Operation Triangulation was one of the most technically sophisticated iOS exploit chains ever documented, leveraging an undocumented hardware feature in Apple's chips. The Coruna kit represents a significant evolution:

🔍 Strategic Significance

The emergence of Coruna suggests that the technical knowledge and exploit primitives from Operation Triangulation have either been repurposed by the original developers or have proliferated to other threat actors. Either scenario represents a significant escalation in the iOS threat landscape.

Apple has not yet publicly commented on the Coruna findings. Organizations deploying iOS devices in high-security environments should ensure all devices are running the latest iOS version and monitor for indicators of compromise associated with zero-click exploitation chains.


🟣 OpenAI Expands Bug Bounty to Cover AI Abuse and Safety Risks

OpenAI has launched a new dedicated bug bounty program specifically targeting abuse and safety risks in its AI systems — a significant expansion beyond traditional software vulnerability bounties.

What's New

The new program rewards reports covering design or implementation issues that could lead to material harm, including:

Industry Implications

This move signals a growing recognition that AI safety is a security discipline. Traditional bug bounties focus on software vulnerabilities — buffer overflows, injection attacks, authentication bypasses. By expanding into abuse and safety, OpenAI is effectively creating a new category of security research.

For researchers: The program accepts reports through OpenAI's existing bounty platform. Rewards are based on the severity and novelty of the identified risk. This is separate from their existing vulnerability bounty, which continues for traditional software bugs.

🔴 Cisco Patches Multiple High-Severity IOS Vulnerabilities

Cisco has released security updates addressing multiple vulnerabilities in its IOS and IOS XE software — the operating systems running on the vast majority of enterprise routers and switches worldwide.

Vulnerability Details

The patched flaws span several severity levels and attack categories:

Category Severity Impact
Denial of Service High Remote crash of affected devices, network disruption
Secure Boot Bypass High Attackers could load unsigned firmware
Information Disclosure Medium Exposure of sensitive device configuration data
Privilege Escalation Medium Authenticated users could elevate to higher privilege levels

Patch Urgency

Cisco IOS vulnerabilities are perennial favorites for both nation-state actors and cybercriminal groups due to the ubiquity of Cisco infrastructure in enterprise environments. The Secure Boot bypass is particularly concerning — it could allow persistent implants that survive device reboots and firmware updates.

⚠️ Action Required

Network administrators should consult Cisco's Security Advisory page for the full list of affected products and recommended IOS versions. Prioritize devices exposed to the internet or positioned at network boundaries.


🟠 Hightower Holding Data Breach Exposes 130,000 Individuals

Hightower Holding, a financial advisory and wealth management firm, has disclosed a data breach in which threat actors gained access to its environment and exfiltrated personal information belonging to approximately 130,000 individuals.

Stolen Data

The compromised information includes:

This combination represents a particularly dangerous data set for identity theft and financial fraud. Wealth management clients — often high-net-worth individuals — represent attractive targets for spear-phishing, social engineering, and account takeover attacks.

🛡️ If You're Affected

Monitor credit reports, consider freezing credit with all three bureaus, and be vigilant for targeted phishing attempts referencing financial advisor relationships. Hightower is expected to offer identity protection services to affected individuals.


📊 Quick Threat Landscape Summary

Threat Category Severity Action
Smart Slider CVE-2026-3098 WordPress Plugin Critical Update to 3.5.1.34+
Coruna iOS Exploit Kit Mobile Exploit High Update iOS, monitor IOCs
Cisco IOS Vulnerabilities Network Infrastructure High Apply IOS patches
Hightower Data Breach Data Breach Medium Credit monitoring
OpenAI Safety Bounty AI Security Info Submit research