Cloudflare Zero-Day Flaw Allows Attackers to Bypass Security and Access Any Host

A critical zero-day vulnerability in Cloudflare’s Web Application Firewall (WAF) allowed attackers to bypass security controls and directly access protected origin servers. Security researchers from FearsOff discovered on October 9, 2025, that requests targeting a specific certificate-validation path could completely…

Google Gemini Flaw Allows Access to Private Meeting Details Through Calendar Events

A harmless-looking Google Calendar invite has revealed a new frontier in the exploitation of artificial intelligence (AI).  Security researchers at Miggo discovered a vulnerability in Google Gemini’s integration with Google Calendar that allowed attackers to bypass privacy controls and exfiltrate sensitive…

IT Security News Daily Summary 2026-01-19

139 posts were published in the last hour 21:32 : 100,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Advanced Custom Fields: Extended WordPress Plugin 21:32 : Inside the Leaks that Exposed the Hidden Infrastructure Behind a Ransomware Operation 21:32…