9907 matches found
CVE-2026-0230
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...
CVE-2026-0230 Cortex XDR Agent: Local Administrator can disable the agent on macOS
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent published advisories, this communication is intended to outline and summarize the detection and enrichment coverage available to Rapid7 customers, broadl...
Malicious code in synapseml-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4ddf16f7a9941918ea74e21a3742e8f03d7b5c6f5720d7d031d2c69f8d6495c3 Installing the package starts encrypting the user's file and demanding ransom for the decryption. --- Category: MALICIOUS - The campaign has clearly malicious...
How to see your Google Search history (and delete it)
Your Google Search history provides one of the most detailed windows into your private life, and I know this because when I looked at my own search history last year, I was overwhelmed by the information buried within. Across just 18 months, Google tracked the 8,079 searches I made and the 3,050...
PixelConfig: Longitudinal Measurement and Reverse-Engineering of Meta Pixel Configurations
Tracking pixels are used to optimize online ad campaigns through personalization, re-targeting, and conversion tracking. Past research has primarily focused on detecting the prevalence of tracking pixels on the web, with limited attention to how they are configured across websites. A tracking pix...
CERTFR-2026-ACT-010
creationtimestamp| type| source ---|---|--- 2026-03-09 13:50:58+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116199538935463629 2026-06-10 07:49:59+00:00| seen| https://bsky.app/profile/test-cvp.bsky.social/post/3mnw7yrxsbg2i 2026-06-10 13:04:23+00:00| seen|...
MAL-2026-1285 Malicious code in demozecox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b32c6e6d2566a58b9a104d162c060982bff488fa547fb706c43553d0b7185ccb Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Exploit for CVE-2024-3912
Why? Publishing because Mirai are a bunch of irrit...
MAL-2026-1244 Malicious code in spectral-corsair-navigator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4faab7d9e9e24067cf0a0ef23c529b2622cbb91b654a35430742ec584b827a54 The package spectral-corsair-navigator was found to contain malicious code. Source: ghsa-malware...
RUSTSEC-2026-0036 `time-sync` was removed from crates.io due to malicious code
The time-sync crate attempted to exfiltrate .env files to a server that was in turn impersonating the legitimate timeapi.io service. This the same attack that we've seen three times in the last few days. The malicious crate had 1 version published on 2026-03-04 approximately 50 minutes before...
CVE-2025-48635
In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48646
In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2024-31328
In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2023-31044
An issue was discovered in Nokia Impact before Mobile 23FP1. In Impact DM 19.11 onwards, a remote authenticated user, using the Add Campaign functionality, can inject a malicious payload within the Campaign Name. This data can be exported to a CSV file. Attackers can populate data fields that may...
Update, March 13: Talos on the developing situation in the Middle East
Update history Date | Description of updates ---|--- March 13, 2026 | Talos' assessment of the cyber attack on Stryker and the elevated threat landscape. Key findings and background on Handala, the Iranian-linked threat group. March 10, 2026 | Updated guidance and recommendations, IOCs, and...
CVE-2026-0047
In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0013
In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48635
In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-31328
In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed...