AI_AutoExploitGeneration

🎯 AI-POWERED AUTOMATED EXPLOIT GENERATION AEG SYSTEM Vers...

AI Agents and Non-Human Identities Creating Critical Security Gaps, Report

New research from Keeper Security, reveals non-human identities and automated system-to-system interactions are becoming the top security risk for businesses in 2026...

EUVD-2026-15736

Missing Authorization vulnerability in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automated FedEx live/manual rates with shipping labels: from n/a through = 5.1....

USN-7062-1 libgsf vulnerabilities

It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code...

USN-6697-1: Bash vulnerability

It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker could use this issue to cause Bash to crash, resulting in a denial of service, or possibly...

USN-6280-1: PyPDF2 vulnerability

It was discovered that PyPDF2 incorrectly handled PDF files with certain markers. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service...

USN-6114-1: nth-check vulnerability

Yeting Li discovered that nth-check incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

Ubuntu 20.04 LTS : ImageMagick vulnerabilities (USN-4549-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4549-1 advisory. It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricke...

Would You Have Fallen for This Phone Scam?

You may have heard that today's phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable. But you probably didn't know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on you...

[SECURITY] Fedora 29 Update: buildbot-1.8.2-1.fc29

The BuildBot is a system to automate the compile/test cycle required by most software projects to validate code changes. By automatically rebuilding and testing the tree each time something has changed, build problems are pinpointed quickly, before other developers are inconvenienced by the failu...

New batchOverflow Bug in Multiple ERC20 Smart Contracts (CVE-2018–10299)

Built on our earlier efforts in analyzing EOS tokens, we have developed an automated system to scan and analyze Ethereum-based ERC-20 token transfers. Specifically, our system will automatically send out alerts if any suspicious transactions e.g., involving unreasonably large tokens occur. In...

HackerOne: Reading redacted data via hackbot's answers

Summary: Hello, I have found a way to use hackbot's automated duplication answers to reveal redacted data via brute force. This is restricted by the length of the report and number of radacted items. For short report with little content and just 1-2 redacted texts this is rather easy to accomplis...

Save Time by Streamlining Vendor Risk Assessments in the Cloud

As your organization enthusiastically adopts cloud and mobile services from multiple new vendors, are your already-busy security and compliance teams scrambling to assess the risks of using these new providers’ products? Are you still using a manual process for conducting these vendor evaluations...

Ubuntu 14.04 LTS / 16.04 LTS : libmwaw vulnerability (USN-3319-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3319-1 advisory. It was discovered that libmwaw incorrectly handled certain malformed document files. If a user or automated system were tricked into opening a special...

GLSA-201705-10 : GStreamer plug-ins: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201705-10 GStreamer plug-ins: User-assisted execution of arbitrary code Multiple vulnerabilities have been discovered in various GStreamer plug-ins. Please review the CVE identifiers referenced below for details. Impact : A remote...

Ubuntu 12.04 LTS : icoutils vulnerabilities (USN-3226-1)

Jerzy Kramarz discovered that icoutils incorrectly handled memory when processing certain files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause icoutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Note...

The vulnerability of the automated system for managing technological processes of SIMATIC WinCC allows a malicious individual to increase their privileges level.

Access rights to system objects allow a local user to obtain limited, enhanced privileges as a user of the operating system...

Rotten Apples: Apple-like Malicious Phishing Domains

At FireEye Labs we have an automated system designed to proactively detect newly registered malicious domains. This system observed some phishing domains registered in the first quarter of 2016 that were designed to appear as legitimate Apple domains. These phony Apple domains were involved in...

Updated dpkg packages fix CVE-2015-0860

Updated dpkg packages fix security vulnerability: Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafted Debian binary...

Georgia Tech Releases BlackForest Threat Intelligence Tool

Enterprises longing for an automated system that sends up a smoke signal that attackers may be planning a move against a particular organization or are promoting a new tool that targets companies in a specific industry may have had their wish come true. Georgia Tech Research Institute has release...