China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been complemented by a "rapid operational tempo" and a continually evolving malware arsenal comprising known...

Improper Restriction of Communication Channel to Intended Endpoints

Overview PowerShell is a package containing the PowerShell global tool Affected versions of this package are vulnerable to Improper Restriction of Communication Channel to Intended Endpoints due to improper restriction of the communication channel to intended endpoints. An attacker can gain...

EUVD-2017-13086

Malware in sbrugna...

EUVD-2019-14894

Malware in sbrugna...

EUVD-2019-8171

Malware in sbrugna...

EUVD-2025-12624

Malicious code in bioql PyPI...

EUVD-2022-39153

Malicious code in bioql PyPI...

CVE-2022-36443

An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels wireless and SD card but it is still possible to use a physical connection Ethernet cable without restriction...

CVE-2019-13633

Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can send arbitrary JavaScript code via a built-in communication channel, such as Telegram, WhatsApp, Viber, Skype, Facebook, Vkontakte, or Odnoklassniki. This is mishandled within the administration panel for...

An Alignment between the CRA'S Essential Requirements and the ATT&CK'S Mitigations

The paper presents an alignment evaluation between the mitigations present in the MITRE's ATT&CK framework and the essential cyber security requirements of the recently introduced Cyber Resilience Act CRA in the European Union. In overall, the two align well with each other. With respect to the...

PT-2025-18182 · Ribbon Communications · Apollo 9608

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to improper restriction of communication channels to intended endpoints. Recommendations: At the moment, there is no information about a newer version that contains a fi...

PT-2025-18028 · Unknown · Quick Agent V3 +1

Name of the Vulnerable Software and Affected Versions: Quick Agent V3 and Quick Agent V2 affected versions not specified Description: The issue is related to improper restriction of communication channels to intended endpoints. This could allow a remote unauthenticated attacker to attempt to log ...

The vulnerability of Fortinet’s software products lies in the insufficient restriction of communication channels for specific endpoints, which allows attackers to carry out MITM attacks.

The vulnerability of Fortinet software products is related to insufficient restrictions on communication channels for specified endpoints. Exploiting this vulnerability allows a remote attacker to carry out a Middleware-In-The-Middle MITM attack...

The vulnerability of the system administration tool Sudo on Windows operating systems, which allows attackers to perform spoofing attacks

The vulnerability of the system administration tool Sudo in Windows operating systems is related to improper restrictions on communication channels for potential targets. Exploiting this vulnerability allows attackers to perform spoofing attacks...

Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS system. A security vulnerability exists in Juniper Networks Junos OS Evolved that arises from improper restriction of communication channels to targeted endpoints...

A New Age of Hacktivism

In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joini...

Oracle Linux 7 : istio (ELSA-2023-12357)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12357 advisory. - CVE-2022-27496 - CVE-2022-27488 - CVE-2022-27493 - CVE-2022-27492 - CVE-2022-27491 - CVE-2022-27487 Tenable has extracted the preceding description...

Rapid7 Podcast Explores Hybrid-First Workplace Learnings

As the world continues to navigate the post-pandemic shift in work environments, Rapid7 is operating on a hybrid-first approach that balances flexibility and productivity with collaboration and optimizing for customer success. In the spirit of cross-collaboration, the People Development and...

CVE-2022-36443

An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels wireless and SD card but it is still possible to use a physical connection Ethernet cable without restriction...

Design/Logic Flaw

An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels wireless and SD card but it is still possible to use a physical connection Ethernet cable without restriction...