CVE-2026-23334

creationtimestamp| type| source ---|---|--- 2026-03-29 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0376/ 2026-05-31 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities20260601...

Pentests once a year? Nope. It's time to build an offensive SOC

You wouldn't run your blue team once a year, so why accept this substandard schedule for your offensive side? Your cybersecurity teams are under intense pressure to be proactive and to find your network's weaknesses before adversaries do. But in many organizations, offensive security is still...

WordPress pz-frontend-manager Plugin < 1.0.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software pz-frontend-manager Type Plugin Vulnerable versions 1.0.6 Fixed in 1.0.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6244 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 00622e75c008 Credits Vuln Seeker...

WordPress Light Poll plugin <= 1.0.0 - Poll Answers Deletion via CSRF vulnerability

Poll Answers Deletion via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin Light Poll versions = 1.0.0...

esphome vulnerable to stored Cross-site Scripting in edit configuration file API

Summary Edit configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation and Home Assistant add-on serves unsanitized data with “Content-Type: text/html; charset=UTF-8”, allowing remote authenticated user to inject arbitrary web script and exfiltrate sessi...

GHSA-9P43-HJ5J-96H5 esphome vulnerable to stored Cross-site Scripting in edit configuration file API

Summary Edit configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation and Home Assistant add-on serves unsanitized data with “Content-Type: text/html; charset=UTF-8”, allowing remote authenticated user to inject arbitrary web script and exfiltrate sessi...

ESPHome vulnerable to remote code execution via arbitrary file write

Summary Security misconfiguration in edit configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation allows authenticated remote attackers to read and write arbitrary files under the configuration directory rendering remote code execution possible. Detail...

CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token Vulnerability

Exploit Title: CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token Exploit Author: Walter Oberacher, Raffaele Nacca, Davide Bianchin, Fortunato Lodari, Luca Bernardi Deda Cloud Cybersecurity Team Vendor Homepage: https://www.crowdstrike.com/ Author Homepage:...

CrowdStrike Falcon Agent 6.44.15806 Uninstall Issue

Exploit Title: CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token Date: 30/11/2022 Exploit Author: Walter Oberacher, Raffaele Nacca, Davide Bianchin, Fortunato Lodari, Luca Bernardi Deda Cloud Cybersecurity Team Vendor Homepage: https://www.crowdstrike.com/ Author Homepage...

The Role of the Cybersecurity Leader in 2022

Who does the modern CISO need to be? According to the 2021 Gartner, Inc. Market Guide for Managed Detection and Response Services, the role of the chief information security officer CISO has to change in 2022 to combat the ever-evolving modern threat landscape. Eighty-eight percent of company...

Why diversity is important for a strong cybersecurity team

Medicine. Aeronautics. Academia. When you’re a cybersecurity professional, the colleague next to you could have started in one of these industries—or just about any other you can imagine. The backgrounds of cybersecurity professionals are more diverse than those of professionals in other...

Buyer's Guide for Securing Internal Environment with a Small Cybersecurity Team

Ensuring the cybersecurity of your internal environment when you have a small security team is challenging. If you want to maintain the highest security level with a small team, your strategy has to be 'do more with less,' and with the right technology, you can leverage your team and protect your...

CISO Spotlight: How diversity of data (and people) defeats today’s cyber threats

This year, we have seen five significant security paradigm shifts in our industry. This includes the acknowledgment that the greater the diversity of our data sets, the better the AI and machine learning outcomes. This diversity gives us an advantage over our cyber adversaries and improves our...

CISO Spotlight: How diversity of data (and people) defeats today’s cyber threats

This year, we have seen five significant security paradigm shifts in our industry. This includes the acknowledgment that the greater the diversity of our data sets, the better the AI and machine learning outcomes. This diversity gives us an advantage over our cyber adversaries and improves our...

Rapid7 Introduces “Active Response” for End-to-End Detection and Response

We know your cybersecurity team is facing unprecedented challenges, including new and complex attacks that exploit your remote workforce and deliver malicious payloads which, despite your best defenses, can bypass proactive security controls. Managed Detection and Response MDR providers offer...

Changing the monolith—Part 2: Whose support do you need?

In Changing the monolith—Part 1: Building alliances for a secure culture, I explored how security leaders can build alliances and why a commitment to change must be signaled from the top. But whose support should you recruit in the first place? In Part 2, I address considerations for the...

Louisiana State Government Hit by Ransomware Attack Forcing Server Shutdowns

Targeted ransomware attacks on banking and finance, government, healthcare, and critical infrastructure are on the rise, with the latest victim being the state government of Louisiana. The state government of Louisiana was hit by a large-scale coordinated ransomware attack yesterday, which forced...

RSAC 2019: 58% of Orgs Have Unfilled Cyber Positions

SAN FRANCISCO – Much has been made of the cybersecurity workforce gap, and it appears to be a persistent issue: A full 69 percent of respondents in a recent survey said that they have cybersecurity teams that are understaffed. According to ISACA’s State of Cybersecurity 2019 survey, released at t...

August 29, 2017 – Morning Cyber Coffee Headlines – “U.S. Open” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 29, 2017 - Headlines Carbon Black in the News: Over a quarter of the...