18176 matches found
Formulating Subgroup Discovery As a Quantum Optimization Problem for Network Security
While current network intrusion detection systems achieve satisfactory accuracy, they often lack explainability. Subgroup Discovery SD addresses this by building interpretable rules that characterize feature interactions associated with attack traffic. With large datasets, classical heuristic bea...
What Anthropic’s Mythos Means for the Future of Cybersecurity
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert guidance. These were vulnerabilities in key software like operating systems and internet infrastructure tha...
Threat-Oriented Digital Twinning for Security Evaluation of Autonomous Platforms
Open, unclassified research on secure autonomy is constrained by limited access to operational platforms, contested communications infrastructure, and representative adversarial test conditions. This paper presents a threat-oriented digital twinning methodology for cybersecurity evaluation of...
CVE-2026-3867
creationtimestamp| type| source ---|---|--- 2026-04-27 07:42:57+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/control-systems-moxa-security-advisory-av26-393...
PT-2026-35424
Name of the Vulnerable Software and Affected Versions JupiterX Core versions prior to 4.14.2 Description Cross Site Scripting XSS exists in the subscriber role, allowing an attacker to execute malicious scripts in the victim's browser. Recommendations Update to version 4.14.2 or later...
PT-2026-35427
Name of the Vulnerable Software and Affected Versions Booking Activities versions prior to 1.16.48.2 Description An unauthenticated broken access control issue exists in the software, allowing users to bypass authorization checks without providing credentials. Recommendations Update to version...
PT-2026-35426
Name of the Vulnerable Software and Affected Versions wp-photo-album-plus affected versions not specified Description An unauthenticated SQL Injection exists in the wp-photo-album-plus WordPress plugin. SQL Injection is a type of flaw that allows an attacker to interfere with the queries that an...
PT-2026-35640
Name of the Vulnerable Software and Affected Versions Shipment Tracker for Woocommerce versions prior to 1.5.3.3 Description A Cross Site Scripting XSS issue exists that allows users with the Subscriber role to execute malicious scripts in the context of the application. Recommendations Update to...
PT-2026-35425
Name of the Vulnerable Software and Affected Versions Product Filter by WBW versions prior to 3.1.2 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. This occurs when the application fails to properly sanitize user-supplied data before...
PT-2026-35641
Name of the Vulnerable Software and Affected Versions WooCommerce Product Filters versions prior to 2.0.6 Description An unauthenticated PHP Object Injection issue exists in the software. PHP Object Injection occurs when user-supplied input is passed to the unserialize function without proper...
Analysis of Personal Data Exposure in Thailand
In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...
Safeguarding Skies: Airport Cybersecurity in the Digital Age
The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world...
Black-Oracle
🖤 BLACK ORACLE 🖤 «The Eye That Sees Through Digital...
darkmarket-vuln-lab
🕶️ Dark Market Simulator An intentionally vulnerable CTF-...
The Security Cost of Intelligence: AI Capability, Cyber Risk, and Deployment Paradox
Firms are deploying more capable AI systems, but organizational controls often have not kept pace. These systems can generate greater productivity gains, but high-value uses require broader authority exposure -- data access, workflow integration, and delegated authority -- when governance control...
It pays to be a forever student
Welcome to this week's edition of the Threat Source newsletter. If I haven't said it in a newsletter before, I'll say it now: If you want to be good at cybersecurity, be a forever student. Cultivating and feeding your desire to know how things work is one of the key ingredients to being a hacker...
A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202
...
CVE-2026-6375
creationtimestamp| type| source ---|---|--- 2026-04-23 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-04 2026-04-23 23:26:58+00:00| seen| Telegram/EOmUzEDCCjVld0ErnrIDoAMYFcT1xcXC6s4XJmAqdlxQalE...
CVE-2026-32649
creationtimestamp| type| source ---|---|--- 2026-04-23 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03...
A Sociotechnical, Practitioner-Centered Approach to Technology Adoption in Cybersecurity Operations: An LLM Case
Technology for security operations centers SOCs has a storied history of slow adoption due to concerns about trust and reliability. These concerns are amplified with artificial intelligence, particularly large language models LLMs, which exhibit issues such as hallucinations and inconsistent...