2651 matches found
PT-2026-7413
Name of the Vulnerable Software and Affected Versions Microsoft Defender for Linux affected versions not specified Description The software contains a flaw in how it generates code, potentially allowing an attacker on the same network to run code without authorization. There is no information abo...
Microsoft Defender 代码注入漏洞
Microsoft Defender for Linux is Microsoft's own antivirus security software. A security vulnerability exists in Microsoft Defender for Linux that originates from improper input validation and can be exploited by remote attackers to execute arbitrary code...
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Cybersecurity company VulnChecksaid it first observed exploitation of CVE-2025-11953 aka Metro4Shell on December 21, 2025. With a...
Case study: Securing AI application supply chains
The rapid adoption of AI applications, including agents, orchestrators, and autonomous workflows, represents a significant shift in how software systems are built and operated. Unlike traditional applications, these systems are active participants in execution. They make decisions, invoke tools,...
Case study: Securing AI application supply chains
The rapid adoption of AI applications, including agents, orchestrators, and autonomous workflows, represents a significant shift in how software systems are built and operated. Unlike traditional applications, these systems are active participants in execution. They make decisions, invoke tools,...
Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware
A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. "The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign," Fortinet FortiGuard Labs...
From runtime risk to real‑time defense: Securing AI agents
AI agents, whether developed in Microsoft Copilot Studio or on alternative platforms, are becoming a powerful means for organizations to create custom solutions designed to enhance productivity and automate organizational processes by seamlessly integrating with internal data and systems. From a...
Exploit for CVE-2020-14979
Intel NUC WinRing0 Vulnerable Driver - Permanent Removal Guide...
CVE-2023-50963
IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...
CVE-2023-50957
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783...
CVE-2022-23604
x26-Cogs is a repository of cogs made by Twentysix for the Red Discord bot. Among these cogs is the Defender cog, a tool for Discord server moderation. A vulnerability in the Defender cog prior to version 1.10.0 allows users with admin privileges to issue commands as other users who share the sam...
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
--- Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALTBLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death BSoD errors in attacks targeting the European hospitality sector. The end goal of the multi-stage campai...
HoneyMyte (aka Mustang Panda) Deploys ToneShell Backdoor in New Attacks
HoneyMyte Mustang Panda is back with a new ToneShell backdoor. Read how this stealthy attack blinds Microsoft Defender to target government entities in Asia...
Agentic AI for Cyber Resilience: A New Security Paradigm and Its System-Theoretic Foundations
Cybersecurity is being fundamentally reshaped by foundation-model-based artificial intelligence. Large language models now enable autonomous planning, tool orchestration, and strategic adaptation at scale, challenging security architectures built on static rules, perimeter defenses, and...
Security Bulletin: Vulnerabilities in smarty and axios might affect IBM Storage Defender Sentinel Anomaly Scan Engine.
Summary IBM Storage Defender Sentinel Anomaly Scan Engine can be affected by vulnerabilities in smarty and axios. Vulnerabilities include allowing an attacker to inject malicious scripts into a Web page and steal cookie-based authentication credentials, execute arbitrary code on the system, and...
CVE-2025-62468
Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally...
Clarity in complexity: New insights for transparent email security
As email threats grow more sophisticated and layered security architectures become more common, organizations need clear, data-driven insights to evaluate how their security solutions perform together. Benchmarking plays a critical role in helping security leaders understand not just individual...
Clarity in complexity: New insights for transparent email security
As email threats grow more sophisticated and layered security architectures become more common, organizations need clear, data-driven insights to evaluate how their security solutions perform together. Benchmarking plays a critical role in helping security leaders understand not just individual...
Security Bulletin: IBM Storage Defender: Data Protect critical vulnerabilities resolved in release Defender 2.1.0/Data Protect 7.3
Summary IBM Storage Defender: Data Protect critical vulnerabilities resolved in release Defender 2.1.0/Data Protect 7.3. The vulnerabilities have been addressed in Data Protect 7.3, which is included in IBM Storage Defender 2.1.0 Vulnerability Details CVEID:CVE-2025-20260 DESCRIPTION: A...
CVE-2025-64650
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...