Lucene search
K

337 matches found

Microsoft Secure
Microsoft Secure
added 2026/06/24 12:30 p.m.18 views

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

In this article 1. The role of infostealers: From credential theft to intrusion 2. StealC: Infostealer for rent 3. Amadey: Malware-as-a-service for delivery of infostealers 4. Defending against StealC and Amadey intrusions 5. Microsoft Defender detections 6. Indicators of compromise Infostealers...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/15 6:17 a.m.18 views

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals. The vulnerability in question is CVE-2026-0257 CVSS score: 7.8, an authentication bypass flaw...

9.1CVSS6.1AI score0.86678EPSS
Exploits9
Microsoft Secure
Microsoft Secure
added 2026/06/09 5:35 p.m.12 views

Reconstructing AI activity in investigations

AI systems are now part of everyday work. Investigators need a consistent way to reconstruct what happened within them. Security teams are already investigating activity involving Microsoft 365 Copilot and Azure AI services—from prompt injection attempts to unexpected data access. Those signals a...

5.4AI score
Exploits0
EUVD
EUVD
added 2026/06/04 7:31 p.m.9 views

EUVD-2026-34320

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

7.1CVSS5.9AI score0.00246EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46318

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

7.1CVSS5.9AI score0.00246EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.7 views

TIBlender: Early-Warning Threat Intelligence from Cross-Platform Social Media Evidence

Cyber threat signals are fragmented across multiple social media platforms, yet no existing approach has fully automated their integration into actionable threat intelligence TI reports. We present TIBlender, a multi-agent system that monitors four platforms X, Reddit, Telegram, and Discord and...

5.8AI score
Exploits0
NCSC
NCSC
added 2026/05/30 10:52 a.m.20 views

Vulnerability handling in Palo Alto Networks PAN-OS and Prisma Access

Palo Alto Networks has identified a vulnerability in the PAN-OS’ GlobalProtect portal and gateway components. An unauthorized malicious actor can exploit this vulnerability to establish a VPN connection. As a result, the malicious actor gains access to internal systems that are accessible via the...

9.1CVSS6.1AI score0.86678EPSS
Exploits9References2
Microsoft Secure
Microsoft Secure
added 2026/05/18 10:42 p.m.59 views

How Storm-2949 turned a compromised identity into a cloud-wide breach

In this article 1. Attack chain overview 1. Cloud compromise: Microsoft Entra ID and Microsoft 365 2. Initial access and persistence through targeted social engineering and SSPR abuse 3. Directory discovery and persistence 4. Microsoft 365 discovery and exfiltration 5. Cloud compromise: Microsoft...

6.1AI score
Exploits0
Cisco
Cisco
added 2026/05/14 4:0 p.m.41 views

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability...

10CVSS6.2AI score0.87693EPSS
Exploits4References1
GithubExploit
GithubExploit
added 2026/05/07 10:9 a.m.157 views

ethical-hacking-lab-reports

Ethical Hacking & Information Security Lab Reports !Security...

7.2CVSS7.3AI score0.07625EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2026/05/07 12:0 a.m.13 views

Benchmarking Large Language Models for IoC Recovery under Adversarial Code Obfuscation and Encryption

Software obfuscation and encryption present persistent challenges for program comprehension and security analysis, particularly when adversaries conceal Indicators of Compromise IoCs such as IP addresses within source code. While Large Language Models LLMs have recently demonstrated remarkable...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/05/04 3:0 p.m.10 views

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise

In this article 1. Multi-step social engineering campaign leading to credential theft 2. Mitigation and protection guidance 3. Microsoft Defender detections 4. Hunting queries 5. Indicators of compromise Phishing campaigns continue to improve sophistication and refinement in blending social...

5.7AI score
Exploits0
CISA
CISA
added 2026/04/20 12:0 p.m.16 views

​​Supply Chain Compromise Impacts Axios Node Package Manager​

The Cybersecurity and Infrastructure Security Agency CISA is releasing this alert to provide guidance in response to the software supply chain compromise of the Axios node package manager npm.1 Axios is an HTTP client for JavaScript that developers commonly use in Node.js and browser environments...

6AI score
Exploits0References9
HackRead
HackRead
added 2026/03/31 11:36 a.m.6 views

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately...

9.8CVSS6.1AI score0.02246EPSS
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/19 3:0 p.m.5 views

When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures

In this article 1. A wide range of tax-themed campaigns 2. How to protect users and organization against tax-themed campaigns 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise During tax season, threat actors reliably take advantage of the urgency and familiarity of...

6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/11 5:31 p.m.12 views

Rapid7 Detection Coverage for Iran-Linked Cyber Activity

The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent published advisories, this communication is intended to outline and summarize the detection and enrichment coverage available to Rapid7 customers, broadl...

10CVSS7.4AI score0.97673EPSS
Exploits59
Packet Storm News
Packet Storm News
added 2026/03/05 12:0 a.m.3 views

Cyber Threat Intelligence for Artificial Intelligence Systems

As artificial intelligence AI becomes deeply embedded in critical services and everyday products, it is increasingly exposed to security threats which traditional cyber defenses were not designed to handle. In this paper, we investigate how cyber threat intelligence CTI may evolve to address...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.4 views

An Explainable Memory Forensics Approach for Malware Analysis

Memory forensics is an effective methodology for analyzing living-off-the-land malware, including threats that employ evasion, obfuscation, anti-analysis, and steganographic techniques. By capturing volatile system state, memory analysis enables the recovery of transient artifacts such as decrypt...

6AI score
Exploits0
Securelist
Securelist
added 2026/02/03 8:10 a.m.37 views

The Notepad++ supply chain attack — unnoticed execution chains and new IoCs

UPD 11.02.2026: added recommendations on how to use the Notepad++ supply chain attack rules package in our SIEM system. Introduction On February 2, 2026, the developers of Notepad++, a text editor popular among developers, published a statement claiming that the update infrastructure of Notepad++...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/13 12:0 a.m.5 views

Proactively Detecting Threats: A Novel Approach Using LLMs

Enterprise security faces escalating threats from sophisticated malware, compounded by expanding digital operations. This paper presents the first systematic evaluation of large language models LLMs to proactively identify indicators of compromise IOCs from unstructured web-based threat...

6.9AI score
Exploits0
Rows per page
Query Builder