Exploit for Deserialization of Untrusted Data in Facebook React

VPS Continuous Scanner A lightweight orchestrator and worker...

The Post-RAMP Era: Allegations, Fragmentation, and the Rebuilding of the Ransomware Underground

Executive summary The January 2026 seizure of RAMP disrupted a major ransomware coordination hub, but it did not dismantle the ecosystem behind it. Instead, it destabilized trust and accelerated fragmentation across the underground. Rather than consolidating around a single successor, ransomware...

An Explainable Memory Forensics Approach for Malware Analysis

Memory forensics is an effective methodology for analyzing living-off-the-land malware, including threats that employ evasion, obfuscation, anti-analysis, and steganographic techniques. By capturing volatile system state, memory analysis enables the recovery of transient artifacts such as decrypt...

Increase in Malware Enabled ATM Jackpotting Incidents across United States

The Federal Bureau of Investigation FBI is releasing this FLASH to disseminate indicators of compromise IOCs and technical details associated with malware enabled ATM jackpotting. Threat actors exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a...

CVE-2026-26339

creationtimestamp| type| source ---|---|--- 2026-02-19 18:00:22+00:00| seen| https://infosec.exchange/users/offseq/statuses/116098598316831047 2026-02-19 18:00:24+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mfa6e43u5v22 2026-02-19 19:00:19+00:00| seen|...

CVE-2025-4521

creationtimestamp| type| source ---|---|--- 2026-02-19 17:16:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfa3vuahhi2d 2026-02-19 17:16:50+00:00| seen| https://mastodon.social/ap/users/115755483699003887/statuses/116098424956279178...

Mind the Gap: Evaluating LLMs for High-Level Malicious Package Detection Vs. Fine-Grained Indicator Identification

The prevalence of malicious packages in open-source repositories, such as PyPI, poses a critical threat to the software supply chain. While Large Language Models LLMs have emerged as a promising tool for automated security tasks, their effectiveness in detecting malicious packages and indicators...

CVE-2026-23719

creationtimestamp| type| source ---|---|--- 2026-02-10 11:02:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meisrzjx7l23 2026-02-10 11:05:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116046004981475748 2026-02-17 11:00:00+00:00| seen|...

Exploit for PHP Remote File Inclusion in Synacor Zimbra_Collaboration_Suite

CVE-2025-68645 — Zimbra Classic UI LFI Defender Pack This r...

Exploit for Deserialization of Untrusted Data in Facebook React

RSC Sentinel CVE-2025-55182 Next.js / React Server Components...

The Notepad++ supply chain attack — unnoticed execution chains and new IoCs

UPD 11.02.2026: added recommendations on how to use the Notepad++ supply chain attack rules package in our SIEM system. Introduction On February 2, 2026, the developers of Notepad++, a text editor popular among developers, published a statement claiming that the update infrastructure of Notepad++...

PT-2026-5726

Name of the Vulnerable Software and Affected Versions Odoo versions 21.11 through 25.10 Odoo versions 26.05 Description The NixOS Odoo package, an open source ERP and CRM system, exposes the database manager without authentication. This allows unauthorized actors to delete and download the entire...

Proactively Detecting Threats: A Novel Approach Using LLMs

Enterprise security faces escalating threats from sophisticated malware, compounded by expanding digital operations. This paper presents the first systematic evaluation of large language models LLMs to proactively identify indicators of compromise IOCs from unstructured web-based threat...

SigInt-Hombre 1.0

SigInt-Hombre is a python script that generates derived Suricata detection rules from live URLhaus threat indicators at runtime and deploys them to the Security Onion platform for high-coverage real-time network monitoring...

CVE-2025-13773

creationtimestamp| type| source ---|---|--- 2025-12-24 05:37:02+00:00| seen| https://infosec.exchange/users/offseq/statuses/115772923621574352 2025-12-24 05:37:03+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mapkafmwk626 2025-12-24 05:45:28+00:00| seen|...

CISA and Partners Release Update to Malware Analysis Report BRICKSTORM Backdoor

Today, the Cybersecurity and Infrastructure Security Agency CISA, National Security Agency, and Canadian Centre for Cyber Security released an update to the Malware Analysis Report BRICKSTORM Backdoor with indicators of compromise IOCs and detection signatures for additional BRICKSTORM samples...

Rethinking Cybersecurity Ontology Classification and Evaluation: Towards a Credibility-Centered Framework

This paper analyzes the proliferation of cybersecurity ontologies, arguing that this surge cannot be explained solely by technical shortcomings related to quality, but also by a credibility deficit - a lack of trust, endorsement, and adoption by users. This conclusion is based on our first...

Identification of Malicious Posts on the Dark Web Using Supervised Machine Learning

Given the constant growth and increasing sophistication of cyberattacks, cybersecurity can no longer rely solely on traditional defense techniques and tools. Proactive detection of cyber threats has become essential to help security teams identify potential risks and implement effective mitigatio...

What is CTEM? Your Guide to Reducing Cyber Risk

Trying to explain security priorities to your board using CVSS scores is a tough sell. A long list of technical flaws doesn't translate to business impact, making it difficult to justify budgets and get buy-in for critical initiatives. Security leaders need a better way to frame the conversation...

SafePay Ransomware: TTPs and Defense Strategies

When a threat actor disables your security software and starts deleting your backups, you’re already in the middle of a crisis. The operators behind SafePay ransomware are known for these exact tactics, deliberately sabotaging your ability to respond and recover. Catching an attack like this earl...