CVE-2026-56424

MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editability checks were missing on write paths. In affected subsystems, a lower-privileged authenticated user with the relevant feature permission could...

CVE-2026-56424

CVE-2026-56424 affects MISP core and describes multiple broken access-control flaws where authorization checks target the wrong entity or where ownership checks are missing on write paths. In affected subsystems, a lower-privileged authenticated user with relevant feature permissions could cause ...

CVE-2026-56424 Broken access control in MISP core allows cross-organization unauthorized modification or deletion of analyst data, event reports, collections, templates, and decaying models

MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editability checks were missing on write paths. In affected subsystems, a lower-privileged authenticated user with the relevant feature permission could...

EUVD-2026-38227

MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editability checks were missing on write paths. In affected subsystems, a lower-privileged authenticated user with the relevant feature permission could...

AutoSUT: The Environment Semantics Gap in Structured CTI for Adversary Emulation

Structured Cyber Threat Intelligence CTI is increasingly used for adversary emulation, detection evaluation, and cyber range design. However, these workflows still require a target System Under Test SUT whose environment is not fully described by public CTI. We measure how much of that environmen...

How Can MSSPs Scale Threat Detection Without Burning Out Their Analysts?

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...

vulnhub-writeups

VulnHub Writeups Author: Roman Mares Company: Delt...

CVE MCP Server 0.1.0

CVE MCP Server is a production-grade Model Context Protocol MCP server that turns Claude into a full-spectrum security analyst. Instead of juggling 15+ browser tabs across NVD, EPSS, CISA KEV, Shodan, VirusTotal, and GreyNoise, ask Claude one question and get correlated intelligence in seconds...

Large Language Models As Explainable Cyberattack Detectors for Energy Industrial Control Systems

In modern energy systems, industrial control systems ICS and power-system SCADA require intrusion detection that is not only accurate but also auditable by operators. The ICS intrusion-detection landscape is currently dominated by established supervised detectors. In this paper, we study whether ...

Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload

The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five minutes, the outcome can shift from a contained incident to a breach. For years, the cybersecuri...

Operational Runtime Behavior Mining for Open-Source Supply Chain Security

Open-source software OSS is a critical component of modern software systems, yet supply chain security remains challenging in practice due to unavailable or obfuscated source code. Consequently, security teams often rely on runtime observations collected from sandboxed executions to investigate...

LLMs, You Can Evaluate It! Design of Multi-Perspective Report Evaluation for Security Operation Centers

Security operation centers SOCs often produce analysis reports on security incidents, and large language models LLMs will likely be used for this task in the near future. We postulate that a better understanding of how veteran analysts evaluate reports, including their feedback, can help produce...

Lexi DiScola’s guide to global teamwork and overflowing TBRs

Welcome back to Humans of Talos. This month, Amy chats with Senior Cyber Threat Analyst Lexi DiScola from the Strategic Analysis team. Lexi's journey into cybersecurity is anything but traditional -- she brings a background in political science and French to her work tracking global cyber threats...

Spy vs. spy: How GenAI is powering defenders and attackers

Generative AI GenAI is reshaping cybersecurity for both attackers and defenders, but its future capabilities are difficult to measure as techniques and models are evolving rapidly. Adversaries continue to use GenAI with varying levels of reliance. State-sponsored groups continue to take advantage...

Randomized Controlled Trials for Phishing Triage Agent

Security operations centers SOCs face a persistent challenge: efficiently triaging a high volume of user-reported phishing emails while maintaining robust protection against threats. This paper presents the first randomized controlled trial RCT evaluating the impact of a domain-specific AI agent ...

APThreatHunter: An Automated Planning-Based Threat Hunting Framework

Cyber attacks threaten economic interests, critical infrastructure, and public health and safety. To counter this, entities adopt cyber threat hunting, a proactive approach that involves formulating hypotheses and searching for attack patterns within organisational networks. Automating cyber thre...

MAL-2025-48028 Malicious code in func-analyst (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acdf906e62052075f99f8b6d12353e90718603e428f036750156e9a47c16b61c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-32965

Malicious code in func-analyst npm...

Malicious code in func-analyst (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acdf906e62052075f99f8b6d12353e90718603e428f036750156e9a47c16b61c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2020-25970

Malware in sbrugna...