47 matches found
CVE-2026-46538
CVE-2026-46538 affects Microsoft UFO open-source framework; in version 3.0.1-4-ge2626659, the constellation client tracks pending task responses by session_id and does not bind completion to the originating device. An authenticated peer can forge a TASK_END with the same session_id to inject atta...
CVE-2026-46414
Technical details are not publicly available in the provided documents. Monitor for updates.
PwnGPT-Automation
PwnGPT Caputre the flag with Large Language Models. Constructe...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...
Hellxss
██╗ ██╗███████╗██╗ ██╗ ██╗ ██╗███████╗███████╗ █...
MUZZLE: Adaptive Agentic Red-Teaming of Web Agents against Indirect Prompt Injection Attacks
Large language model LLM based web agents are increasingly deployed to automate complex online tasks by directly interacting with web sites and performing actions on users' behalf. While these agents offer powerful capabilities, their design exposes them to indirect prompt injection attacks...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update
An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...
EUVD-2012-4741
Malware in sbrugna...
EUVD-2025-7802
Malicious code in bioql PyPI...
Cloud Investigation Automation Framework (CIAF): An AI-Driven Approach to Cloud Forensics
Large Language Models LLMs have gained prominence in domains including cloud security and forensics. Yet cloud forensic investigations still rely on manual analysis, making them time-consuming and error-prone. LLMs can mimic human reasoning, offering a pathway to automating cloud log analysis. To...
Orion: Fuzzing Workflow Automation
Fuzz testing is one of the most effective techniques for finding software vulnerabilities. While modern fuzzers can generate inputs and monitor executions automatically, the overall workflow, from analyzing a codebase, to configuring harnesses, to triaging results, still requires substantial manu...
Malicious code in wdc-automation-framework (npm)
The package wdc-automation-framework was found to contain malicious code...
MAL-2025-38947 Malicious code in wdc-automation-framework (npm)
The package wdc-automation-framework was found to contain malicious code...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update
An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...
CVE-2025-27616 Vela Server has Insufficient Webhook Payload Data Verification
Vela is a Pipeline Automation CI/CD framework built on Linux container technology written in Golang. Prior to versions 0.25.3 and 0.26.3, by spoofing a webhook payload with a specific set of headers and body data, an attacker could transfer ownership of a repository and its repo level secrets to ...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
csm 路径遍历漏洞
csm is a csm-aut open source automation and orchestration framework for IOS-XR devices. csm 3.5 and earlier versions have a path traversal vulnerability that stems from a failure of Flask's sendfile function to properly filter special elements in a resource or file path, which can be exploited by...
Hackers Increasingly Using Browser Automation Frameworks for Malicious Activities
Cybersecurity researchers are calling attention to a free-to-use browser automation framework that's being increasingly used by threat actors as part of their attack campaigns. "The framework contains numerous features which we assess may be utilized in the enablement of malicious activities,"...
Automated remediation level 3: Governance and hygiene
Mold it, make it, just don’t fake it At a quick glance, it seems like the title of this blog is “government hygiene.” Most likely, that wouldn’t be a particularly exciting read, but we’re hoping you might be engaged enough to gain a few takeaways from this fourth piece in our series on automating...