84 matches found
PT-2026-48474
Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-697 Incorrect Comparison Summary AWS IAM trust policies can list more than one federated identity provider — for example, a role that accepts BOTH GitHub Actions OIDC and Google's OIDC. The G OIDC 1 and G OIDC 2 policy rule...
Strengthening Polymorphic Prompt Assembling: Dynamic Separator Generation against Emerging Prompt Injection Attacks
Polymorphic Prompt Assembling PPA defends LLM agents against prompt injections by randomly selecting separator pairs from a fixed pool to isolate user input from system instructions. Although effective, static pool reuse exposes a blast-radius vulnerability: once a separator leaks, it can be...
CLSA-2026-1779461988 krb5: Fix of 3 CVEs
CVE-2024-3596: generate and verify Message-Authenticator MACs in libkrad to mitigate the BlastRADIUS attack on the RADIUS protocol; includes follow-up fix for uninitialized pointer dereference in kradpacketdecoderequest - CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap...
AI Native Asset Intelligence
Modern security environments generate fragmented signals across cloud resources, identities, configurations, and third-party security tools. Although AI-native security assistants improve access to this data, they remain largely reactive: users must ask the right questions and interpret...
Signals from the Cloud Security Forecast 2026: Cloud Risk Is Scaling through Design, Not Disruption
Key Takeaways Identity and permissions now determine what is reachable, making them the primary drivers of cloud risk. Runtime exposure, not individual findings, determines how low-risk issues combine into real impact. SaaS and OAuth integrations extend the control plane and amplify blast radius...
Compliance Won’t Save Healthcare: Reducing the Blast Radius Will
...
Microsegmentation and Zero Trust: Control the Blast Radius by Design
...
CVE-2019-12968
A vulnerability was found in the Sonic Robo Blast 2 SRB2 plugin EPVersions 9 to 11 inclusive distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowing a remote attacker to...
Elite Cyber Veterans Launch Blast Security with $10M to Turn Cloud Detection into Prevention
Tel Aviv, Israel, 24th November 2025, CyberNewsWire...
EUVD-2019-4543
Malware in sbrugna...
EUVD-2014-5745
Malware in sbrugna...
EUVD-2025-30252
Malicious code in bioql PyPI...
EUVD-2024-2640
Malicious code in bioql PyPI...
EUVD-2025-27524
Malicious code in bioql PyPI...
CVE-2025-34204
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...
CVE-2025-34204
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...
CVE-2025-34204 Vasion Print (formerly PrinterLogic) Processes Running as Root Inside Docker Instances
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...
CVE-2025-34204 Vasion Print (formerly PrinterLogic) Processes Running as Root Inside Docker Instances
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...
PT-2025-38602
Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host and Application affected versions not specified Description The Vasion Print Virtual Appliance Host and Application VA and SaaS deployments utilizes Docker containers that execute prima...
CVE-2025-9622
The WP Blast | SEO & Performance Booster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.6. This is due to missing or incorrect nonce validation on multiple administrative actions in the Settings class. This makes it possible for...