Lucene search
K

112 matches found

Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.7 views

AI Researchers Must Help Lead Arms Control to Mitigate Military AI Risks

The advancement of AI capabilities compels researchers and the public to be more aware of its potential worldwide impact. A pressing near-term concern is the regulation of military AI applications. Armament manufacturers and defense contractors are increasingly investing in AI capabilities and...

5.4AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2025/10/30 4:48 p.m.5 views

ICE Wants to Build a Shadow Deportation Network in Texas

A new ICE proposal outlines a 24/7 transport operation run by armed contractors—turning Texas into the logistical backbone of an industrialized deportation machine...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2025-21556

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00254EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/28 12:0 a.m.6 views

PT-2025-39765

Name of the Vulnerable Software and Affected Versions WordPress Search Exclude plugin versions up to and including 2.5.7 Description The WordPress Search Exclude plugin contains a flaw that allows unauthorized modification of data. This is due to an inadequate capability check within the Base::ge...

4.3CVSS6.3AI score0.00159EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/17 9:1 p.m.16 views

CVE-2025-6981

An incorrect authorization vulnerability allowed unauthorized read access to the contents of internal repositories for contractor accounts when the Contractors API feature was enabled. The Contractors API is a rarely-enabled feature in private preview. This vulnerability affected all versions of...

5.3CVSS6.9AI score0.00254EPSS
Exploits0References1
NVD
NVD
added 2025/07/15 9:15 p.m.22 views

CVE-2025-6981

An incorrect authorization vulnerability allowed unauthorized read access to the contents of internal repositories for contractor accounts when the Contractors API feature was enabled. The Contractors API is a rarely-enabled feature in private preview. This vulnerability affected all versions of...

5.3CVSS0.00254EPSS
Exploits0References4
OSV
OSV
added 2025/07/15 9:15 p.m.8 views

CVE-2025-6981

An incorrect authorization vulnerability allowed unauthorized read access to the contents of internal repositories for contractor accounts when the Contractors API feature was enabled. The Contractors API is a rarely-enabled feature in private preview. This vulnerability affected all versions of...

4.3CVSS5.8AI score0.00254EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/15 8:44 p.m.26 views

CVE-2025-6981 Incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized read-only access

An incorrect authorization vulnerability allowed unauthorized read access to the contents of internal repositories for contractor accounts when the Contractors API feature was enabled. The Contractors API is a rarely-enabled feature in private preview. This vulnerability affected all versions of...

5.3CVSS0.00254EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/15 8:44 p.m.3 views

CVE-2025-6981 Incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized read-only access

An incorrect authorization vulnerability allowed unauthorized read access to the contents of internal repositories for contractor accounts when the Contractors API feature was enabled. The Contractors API is a rarely-enabled feature in private preview. This vulnerability affected all versions of...

5.3CVSS6.2AI score0.00254EPSS
Exploits0References4
CVE
CVE
added 2025/07/15 8:44 p.m.36 views

CVE-2025-6981

CVE-2025-6981 describes an incorrect authorization vulnerability in GitHub Enterprise Server that allowed unauthorized read access to internal repositories for contractor accounts when the Contractors API feature was enabled. The issue affected all versions prior to 3.18 and has been fixed in ver...

5.3CVSS6.2AI score0.00254EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/15 12:0 a.m.3 views

PT-2025-29685 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.18 GitHub Enterprise Server versions 3.14.15 GitHub Enterprise Server versions 3.15.10 GitHub Enterprise Server versions 3.16.6 GitHub Enterprise Server versions 3.17.3 Description: An incorrect...

5.3CVSS6.1AI score0.00254EPSS
Exploits0References7
Schneier on Security
Schneier on Security
added 2025/01/20 12:6 p.m.8 views

Biden Signs New Cybersecurity Order

President Biden has signed a new cybersecurity order. It has a bunch of provisions, most notably using the US governments procurement power to improve cybersecurity practices industry-wide. Some details: The core of the executive order is an array of mandates for protecting government networks...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/21 2:39 p.m.42 views

Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a...

10CVSS10AI score0.99999EPSS
Exploits57
Securelist
Securelist
added 2024/09/20 12:31 p.m.67 views

-=TWELVE=- is back

In the spring of 2024, posts with real people's personal data began appearing on the -=TWELVE=- Telegram channel. Soon it was blocked for falling foul of the Telegram terms of service. The group stayed off the radar for several months, but as we investigated a late June 2024 attack, we found that...

9.8CVSS10AI score0.99999EPSS
Exploits57
The Hacker News
The Hacker News
added 2024/07/26 8:55 a.m.19 views

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

The U.S. Department of Justice DoJ on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense,...

7.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/04/09 11:59 a.m.14 views

vancouvergeneralcontractors.com Cross Site Scripting vulnerability OBB-3912320

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/02 4:38 a.m.29 views

U.S. Charges Iranian Hacker, Offers $10 Million Reward for Capture

The U.S. Department of Justice DoJ on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to have been targeted, including th...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/19 1:47 p.m.58 views

Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies

An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023. "The actors behind...

8.8CVSS7.9AI score0.81103EPSS
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2023/08/04 3:56 p.m.16 views

Moving past MOVEit

The MOVEit hack resembles successful cyberattacks from the past, leading us to ask if federal agencies and contractors are using all the tools, methods, and technologies available to ward off the same type of cyberattacks...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/13 9:7 a.m.3 views

Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign

The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running campaign called DeathNote. While the nation-state adversary is known for persistently singling out the cryptocurrency sector, recent...

6.7AI score
Exploits0
Rows per page
Query Builder