PT-2026-48154

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

Converge Connect: Unlock Lower Premiums with Proven Qualys Security

Key Takeaways Qualys, in collaboration with Converge, has launched an offering that ties your security posture to your cyber insurance costs. The Qualys Converge Connect Insurance Report CCIR supplements manual insurance questionnaires with objective, platform-generated, real-time security data...

How Hive Pro Brings Comprehensive Security to  CrowdStrike and SentinelOne

& How HivePro Vulnerability Exposure Management VEM extends and amplifies the value of your existing endpoint security/EDR investments - turning detection strength into enterprise-wide vulnerability and exposure intelligence. The Challenge Your EDR is world-class. Your exposure visibility isn't...

IBM Security QRadar EDR 代码问题漏洞

IBM Security QRadar EDR is a terminal detection and response software developed by the American multinational company IBM. There are code-related vulnerabilities in versions 3.12 to 3.12.23 of IBM Security QRadar EDR. These vulnerabilities stem from the failure to invalidate sessions after they...

IBM Security QRadar EDR 加密问题漏洞

IBM Security QRadar EDR is a terminal detection and response software developed by the American multinational company IBM. There are vulnerabilities related to encryption in versions 3.12 to 3.12.23 of IBM Security QRadar EDR. These vulnerabilities stem from the use of encryption algorithms that...

EUVD-2019-9165

Malware in sbrugna...

EUVD-2020-4895

Malware in sbrugna...

Retail at risk: How one alert uncovered a persistent cyberthreat​​

In the latest edition of our Cyberattack Series, we dive into real-world cases targeting retail organizations. With 60% of retail companies reporting operational disruptions from cyberattacks and 43% experiencing security compromises in the past year, the risks for businesses continue to increase...

Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks

Crypto24 is a ransomware group that stealthily blends legitimate tools with custom malware, using advanced evasion techniques to bypass security and EDR technologies...

CVE-2025-34041

An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response EDR management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interfac...

PT-2025-26672

Name of the Vulnerable Software and Affected Versions: Sangfor Endpoint Detection and Response EDR management platform versions 3.2.16, 3.2.17, and 3.2.19 Description: The issue is an OS command injection vulnerability that allows unauthenticated attackers to send malicious HTTP requests to the E...

IBM Security ReaQta EDR 信任管理问题漏洞

IBM Security ReaQta EDR is an Endpoint Detection and Response EDR solution from International Business Machines IBM that detects, investigates and responds to endpoint threats in real time through behavioral analytics and AI technologies, providing automated threat hunting and incident response...

Reinforcing resilience with financial assurance: Breach protection matters now more than ever

Introducing Rapid7’s value-added Breach Protection Warranty that delivers confidence, clarity, and coverage when it matters most. Life’s old adage often applies in security: Hope for the best, prepare for the worst. In today’s threat landscape, even the best-prepared organizations can’t guarantee...

Deepening the MDR partnership: Rapid7 now delivers Active Remediation with Velociraptor

Rapid7 is expanding its response capabilities to meet the demands and relentless pace of today’s threat landscape – and the operational needs of our customers. Partnership means many things to us here at Rapid7. It means showing up with trusted expertise, providing clear guidance in moments of...

Palo Alto Networks Cortex XDR 代码问题漏洞

Palo Alto Networks Cortex XDR is an extended detection and response platform that natively integrates network, endpoint, cloud, and third-party data from Palo Alto Networks, USA. A code issue vulnerability exists in Palo Alto Networks Cortex XDR, which stems from a faulty detection mechanism that...

PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit

BYOSI - Bring-Your-Own-Script-Interpreter - Leveraging the abuse of trusted applications, one is able to deliver a compatible script interpreter for a Windows, Mac, or Linux system as well as malicious source code in the form of the specific script interpreter of choice. Once both the malicious...

Palo Alto Networks Cortex XDR Security Vulnerability

Palo Alto Networks Cortex XDR is an extended detection and response platform that natively integrates network, endpoint, cloud, and third-party data from Palo Alto Networks, Inc. in the United States. A security vulnerability exists in Palo Alto Networks Cortex XDR Agent Windows that originates...

Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators

Co-authored by Rapid7 analysts Tyler McGraw, Thomas Elkins, and Evan McCann Executive Summary Rapid7 has identified an ongoing social engineering campaign that has been targeting multiple managed detection and response MDR customers. The incident involves a threat actor overwhelming a user's emai...

The vulnerability of the Encryption endpoint protection software, the threat detection and prevention software, and the Dell Endpoint Security Suite Enterprise and Dell Security Management Server – all of which are related to access control deficiencies – allow attackers to increase their privileges.

The vulnerability of the Encryption endpoint protection software, the threat detection and response software, and the Dell Endpoint Security Suite Enterprise and Dell Security Management Server related to security management are related to access control deficiencies. Exploiting this vulnerabilit...

CVE-2023-42463 wazuh-logcollector integer underflow local privilege escalation

Wazuh is a free and open source platform used for threat prevention, detection, and response. This bug introduced a stack overflow hazard that could allow a local privilege escalation. This vulnerability was patched in version 4.5.3...