716 matches found
Cybersecurity Metrics Every CISO Should Report to the Board
Cybersecurity Metrics Every CISO Should Report to the Board After twenty years of leading security teams and presenting to boards at companies like Tripwire and RiskIQ, I can tell you this: the metrics that matter to your SOC team are not the metrics that matter in the boardroom. Boards do not wa...
Comprehensive List of User Deception Techniques in Emails
Email remains a central communication medium, yet its long-standing design and interface conventions continue to enable deceptive attacks. This research note presents a structured list of 42 email-based deception techniques, documented with 64 concrete example implementations, organized around th...
Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild
F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately...
K000160486: Indicators of Compromise for c05d5254
Topic This article provides the known indicators of compromise IOCs associated with malicious software c05d5254 and related activity, and actions to take if IOCs are discovered. Important : Customers that were using BIG-IP APM on a vulnerable version at any point in time regardless of current...
When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures
In this article 1. A wide range of tax-themed campaigns 2. How to protect users and organization against tax-themed campaigns 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise During tax season, threat actors reliably take advantage of the urgency and familiarity of...
GHSA-5H2M-4Q8J-PQPJ FastMCP OAuth Proxy token reuse across MCP servers
While testing the OAuth Proxy implementation, it was noticed that the server does not properly respect the resource parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for this MCP server, the token is issued for the baseurl passed to...
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent published advisories, this communication is intended to outline and summarize the detection and enrichment coverage available to Rapid7 customers, broadl...
Post-Quantum Federated Learning: Secure and Scalable Threat Intelligence for Collaborative Cyber Defense
Collaborative threat intelligence via federated learning FL faces critical risks from quantum computing, which can compromise classical encryption methods. This study proposes a quantum-secure FL framework using post-quantum cryptography PQC to protect cross-organizational data sharing. We expose...
Cyber Threat Intelligence for Artificial Intelligence Systems
As artificial intelligence AI becomes deeply embedded in critical services and everyday products, it is increasingly exposed to security threats which traditional cyber defenses were not designed to handle. In this paper, we investigate how cyber threat intelligence CTI may evolve to address...
The Iranian Cyber Capability 2026
The Iranian Cyber Capability 2026 By John Fokker and Ernesto Fernández Provecho · March 5, 2026 Introduction In 2024, we published an assessment of the Islamic Republic of Iran’s cyber capabilities, outlining the structure, tradecraft, and strategic intent of Iranian-aligned threat actors. The co...
Exploit for Deserialization of Untrusted Data in Facebook React
VPS Continuous Scanner A lightweight orchestrator and worker...
The Post-RAMP Era: Allegations, Fragmentation, and the Rebuilding of the Ransomware Underground
Executive summary The January 2026 seizure of RAMP disrupted a major ransomware coordination hub, but it did not dismantle the ecosystem behind it. Instead, it destabilized trust and accelerated fragmentation across the underground. Rather than consolidating around a single successor, ransomware...
An Explainable Memory Forensics Approach for Malware Analysis
Memory forensics is an effective methodology for analyzing living-off-the-land malware, including threats that employ evasion, obfuscation, anti-analysis, and steganographic techniques. By capturing volatile system state, memory analysis enables the recovery of transient artifacts such as decrypt...
Increase in Malware Enabled ATM Jackpotting Incidents across United States
The Federal Bureau of Investigation FBI is releasing this FLASH to disseminate indicators of compromise IOCs and technical details associated with malware enabled ATM jackpotting. Threat actors exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a...
CVE-2026-26339
creationtimestamp| type| source ---|---|--- 2026-02-19 18:00:22+00:00| seen| https://infosec.exchange/users/offseq/statuses/116098598316831047 2026-02-19 18:00:24+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mfa6e43u5v22 2026-02-19 19:00:19+00:00| seen|...
CVE-2025-4521
creationtimestamp| type| source ---|---|--- 2026-02-19 17:16:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfa3vuahhi2d 2026-02-19 17:16:50+00:00| seen| https://mastodon.social/ap/users/115755483699003887/statuses/116098424956279178...
Mind the Gap: Evaluating LLMs for High-Level Malicious Package Detection Vs. Fine-Grained Indicator Identification
The prevalence of malicious packages in open-source repositories, such as PyPI, poses a critical threat to the software supply chain. While Large Language Models LLMs have emerged as a promising tool for automated security tasks, their effectiveness in detecting malicious packages and indicators...
CVE-2026-23719
creationtimestamp| type| source ---|---|--- 2026-02-10 11:02:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meisrzjx7l23 2026-02-10 11:05:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116046004981475748 2026-02-17 11:00:00+00:00| seen|...
Exploit for PHP Remote File Inclusion in Synacor Zimbra_Collaboration_Suite
CVE-2025-68645 — Zimbra Classic UI LFI Defender Pack This r...
Exploit for Deserialization of Untrusted Data in Facebook React
RSC Sentinel CVE-2025-55182 Next.js / React Server Components...