Lucene search
K

716 matches found

hivepro
hivepro
added 2026/04/09 3:40 a.m.4 views

Cybersecurity Metrics Every CISO Should Report to the Board

Cybersecurity Metrics Every CISO Should Report to the Board After twenty years of leading security teams and presenting to boards at companies like Tripwire and RiskIQ, I can tell you this: the metrics that matter to your SOC team are not the metrics that matter in the boardroom. Boards do not wa...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.4 views

Comprehensive List of User Deception Techniques in Emails

Email remains a central communication medium, yet its long-standing design and interface conventions continue to enable deceptive attacks. This research note presents a structured list of 42 email-based deception techniques, documented with 64 concrete example implementations, organized around th...

5.9AI score
Exploits0
HackRead
HackRead
added 2026/03/31 11:36 a.m.6 views

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately...

9.8CVSS6.1AI score0.02246EPSS
Exploits0
F5 Networks
F5 Networks
added 2026/03/27 5:53 p.m.7 views

K000160486: Indicators of Compromise for c05d5254

Topic This article provides the known indicators of compromise IOCs associated with malicious software c05d5254 and related activity, and actions to take if IOCs are discovered. Important : Customers that were using BIG-IP APM on a vulnerable version at any point in time regardless of current...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/19 3:0 p.m.5 views

When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures

In this article 1. A wide range of tax-themed campaigns 2. How to protect users and organization against tax-themed campaigns 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise During tax season, threat actors reliably take advantage of the urgency and familiarity of...

6AI score
Exploits0
OSV
OSV
added 2026/03/16 3:14 p.m.2 views

GHSA-5H2M-4Q8J-PQPJ FastMCP OAuth Proxy token reuse across MCP servers

While testing the OAuth Proxy implementation, it was noticed that the server does not properly respect the resource parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for this MCP server, the token is issued for the baseurl passed to...

7.4CVSS5.9AI score0.00358EPSS
Exploits1References3
Rapid7 Blog
Rapid7 Blog
added 2026/03/11 5:31 p.m.12 views

Rapid7 Detection Coverage for Iran-Linked Cyber Activity

The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent published advisories, this communication is intended to outline and summarize the detection and enrichment coverage available to Rapid7 customers, broadl...

10CVSS7.4AI score0.97673EPSS
Exploits59
Packet Storm News
Packet Storm News
added 2026/03/08 12:0 a.m.3 views

Post-Quantum Federated Learning: Secure and Scalable Threat Intelligence for Collaborative Cyber Defense

Collaborative threat intelligence via federated learning FL faces critical risks from quantum computing, which can compromise classical encryption methods. This study proposes a quantum-secure FL framework using post-quantum cryptography PQC to protect cross-organizational data sharing. We expose...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/05 12:0 a.m.3 views

Cyber Threat Intelligence for Artificial Intelligence Systems

As artificial intelligence AI becomes deeply embedded in critical services and everyday products, it is increasingly exposed to security threats which traditional cyber defenses were not designed to handle. In this paper, we investigate how cyber threat intelligence CTI may evolve to address...

5.8AI score
Exploits0
Trellix
Trellix
added 2026/03/05 12:0 a.m.8 views

The Iranian Cyber Capability 2026

The Iranian Cyber Capability 2026 By John Fokker and Ernesto Fernández Provecho · March 5, 2026 Introduction In 2024, we published an assessment of the Islamic Republic of Iran’s cyber capabilities, outlining the structure, tradecraft, and strategic intent of Iranian-aligned threat actors. The co...

7CVSS8.8AI score0.68202EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/02/26 4:57 p.m.171 views

Exploit for Deserialization of Untrusted Data in Facebook React

VPS Continuous Scanner A lightweight orchestrator and worker...

10CVSS7.8AI score0.99562EPSS
Exploits373
Rapid7 Blog
Rapid7 Blog
added 2026/02/25 1:56 p.m.14 views

The Post-RAMP Era: Allegations, Fragmentation, and the Rebuilding of the Ransomware Underground

Executive summary The January 2026 seizure of RAMP disrupted a major ransomware coordination hub, but it did not dismantle the ecosystem behind it. Instead, it destabilized trust and accelerated fragmentation across the underground. Rather than consolidating around a single successor, ransomware...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.4 views

An Explainable Memory Forensics Approach for Malware Analysis

Memory forensics is an effective methodology for analyzing living-off-the-land malware, including threats that employ evasion, obfuscation, anti-analysis, and steganographic techniques. By capturing volatile system state, memory analysis enables the recovery of transient artifacts such as decrypt...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/20 12:0 a.m.7 views

Increase in Malware Enabled ATM Jackpotting Incidents across United States

The Federal Bureau of Investigation FBI is releasing this FLASH to disseminate indicators of compromise IOCs and technical details associated with malware enabled ATM jackpotting. Threat actors exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a...

5.5AI score
Exploits0
Circl
Circl
added 2026/02/19 6:0 p.m.7 views

CVE-2026-26339

creationtimestamp| type| source ---|---|--- 2026-02-19 18:00:22+00:00| seen| https://infosec.exchange/users/offseq/statuses/116098598316831047 2026-02-19 18:00:24+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mfa6e43u5v22 2026-02-19 19:00:19+00:00| seen|...

9.8CVSS5.1AI score0.00544EPSS
Exploits0References3
Circl
Circl
added 2026/02/19 5:16 p.m.4 views

CVE-2025-4521

creationtimestamp| type| source ---|---|--- 2026-02-19 17:16:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfa3vuahhi2d 2026-02-19 17:16:50+00:00| seen| https://mastodon.social/ap/users/115755483699003887/statuses/116098424956279178...

8.8CVSS5.1AI score0.00281EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/02/18 12:0 a.m.10 views

Mind the Gap: Evaluating LLMs for High-Level Malicious Package Detection Vs. Fine-Grained Indicator Identification

The prevalence of malicious packages in open-source repositories, such as PyPI, poses a critical threat to the software supply chain. While Large Language Models LLMs have emerged as a promising tool for automated security tasks, their effectiveness in detecting malicious packages and indicators...

5.7AI score
Exploits0
Circl
Circl
added 2026/02/10 11:2 a.m.23 views

CVE-2026-23719

creationtimestamp| type| source ---|---|--- 2026-02-10 11:02:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meisrzjx7l23 2026-02-10 11:05:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116046004981475748 2026-02-17 11:00:00+00:00| seen|...

7.8CVSS5.1AI score0.00131EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/02/10 4:28 a.m.176 views

Exploit for PHP Remote File Inclusion in Synacor Zimbra_Collaboration_Suite

CVE-2025-68645 — Zimbra Classic UI LFI Defender Pack This r...

8.8CVSS5.5AI score0.31769EPSS
Exploits5
GithubExploit
GithubExploit
added 2026/02/03 2:2 p.m.171 views

Exploit for Deserialization of Untrusted Data in Facebook React

RSC Sentinel CVE-2025-55182 Next.js / React Server Components...

10CVSS5.7AI score0.99562EPSS
Exploits373
Rows per page
Query Builder