Lucene search
K

349 matches found

The Hacker News
The Hacker News
added 2 days ago19 views

Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

A critical flaw in Google's Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud project. From there, they could read live conversations, steal the data users shared, and make the bots send...

6.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 4:50 p.m.7 views

Malicious code in @lexisnexisrisk/insider-threat-platform (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dae189d0977c5458ccfe6ac903cf5014acf0e73277c22ad68edf683813066398 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2026/06/17 6:35 p.m.14 views

EUVD-2025-210211

Netskope is notified about a potential gap in its Netskoped Client for Windows systems where a malicious insider with admin privileges can lead to bypassing the NSClient Tamper Protections due to weak Discretionary Access Control List DACLs on the service object and related registry keys,. Produc...

6.8CVSS5.3AI score0.00143EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/23 12:0 a.m.10 views

OrgForge-IT: A Verifiable Synthetic Benchmark for LLM-Based Insider Threat Detection

Synthetic insider threat benchmarks face a consistency problem: corpora generated without an external factual constraint cannot rule out cross-artifact contradictions. The CERT dataset -- the field's canonical benchmark -- is also static, lacks cross-surface correlation scenarios, and predates th...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/22 12:0 a.m.13 views

Hardening Confidential Federated Compute against Side-Channel Attacks

In this work, we identify a set of side-channels in our Confidential Federated Compute platform that a hypothetical insider could exploit to circumvent differential privacy DP guarantees. We show how DP can mitigate two of the side-channels, one of which has been implemented in our open-source...

5.7AI score
Exploits0
EUVD
EUVD
added 2026/02/26 10:36 p.m.6 views

EUVD-2026-8913

hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. user-environments.resolver.ts:82-109, updateUserEnvironment mutation uses @UseGuardsGqlAuthGuard but is missing the @GqlUser...

8.3CVSS5.6AI score0.00394EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/02/04 12:0 a.m.4 views

Availability Attacks without an Adversary: Evidence from Enterprise LANs

Denial-of-Service DoS conditions in enterprise networks are commonly attributed to malicious actors. However, availability can also be compromised by benign non-malicious insider behavior. This paper presents an empirical study of a production enterprise LAN that demonstrates how routine docking...

5.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-6470

Summary RustFS logs sensitive credential material access key, secret key, session token to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be accessible to internal or external log consumers and could lead to compromise of sensitive...

6.9CVSS5.5AI score
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.23 views

CISA: Assembling a Multi-Disciplinary Insider Threat Management Team

In CISA's continuing work to strengthen infrastructure security, the Assembling a Multi-Disciplinary Insider Threat Management Team infographic aims to enhance the awareness of critical infrastructure stakeholders regarding insider threats, the potential damage they can inflict, and the steps...

5.9AI score
Exploits0
NCSC
NCSC
added 2026/01/13 7:17 p.m.7 views

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed a vulnerability in SQL Server A malicious party can exploit the vulnerability to gain unauthorized access to DEBUG functionality and thereby generate, among other things, memory dumps. These dumps can also involve memory outside the scope of SQL Server, allowing the malicious...

7.2CVSS7.4AI score0.01242EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/10 12:0 a.m.7 views

Behavioral Analytics for Continuous Insider Threat Detection in Zero-Trust Architectures

Insider threats are a particularly tricky cybersecurity issue, especially in zero-trust architectures ZTA where implicit trust is removed. Although the rule of thumb is never trust, always verify, attackers can still use legitimate credentials and impersonate the standard user activity. In...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.8 views

CVE-2020-10655

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The...

9.8CVSS7.7AI score0.02582EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.9 views

CVE-2020-10656

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. Th...

9.8CVSS7.7AI score0.02582EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/01/05 12:0 a.m.5 views

Integrating Multi-Agent Simulation, Behavioral Forensics, and Trust-Aware Machine Learning for Adaptive Insider Threat Detection

We present a hybrid framework for adaptive insider-threat detection that tightly integrates multi-agent simulation MAS, layered Security Information and Event Management SIEM correlation, behavioral and communication forensics, trust-aware machine learning, and Theory-of-Mind ToM reasoning...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/26 12:2 p.m.4 views

IoT Hack

Someone hacked an Italian ferry. It looks like the malware was installed by someone on the ferry, and not remotely...

7.1AI score
Exploits0
HackRead
HackRead
added 2025/12/22 11:44 a.m.9 views

Insider Threat: Hackers Paying Company Insiders to Bypass Security

A new report from Check Point Research reveals a growing trend of cyber criminals recruiting employees at banks, telecoms, and tech giants. Learn how hackers use the darknet and Telegram to offer payouts up to $15,000 for internal access to companies like Apple, Coinbase, and the Federal Reserve...

6.9AI score
Exploits0
OSV
OSV
added 2025/12/19 4:24 p.m.5 views

CVE-2025-58052 Galette has groups managers access control bypass on Members

Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since it requires...

5.3CVSS6.7AI score0.00271EPSS
Exploits1References3
Wallarm Lab
Wallarm Lab
added 2025/12/11 2:54 p.m.7 views

2026 API and AI Security Predictions: What Experts Expect in the Year Ahead

This is a predictions blog. We know, we know; everyone does them, and they can get a bit same-y. Chances are, you’re already bored with reading them. So, we’ve decided to do things a little bit differently this year. Instead of bombarding you with just our own predictions, we’ve decided to cast t...

8.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/04 7:5 p.m.15 views

CVE-2025-8558

Insider Threat Management ITM Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated users on an adjacent network to perform agent unregistration when the number of registered agents exceeds the licensed limit. Successful exploitation prevents t...

5.4CVSS6.8AI score0.00598EPSS
Exploits0References1
OSV
OSV
added 2025/11/03 7:16 p.m.4 views

CVE-2025-8558

Insider Threat Management ITM Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated users on an adjacent network to perform agent unregistration when the number of registered agents exceeds the licensed limit. Successful exploitation prevents t...

5.4CVSS5.8AI score0.00598EPSS
Exploits0References1
Rows per page
Query Builder