6727 matches found
Zafran vs Hive Pro: A Fair CTEM Comparison
CTEM coverage claims sound similar until teams compare how exposure evidence becomes action. A fair platform decision hinges on discovery, validation, intelligence, and the remediation model already in place. Comparing CTEM platforms now? Book a Hive Pro demo to assess integrated discovery,...
Exploit-Databases
💥 Exploits Database & PoC Resources Koleksi exploit databas...
SECUREVENT: Hybrid AI/ML Security Monitoring for Distributed Event-Based Systems
Distributed event-based systems have become a common substrate for Internet-scale publish/subscribe services, IoT telemetry, cloud-native microservices, and security operations pipelines. Their loose coupling and asynchronous delivery improve scalability, but they also expand the attack surface:...
nanobot 代码问题漏洞
Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained code vulnerabilities. These vulnerabilities stemmed from issues with server-side request forgeing in the webFetch tool. This could allow remote attackers to access...
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks. The bot network, per the Dutch Politie and the National Cyber Security Center NCSC, consisted of at lea...
GCVE: A Decentralized Model for Vulnerability Identification, Publication, and Operational Enrichment
The Global CVE initiative GCVE proposes a decentralized, open, and extensible model for vulnerability identification, publication, and enrichment. It addresses a gap in today's vulnerability ecosystem: centralized systems provide rigorous control and widely recognized identifiers, while many...
Wordfence Bug Bounty Program Monthly Report – March 2026
In March 2026, the Wordfence Bug Bounty Program received 1718 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfence Threat...
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
As threats become more coordinated and faster to execute, endpoint protection has become the proving ground for modern defense. For the seventh consecutive time, Microsoft has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. We believe this reflects both the...
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
As threats become more coordinated and faster to execute, endpoint protection has become the proving ground for modern defense. For the seventh consecutive time, Microsoft has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. We believe this reflects both the...
CVE-2026-45619
WWBN AVideo is an open source video platform. In 29.0 and earlier, EpgParser.php, plugin/AI/receiveAsync.json.php, and other locations do not use the $resolvedIP out-param of isSSRFSafeURL for DNS pinning via CURLOPTRESOLVE, opening DNS-rebinding TOCTOU...
New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone,...
CTI-Transmute 安全漏洞
CTI-Transmute is an open-source network threat intelligence format conversion service developed by the MISP Project. CTI-Transmute has a security vulnerability. This vulnerability stems from the fact that the notification messages in the notification panel contain transition names that are...
OWASP FinBot CTF 0.2
FinBot is an Agentic AI security CTF platform from OWASP. Interact with AI agents, exploit real vulnerabilities, and learn to secure agentic systems. All from your browser...
Can Big Data Predict Market Movements Accurately?
Can Big Data predict markets? Learn how AI, investor behavior, and digital signals shape modern forecasting across stocks and crypto trends...
UBUNTU-CVE-2026-4868
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that, under certain conditions, could have allowed an authenticated user to cause specific Duo AI workflows to run under another user's identity due to imprope...
watch-tower
OT/ICS Threat Intelligence Lab Local threat intelligence lab...
Evidence at the Moment of Attack. Answers at AI Speed.
Wiz Sensor Forensics is now generally available - automatically capturing forensic artifacts at the moment of detection and using AI to accelerate investigation for SOC and IR teams...
Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystem
We analyzed 3,984 AI agent skills from major marketplaces and found 76 confirmed malicious payloads, including credential theft, backdoor installation, and data exfiltration. 13.4% of all skills contain at least one critical-level security issue and at least 8 manually confirmed malicious skills...
From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. References 4. Learn more Microsoft Defender Experts identified an active cryptojacking campaign in which malicious download sites are surfaced not only through traditional search engine poisoning, but also through A...
CVE-2026-9582
A security flaw has been discovered in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This affects an unknown function. Performing a manipulation results in cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been released ...