Lucene search
+L

12 matches found

packetstormnews
packetstormnews
added 2026/04/27 12:0 a.m.8 views

Poster: ClawdGo: Endogenous Security Awareness Training for Autonomous AI Agents

Autonomous AI agents deployed on platforms such as OpenClaw face prompt injection, memory poisoning, supply-chain attacks, and social engineering, yet existing defences address only the platform perimeter, leaving the agent's own threat judgement entirely untrained. We present ClawdGo, a framewor...

5.4AI score
Exploits0
rapid7blog
rapid7blog
added 2025/10/16 1:0 p.m.6 views

When the Call Comes from Inside: The Rising Threat of Insider Recruitment in Ransomware Campaigns

In cybersecurity, we often say that attackers only need to be right once – and defenders need to be right every time. Traditionally, we’ve focused on perimeter breaches, phishing campaigns, and zero-day exploits. But increasingly, attackers are bypassing these hardened defenses and taking a...

7.1AI score
Exploits0
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-57853

Malicious code in bioql PyPI...

7.6CVSS6.7AI score0.00332EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-48645

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00238EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 6:39 a.m.8 views

CVE-2024-28058

In RSA NetWitness NW Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data...

7.5CVSS6.8AI score0.00357EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/04/09 12:0 a.m.5 views

PT-2025-19288 · Оао 'Инфотекс' · Vipnet Client

Уязвимость механизма обновления программно-аппаратного комплекса защиты информации ViPNet Client 4 связана с недостаточным количеством проверок легитимности конверта обновления, распространяемого по транспортному протоколу mftp. Эксплуатация уязвимости возможна только для внутреннего нарушителя,...

1CVSS7.3AI score
Exploits0References3
nvd
nvd
added 2024/11/18 3:15 p.m.21 views

CVE-2024-28058

In RSA NetWitness NW Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data...

7.5CVSS0.00357EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/11/18 12:0 a.m.12 views

CVE-2024-28058

In RSA NetWitness NW Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data...

6.8AI score0.00357EPSS
Exploits0References2
cve
cve
added 2024/11/18 12:0 a.m.63 views

CVE-2024-28058

The CVE affects RSA NetWitness Platform prior to 12.5.1. Description and connected sources indicate that even after an administrator revokes a user’s access with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data. This is ...

7.5CVSS6.9AI score0.00357EPSS
Exploits0References2
cvelist
cvelist
added 2024/11/18 12:0 a.m.22 views

CVE-2024-28058

In RSA NetWitness NW Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data...

0.00357EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2023/12/11 12:0 a.m.7 views

The vulnerability of software for internal threat modeling in the AXIS Security Development Model of the operating system AXIS OS, due to deficiencies in access control, allows attackers to circumvent existing security restrictions.

The software vulnerability for internal threat modeling is a flaw in Axis Security’s operating system development model. Exploiting this vulnerability allows a remote attacker to bypass existing security restrictions...

7.6CVSS6.7AI score0.00332EPSS
Exploits0References3Affected Software1
kitploit
kitploit
added 2020/08/14 12:30 p.m.110 views

DAGOBAH - Open Source Tool To Generate Internal Threat Intelligence, Inventory & Compliance Data From AWS Resources

Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check from different AWS resources. Dagobah collects information and save the state into an elasticsearch index. Dagobah runs into the a LAMBDA and looks a...

6.9AI score
Exploits0References1
Rows per page
Query Builder