12 matches found
Poster: ClawdGo: Endogenous Security Awareness Training for Autonomous AI Agents
Autonomous AI agents deployed on platforms such as OpenClaw face prompt injection, memory poisoning, supply-chain attacks, and social engineering, yet existing defences address only the platform perimeter, leaving the agent's own threat judgement entirely untrained. We present ClawdGo, a framewor...
When the Call Comes from Inside: The Rising Threat of Insider Recruitment in Ransomware Campaigns
In cybersecurity, we often say that attackers only need to be right once – and defenders need to be right every time. Traditionally, we’ve focused on perimeter breaches, phishing campaigns, and zero-day exploits. But increasingly, attackers are bypassing these hardened defenses and taking a...
EUVD-2023-57853
Malicious code in bioql PyPI...
EUVD-2024-48645
Malicious code in bioql PyPI...
CVE-2024-28058
In RSA NetWitness NW Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data...
PT-2025-19288 · Оао 'Инфотекс' · Vipnet Client
Уязвимость механизма обновления программно-аппаратного комплекса защиты информации ViPNet Client 4 связана с недостаточным количеством проверок легитимности конверта обновления, распространяемого по транспортному протоколу mftp. Эксплуатация уязвимости возможна только для внутреннего нарушителя,...
CVE-2024-28058
In RSA NetWitness NW Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data...
CVE-2024-28058
In RSA NetWitness NW Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data...
CVE-2024-28058
The CVE affects RSA NetWitness Platform prior to 12.5.1. Description and connected sources indicate that even after an administrator revokes a user’s access with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data. This is ...
CVE-2024-28058
In RSA NetWitness NW Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data...
The vulnerability of software for internal threat modeling in the AXIS Security Development Model of the operating system AXIS OS, due to deficiencies in access control, allows attackers to circumvent existing security restrictions.
The software vulnerability for internal threat modeling is a flaw in Axis Security’s operating system development model. Exploiting this vulnerability allows a remote attacker to bypass existing security restrictions...
DAGOBAH - Open Source Tool To Generate Internal Threat Intelligence, Inventory & Compliance Data From AWS Resources
Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check from different AWS resources. Dagobah collects information and save the state into an elasticsearch index. Dagobah runs into the a LAMBDA and looks a...