ROS-20260609-73-0030

The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

CVE-2023-31998

A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices...

EUVD-2022-26884

Malicious code in bioql PyPI...

EUVD-2022-41727

Malicious code in bioql PyPI...

EUVD-2023-2963

Malicious code in bioql PyPI...

EUVD-2024-24348

Malicious code in bioql PyPI...

EUVD-2022-43907

Malicious code in bioql PyPI...

Tile Tracking Tags Can Be Exploited by Tech-Savvy Stalkers, Researchers Say

A team of researchers found that, by not encrypting the data broadcast by Tile tags, users could be vulnerable to having their location information exposed to malicious actors...

CVE-2025-10044

A flaw was found in Keycloak. Keycloak’s account console and other pages accept arbitrary text in the errordescription query parameter. This text is directly rendered in error pages without validation or sanitization. While HTML encoding prevents XSS, an attacker can craft URLs with misleading...

Trusted Data Fusion, Multi-Agent Autonomy, Autonomous Vehicles

Multi-agent collaboration enhances situational awareness in intelligence, surveillance, and reconnaissance ISR missions. Ad hoc networks of unmanned aerial vehicles UAVs allow for real-time data sharing, but they face security challenges due to their decentralized nature, making them vulnerable t...

MCP Server Tool Poisoning

Model Context Protocol MCP Server Tool Poisoning occurs when malicious actors manipulate tool configurations or metadata on a malicious MCP server. This can lead to the execution of unauthorized commands, data corruption, or the deployment of malicious tools. Such vulnerabilities are particularly...

CVE-2024-7097

WSO2 products are affected by an improper authorization vulnerability in the SOAP admin service that allows unauthenticated account creation regardless of self-registration configuration. Attackers can create arbitrary user accounts (potentially many), leading to unauthorized access and possible ...

CVE-2025-48490

CVE-2025-48490 affects the Lomkit Laravel Rest Api package (PHP). Prior to 2.13.0, the system merged validation rules across contexts (e.g., index, store, update), allowing multiple validations for the same attribute to be silently overridden. An attacker could craft requests that bypass key vali...

CVE-2024-31878

IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server SST is vulnerable to SST user enumeration by a remote attacker. This vulnerability can be used by a malicious actor to gather information about SST users that can be targeted in further attacks. IBM X-Force ID: 287538...

CVE-2025-22225

VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox...

Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme

Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence GenAI services in order to produce offensive and harmful content. The campaign, called LLMjacking, ha...

CVE-2023-24012

CVE-2023-24012 describes a vulnerability in the Data Distribution Service (DDS) chain of trust where an attacker can craft malicious DDS Participants or ROS 2 Nodes with valid certificates to take full control of a secure DDS databus. The root cause is a non-compliant implementation of permission...

Exploring vulnerable Windows drivers

This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver BYOVD technique along with Cisco Talos' series of posts about malicious Windows drivers. Some of this research was presented at the AVAR conference in Chennai at the beginning of December...

BIT-NODE-MIN-2024-22018

A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve...

CVE-2024-53860 Potential Abuse for Sending Arbitrary Emails in sp-php-email-handler

sp-php-email-handler is a PHP package for handling contact form submissions. Messages sent using this script are vulnerable to abuse, as the script allows anybody to specify arbitrary email recipients and include user-provided content in confirmation emails. This could enable malicious actors to...