DEBIAN-CVE-2025-27236

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...

CVE-2025-27236

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...

UBUNTU-CVE-2025-27236

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...

CVE-2025-27236

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...

CVE-2025-27236 User information disclosure via api_jsonrpc.php on method user.get with param search

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...

CVE-2025-27236 User information disclosure via api_jsonrpc.php on method user.get with param search

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...

Zabbix 安全漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A security vulnerability exists in Zabbix that stems from the ability for a user to search for other users in a user group and select...

PT-2025-40513

Name of the Vulnerable Software and Affected Versions Zabbix affected versions not specified Description A regular user can search for other users within their user group through the Zabbix API and access fields they are not authorized to view. This enables the extraction of data from fields the...

Cyber Threat Hunting: Non-Parametric Mining of Attack Patterns from Cyber Threat Intelligence for Precise Threats Attribution

With the ever-changing landscape of cyber threats, identifying their origin has become paramount, surpassing the simple task of attack classification. Cyber threat attribution gives security analysts the insights they need to device effective threat mitigation strategies. Such strategies empower...

Linux Distros Unpatched Vulnerability : CVE-2014-6251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large...

Forecasting Future DDoS Attacks Using Long Short Term Memory (LSTM) Model

This paper forecasts future Distributed Denial of Service DDoS attacks using deep learning models. Although several studies address forecasting DDoS attacks, they remain relatively limited compared to detection-focused research. By studying the current trends and forecasting based on newer and...

FALCON: Autonomous Cyber Threat Intelligence Mining with LLMs for IDS Rule Generation

Signature-based Intrusion Detection Systems IDS detect malicious activities by matching network or host activity against predefined rules. These rules are derived from extensive Cyber Threat Intelligence CTI, which includes attack signatures and behavioral patterns obtained through automated tool...

INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown

INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. "The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for...

Malicious code in sjtu-sesansijiu-data-mining (npm)

The package sjtu-sesansijiu-data-mining was found to contain malicious code...

MAL-2025-33353 Malicious code in sjtu-sesansijiu-data-mining (npm)

The package sjtu-sesansijiu-data-mining was found to contain malicious code...

SUSE CVE-2020-26240

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate PoW in an upcoming epoch estimated early January, 2021. This happened on the ETC chain on...

Attack Pattern Mining to Discover Hidden Threats to Industrial Control Systems

This work focuses on validation of attack pattern mining in the context of Industrial Control System ICS security. A comprehensive security assessment of an ICS requires generating a large and variety of attack patterns. For this purpose we have proposed a data driven technique to generate attack...

GPU in the Blind Spot: Overlooked Security Risks in Transportation

Graphics processing units GPUs are becoming an essential part of the intelligent transportation system ITS for enabling video-based and artificial intelligence AI based applications. GPUs provide high-throughput and energy-efficient computing for tasks like sensor fusion and roadside video...

Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aqua, respectively...

Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware

The threat actor behind the exploitation of vulnerable Craft Content Management System CMS instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been attributed to a threat actor tracked as Mimo aka Hezb, which has a long history of leveragin...