15 matches found
Malicious Package
Overview request-sentry is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2024-40325
Malicious code in bioql PyPI...
Mars: [XSS] Reflected XSS via POST request in (███████)
A reflected Cross-Site Scripting XSS vulnerability was identified in the celular parameter of a POST request to the homepage of a Mars-owned website. The vulnerability was classified as medium severity with a CVSS score of 6.2. The application failed to properly sanitize user input before renderi...
Modernizing Your VM Program with Rapid7 Exposure Command: A Path to Effective Continuous Threat Exposure Management
In today’s threat landscape, where cyber-attacks are increasingly sophisticated and pervasive, organizations face the daunting challenge of securing a constantly expanding attack surface. Traditional vulnerability management VM programs, while necessary, are no longer sufficient on their own. The...
Application Security Posture Management
Accelerating the Remediation of Vulnerabilities From Code To Cloud Written by Eric Sheridan, Chief Innovation Officer, Tromzo In this guest blog post by Eric Sheridan, Chief Innovation Officer at valued Rapid7 partner Tromzo, you’ll learn how Rapid7 customers can utilize ASPM solutions to...
Western Digital confirms breach, affects My Cloud and SanDisk users
Western Digital, a big brand in digital storage, says it has suffered a "network security incident--potentially ransomware--which resulted in a breach and some system disruptions in its business operations. The company identified the incident on March 26 and said an unnamed third party unlawfully...
Threat Exposure Management: An Overview
In recent years, the threat landscape has rapidly evolved, resulting in a growing number of cyber security incidents. This has led organizations to focus on the effective management of their threat exposure, as a means of mitigating the risk of cyber attacks. Threat exposure management is a...
Rapid7 Announces Improvements to Goals and SLAs in InsightVM
We know that proving the efficacy of your vulnerability management program is no easy task. But with the Goals and SLAs feature in InsightVM, you can ensure you’re making and tracking progress toward your goals and service-level agreements SLAs at an appropriate place, as well as maintaining...
Four More Years… of Remediation
Last week, I read a blog from Brian Krebs about how a recent study showed that ransomware data breaches at hospitals are tied to an uptick in fatal heart attacks. Whenever I see an article with “fatal” and “cyber” in the title, I usually use it as a proof point for why we need less FUD in the...
Top 5 Threat Hunting Myths: “Threat Hunting Isn’t Worth My Time”
The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...
CGI bugs
No description provided...
CVE-2023-3929
...
CVE-2025-32757
CVE-2025-32757 entry is rejected/not used and does not represent an active vulnerability entry.
CVE-2025-32772
...
CVE-2022-23914
...