CVE-2026-31634

The CVE-2026-31634 item concerns the Linux kernel rxrpc subsystem. Affected component: rxrpc_server_keyring() within the rxrpc code path. Root cause: a reference count leak that could occur if the code path handles security pointers improperly. The provided patch fixes the leak by adding a check ...

PT-2026-34986

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the rxrpc server keyring function. This issue occurs because the system fails to check if rx-securities is already set before proceeding. Recommendations...

Needles in a Haystack: Using Forensic Network Science to Uncover Insider Trading

Although the automation and digitisation of anti-financial crime investigation has made significant progress in recent years, detecting insider trading remains a unique challenge, partly due to the limited availability of labelled data. To address this challenge, we propose using a data-driven...

SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny

The U.S. Securities and Exchange Commission SEC has abandoned its lawsuit against SolarWinds and its chief information security officer, alleging that the company had misled investors about the security practices that led to the 2020 supply chain attack. In a joint motion filed November 20, 2025,...

Navigating SEBI’s Cloud Security Requirements: A Guide for Regulated Entities

Overview: Who is impacted: The Securities and Exchange Board of India SEBI is the primary regulatory authority for the securities market in India. It was established to protect investor interests and promote market development, but its guidelines also impact cybersecurity professionals at regulat...

CVE-2025-49399 WordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms allows Cross Site Request Forgery. This issue affects NEX-Forms: from n/a through 9.1.3...

SEC Charges 4 Companies Over Misleading SolarWinds Cyber Attack Disclosures

The U.S. Securities and Exchange Commission SEC has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies – Avaya, Check Point, Mimecast,...

U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails

The U.S. Department of Justice DoJ has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges related ...

Exploit for Path Traversal in Oracle Weblogic_Server

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

Exploit for Improper Authentication in Papercut Papercut_Ng

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

Exploit for Insecure Default Initialization of Resource in Apache Superset

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

Social media influencers targeted by identity thieves

Social media influencers are attractive targets for identity thieves. With large followings and a literal influence on their followers, its no wonder they are targeted by scammers and spreaders of fake news. A subset of influencers are the so-called "finfluencers": influencers that provide their...

SolarWinds and its CISO accused of misleading investors before major cyberattack

The Securities and Exchange Commission SEC has announced charges against software company SolarWinds Corporation and its chief information security officer CISO, Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.” In 202...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2023-4966 An Exploitation script developed to exploit the...

docs.mbsecurities.ca Cross Site Scripting vulnerability OBB-3663631

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

docs.mbsecurities.ca Cross Site Scripting vulnerability OBB-3610746

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

docs.mbsecurities.ca Cross Site Scripting vulnerability OBB-3341915

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Nick Weaver on Regulating Cryptocurrency

Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space--with all existing regulations. His conclusion: Regulators, especially regulators in the United States, often fear accusations of stifling innovation. As such, the cryptocurrency space...

SEC Charges 8 Social Media Influencers Over Securities Fraud

By Habiba Rashid According to the SEC, the accused used Twitter and Discord to carry out a securities fraud scheme, garnering approximately $114 million from it. This is a post from HackRead.com Read the original post: SEC Charges 8 Social Media Influencers Over Securities Fraud...

Kim Kardashian gets huge fine for crypto ad

The Securities and Exchange Commission SEC announced in a recent press release that it's charging celebrity influencer Kim Kardashian for violating Section 17b of the Securities Act of 1933, or the anti-touting provision. Kardashian was paid to promote EthereumMax or EMAX, a crypto asset security...