342 matches found
Malicious code in security-alerts-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f881805b709189d00bc52dc57c407bfecdae44fb343f92634a301c31525f6b0 Despite advertising itself as a breach-monitoring SDK, this package executes a remote-access trojan and credential harvester against any installer th...
MAL-2026-6327 Malicious code in security-alerts-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f881805b709189d00bc52dc57c407bfecdae44fb343f92634a301c31525f6b0 Despite advertising itself as a breach-monitoring SDK, this package executes a remote-access trojan and credential harvester against any installer th...
CVE-2026-56784 OpenRemote < 1.25.0 IDOR via Bulk Alarm Deletion Endpoint
OpenRemote before 1.25.0 contains an insecure direct object reference IDOR vulnerability in the bulk alarm deletion endpoint that allows authenticated users to permanently delete alarms belonging to other tenants by supplying arbitrary alarm IDs. The removeAlarms method in AlarmResourceImpl.java...
The Hidden Security Risk in Modern Networks: The Work Between Tools
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...
CVE-2026-2128
creationtimestamp| type| source ---|---|--- 2026-05-28 20:16:19+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-2128 2026-05-29 09:54:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmybdofzag2e 2026-06-04 06:16:27+00:00| seen|...
Real-Time Webhook Notifications: No More Lost Security Alerts
Every security team knows the pain: a critical alert lands in someone’s inbox, buried under dozens of other emails, or filtered out by a spam rule. By the time anyone sees it, the incident is already in full swing—no ticket opened, no Slack message sent, no automated workflow triggered. The...
CVE-2026-41096
creationtimestamp| type| source ---|---|--- 2026-05-12 11:57:43+00:00| seen| https://nsm.no/fagomrader/digital-sikkerhet/nasjonalt-cybersikkerhetssenter/varsler-fra-nsm/microsoft-patchetirsdag-mai 2026-05-12 15:52:42+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0141 2026-05-12...
CAM-LDS: Cyber Attack Manifestations for Automatic Interpretation of System Logs and Security Alerts
Log data are essential for intrusion detection and forensic investigations. However, manual log analysis is tedious due to high data volumes, heterogeneous event formats, and unstructured messages. Even though many automated methods for log analysis exist, they usually still rely on domain-specif...
CVE-2026-3343
creationtimestamp| type| source ---|---|--- 2026-03-03 13:49:00+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/watchguard-security-advisory-av26-189 2026-03-03 16:06:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg65lt5b7l24...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50095)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50095 advisory. - xfrm: delete x-tunnel as we delete x Sabrina Dubroca Orabug: 38933003 CVE-2025-40215 - mptcp: fix race condition in mptcpschedulework Eric Dumaz...
Malwarebytes for Mac now has smarter, deeper scans
Say hello to the upgraded Malwarebytes for Mac —now with more robust protection, more control, and the same trusted defense you count on every day. We’ve given our Mac scan engine a serious intelligence boost, so it thinks faster and digs deeper. The new enhanced scan searches across more of your...
kernel: sunrpc: fix client side handling of tls alerts
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...
kernel: sunrpc: fix handling of server side tls alerts
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tlsalertrecv due to its assumption it can read data from the msg iterator's kvec.. kTLS implementation splits TLS non-da...
SUSE-SU-2025:3755-1 Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002350 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
AlmaLinux 10 : kernel (ALSA-2025:16354)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:16354 advisory. kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length CVE-2025-37810 kernel: sunrpc: fix handling of server side tls...
EUVD-2020-4128
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2025-38571
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over...
CVE-2025-38571
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...
UBUNTU-CVE-2025-38571
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...
CVE-2025-38571
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...