105 matches found
8 best practices for CISOs conducting risk reviews
The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...
Evaluating LLM-Generated Obfuscated XSS Payloads for Machine Learning-Based Detection
Cross-site scripting XSS remains a persistent web security vulnerability, especially because obfuscation can change the surface form of a malicious payload while preserving its behavior. These transformations make it difficult for traditional and machine learning-based detection systems to reliab...
CVE-2026-6612
creationtimestamp| type| source ---|---|--- 2026-04-20 08:22:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjw22gmtit2i...
EUVD-2025-208850
IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from another tenant's account...
Shopware 信息泄露漏洞
Shopware is a set of open-source e-commerce software developed by the German company Shopware GmbH. Shopware has a vulnerability related to information leakage, which stems from the exposure of activity security information through the/api/info/config route...
DOGE May Have Misused Social Security Data, DOJ Admits
Plus: The FAA blocks drones over DHS operations, Microsoft admits it hands over Bitlocker encryption keys to the cops, and more...
Why Replace Kenna with Hive Pro? A Full Comparison
If your security team is drowning in alerts and spending more time triaging than remediating, you know the old approach to vulnerability management is broken. Chasing endless CVEs and trying to stitch together data from a dozen different tools leads to burnout and leaves critical gaps in your...
6 Best Enterprise Security Platforms for 2026
If your security stack feels like a cluttered garage full of single-purpose tools, you’re not alone. You have one tool for endpoints, another for the network, and a few more for the cloud—none of which communicate effectively. This patchwork approach creates dangerous blind spots and buries your...
CVE-2024-34519
Avantra Server 24.x before 24.0.7 and 24.1.x before 24.1.1 mishandles the security of dashboards, aka XAN-5367. If a user can create a dashboard with an auto-login user, data disclosure may occur. Access control can be bypassed when there is a shared dashboard, and its auto-login user has...
CVE-2025-40759
A vulnerability has been identified in SIMATIC S7-PLCSIM V17 All versions, SIMATIC STEP 7 V17 All versions V17 Update 9, SIMATIC STEP 7 V18 All versions, SIMATIC STEP 7 V19 All versions V19 Update 4, SIMATIC STEP 7 V20 All versions V20 Update 4, SIMATIC WinCC V17 All versions V17 Update 9, SIMATI...
SUSE-SU-2025:4161-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.17 fixes various security issues The following security issues were fixed: - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow...
Fedora 43 : complyctl (2025-b527f8a1ee)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b527f8a1ee advisory. First minor release of complyctl - a new command line Interface for Fedora compliance assessment. It features a decoupled plug-in architecture for flexibilit...
EUVD-2021-25081
Malware in sbrugna...
EUVD-2016-8860
Malware in sbrugna...
EUVD-2010-3311
Malware in sbrugna...
EUVD-2016-4743
Malware in sbrugna...
EUVD-2025-2502
Malicious code in bioql PyPI...
EUVD-2024-37144
Malicious code in bioql PyPI...
EUVD-2024-0074
Malicious code in bioql PyPI...
EUVD-2025-20522
Malicious code in bioql PyPI...