71 matches found
Eclipse Che Machine-Exec WebSocket Service Exposure Detector
This Python script is a lightweight security detection tool designed to identify potentially exposed or misconfigured machine-exec WebSocket services associated with Eclipse Che running on port 3333...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell Scanner – CVE-2025-55182 🔐 Ferramenta educacion...
Silent Pivot: Detecting Fileless Lateral Movement via Service Manager with Trellix NDR
Silent Pivot: Detecting Fileless Lateral Movement via Service Manager with Trellix NDR By Maulik Maheta and Lishoy Mathew · September 8, 2025 Executive summary The tactics of cyber adversaries continue to evolve as they attempt to bypass security vendors. Rather than traditional malware, today’s...
GHSA-8MX3-GP3P-VGG7
creationtimestamp| type| source ---|---|--- 2025-07-16 05:00:07+00:00| seen| https://gist.github.com/safer-bot/3dcff2aa616dcde9ac2ac8aefaa3438b 2025-07-16 16:06:16+00:00| seen| https://gist.github.com/safer-bot/315612cf6371bc59c08bf1d8656dc747...
Securing Mixed Rust with Hardware Capabilities
The Rust programming language enforces three basic Rust principles, namely ownership, borrowing, and AXM Aliasing Xor Mutability to prevent security bugs such as memory safety violations and data races. However, Rust projects often have mixed code, i.e., code that also uses unsafe Rust, FFI Forei...
MAL-2025-4198 Malicious code in t43est-hello-user-test-npm-com-test (npm)
--- -= Per source details. Do not edit below this line.=-...
Username Disclosure
Web Applications can sometimes expose web applications users in various places such as HTML comments, JavaScript code or API requests. By leveraging this information, an attacker can gather information and build further attacks against the target application. No source data...
CVE-2023-42455 Wazuh vulnerable to user privilege escalation
Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools. This allows a logged user to the dashboard to become administrator of the AP...
Malicious PyPI Packages Using Compiled Python Code to Bypass Detection
Researchers have discovered a novel attack on the Python Package Index PyPI repository that employs compiled Python code to sidestep detection by application security tools. "It may be the first supply chain attack to take advantage of the fact that Python bytecode PYC files can be directly...
CloudGoat detection_evasion Scenario: Avoiding AWS Security Detection and Response
The post CloudGoat detectionevasion Scenario: Avoiding AWS Security Detection and Response appeared first on Rhino Security Labs...
Natural Language Processing and “Mindful” AI Drive More Sophisticated Bad Bot Attacks
The evolution from human to bot attacks Over the last several years of my career in cyber security, I have been fortunate to work with professionals who researched and developed new cyber security detection and prevention solutions that block high-end cyber attacks. Initially, these attacks were...
Exploit for Code Injection in Vmware Spring_Framework
CVE-2022-22965-POC CVE-2022-22965 Spring Core batch detectio...
North Korean Hackers Return with Stealthier Variant of KONNI RAT Malware
A cyberespionage group with ties to North Korea has resurfaced with a stealthier variant of its remote access trojan called Konni to attack political institutions located in Russia and South Korea. "The authors are constantly making code improvements," Malwarebytes researcher Roberto Santos said...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Log4J-CVE-Detect This repository contains a set of YARA rule...
BitDefender Endpoint Security Tools Detection (Windows)
Binary data bitdefenderendpointsecuritytoolsinstalled.nbin...
Symantec Endpoint Detection and Response XSS
SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec Endpoint Detection and Response SEDR product. AFFECTED PRODUCTS Symantec Endpoint Detection and Response SEDR --- CVE | Affected Versions | Remediation CVE-2019-19547 | Prior to 4.3.0 | Upgrade to 4.3...
How to check for websites hacked to run web skimming, magecart attack
By Sudais Web skimming attacks are a big thing now. This is a post from HackRead.com Read the original post: How to check for websites hacked to run web skimming, magecart attack...
LIVE555 Streaming Media Server Detection Consolidation
Consolidation of LIVE555 Streaming Media Server detections. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Rockwell SLC 500 PLC Detection
Binary data 751074.prm...
Beckhoff CX5010-1125 Industrial Computer Detection
Binary data 763574.prm...