Lucene search
K

52 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/20 6:43 p.m.7 views

CVE-2026-9137

The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...

5.1CVSS5.7AI score0.00365EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/05 7:7 p.m.26 views

CVE-2026-32936

CVE-2026-32936 – CoreDNS DoH GET path size validation issue . In CoreDNS (prior to 1.14.3), the DNS-over-HTTPS (DoH) GET path accepts oversized dns= query parameters and performs parsing, base64 decoding, and DNS message unpacking before rejection. Unlike the POST path, there is no equivalent siz...

8.7CVSS5.7AI score0.00672EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an incorrect update of the lastgc value in the nfconncount module. This vulnerability may lead to an...

7.5CVSS7AI score0.00327EPSS
Exploits0References7
Akamai Blog
Akamai Blog
added 2025/11/18 7:0 a.m.7 views

What We Do In The Shadow (AI): New Malware Strain Vamps Up

...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/15 12:0 a.m.4 views

Human-Centered Threat Modeling in Practice: Lessons, Challenges, and Paths Forward

Human-centered threat modeling HCTM is an emerging area within security and privacy research that focuses on how people define and navigate threats in various social, cultural, and technological contexts. While researchers increasingly approach threat modeling from a human-centered perspective,...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2025/10/06 6:50 a.m.7 views

CVE-2025-58582 Uncontrolled Resource Consumption via log file

If a user tries to login but the provided credentials are incorrect a log is created. The data for this POST requests is not validated and it’s possible to send giant payloads which are then logged...

5.3CVSS0.00516EPSS
Exploits0References6
Akamai Blog
Akamai Blog
added 2025/09/08 6:0 a.m.6 views

Off Your Docker: Exposed APIs Are Targeted in New Malware Strain

...

7AI score
Exploits0
Fedora
Fedora
added 2025/04/17 7:48 p.m.12 views

[SECURITY] Fedora 41 Update: workrave-1.11.0~rc.1-1.fc41

Workrave is a program that assists in the recovery and prevention of Repetitive Strain Injury RSI. The program frequently alerts you to take micro-pauses, rest breaks and restricts you to your daily limit...

6.1CVSS6.2AI score0.00354EPSS
Exploits0
Fedora
Fedora
added 2025/04/17 7:33 p.m.11 views

[SECURITY] Fedora 40 Update: workrave-1.11.0~rc.1-1.fc40

Workrave is a program that assists in the recovery and prevention of Repetitive Strain Injury RSI. The program frequently alerts you to take micro-pauses, rest breaks and restricts you to your daily limit...

6.1CVSS6.2AI score0.00354EPSS
Exploits0
Fedora
Fedora
added 2025/04/17 7:3 p.m.7 views

[SECURITY] Fedora 42 Update: workrave-1.11.0~rc.1-1.fc42

Workrave is a program that assists in the recovery and prevention of Repetitive Strain Injury RSI. The program frequently alerts you to take micro-pauses, rest breaks and restricts you to your daily limit...

6.1CVSS6.2AI score0.00354EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/11/04 2:0 p.m.5 views

20/20 Cybersecurity: Lessons Learned in 2024 and Strategies for a Stronger 2025

With 2024 rapidly coming to a close, many of us here at Rapid7 are taking a step back, reflecting upon the successes and learnings of the last 12 months, and looking ahead to the challenges and opportunities we could jointly face in the year ahead. Of course, we are doing the same for our...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/24 11:21 a.m.28 views

Ease the Burden with AI-Driven Threat Intelligence Reporting

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. Cybersecurity...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/15 1:55 p.m.46 views

3 Ransomware Group Newcomers to Watch in 2024

The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases. --- Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a teaser—2023 roared back...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/29 5:55 a.m.58 views

DJVU Ransomware's Latest Variant 'Xaro' Disguised as Cracked Software

A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. "While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/21 7:55 p.m.41 views

Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents

A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunication providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time JIT compiler for the Lua programming...

7.4AI score
Exploits0
hivepro
hivepro
added 2023/05/30 7:42 a.m.61 views

Actors, Threats and Vulnerabilities 22 to 28 May 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of ten attacks executed, taking advantage of four different vulnerabilities in vario...

9.3CVSS6.8AI score0.99374EPSS
Exploits62
Rapid7 Blog
Rapid7 Blog
added 2023/03/14 2:0 p.m.16 views

Cloud Security Strategies for Healthcare

How to Stay Secure in the Cloud While Driving Innovation and Discovery The healthcare industry is undergoing a transformational shift. Health organizations are traditionally entrenched in an on-prem way of life, but the past three years have plunged them into a digital revolution. A heightened...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/28 1:59 p.m.34 views

Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain

Romanian cybersecurity company Bitdefender has released a free decryptor for a new ransomware strain known as MortalKombat. MortalKombat is a new ransomware strain that emerged in January 2023. It's based on commodity ransomware dubbed Xorist and has been observed in attacks targeting entities in...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/16 10:13 a.m.26 views

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ranso...

1.5AI score
Exploits0
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.6 views

Kiwi TCMS 安全漏洞

Kiwi TCMS is a leading open source test management system for manual and automated testing from Kiwi TCMS Open Source. A security vulnerability exists in Kiwi TCMS versions prior to 12.0, which stems from the fact that the system is not rate-limited, which makes brute-force attacks on the login...

9.8CVSS8.3AI score0.00902EPSS
Exploits0References5
Rows per page
Query Builder