1260 matches found
CVE-2026-54393
CVE-2026-54393 describes a stored XSS in MISP when the Overmind theme is active. The vulnerability stems from the setHomePage endpoint saving user-supplied paths via setSettingInternal(), bypassing validation in setSetting() (including validate_homepage that enforces a leading “/”). The attacker-...
PT-2026-48973
MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should have remained server-controlled, including record identifiers and ownership-relat...
AutoSUT: The Environment Semantics Gap in Structured CTI for Adversary Emulation
Structured Cyber Threat Intelligence CTI is increasingly used for adversary emulation, detection evaluation, and cyber range design. However, these workflows still require a target System Under Test SUT whose environment is not fully described by public CTI. We measure how much of that environmen...
Quarterly WordPress Threat Intelligence Report – Q1 2026
As the leader in WordPress security, Wordfence provides unparalleled security coverage that fully encompasses protection, active monitoring, detection, and response all built around our threat intelligence, demonstrating a strong commitment to security. Our mission is to ensure comprehensive...
Cognitive Threat Intelligence and Explainable Federated Security Analytics for Distributed Infrastructure Systems
The increasing adoption of distributed infrastructure systems, cloud computing, Internet of Things IoT technologies, and edge-based architectures has significantly expanded the cybersecurity attack surface and introduced increasingly sophisticated cyber threats. Conventional centralized intrusion...
GenTI: Benchmarking LLMs for Autonomous IDPS Rule Generation for Unseen Attacks
Rule-based Intrusion Detection and Prevention Systems IDPS offer precise attack detection as well as mitigation, however their manually crafted, signature-driven rules limit adaptability to emerging and zero-day threats. Additionally, existing public datasets e.g., CICIDS2017, UNSW-NB15 focus on...
TIBlender: Early-Warning Threat Intelligence from Cross-Platform Social Media Evidence
Cyber threat signals are fragmented across multiple social media platforms, yet no existing approach has fully automated their integration into actionable threat intelligence TI reports. We present TIBlender, a multi-agent system that monitors four platforms X, Reddit, Telegram, and Discord and...
Zafran vs Hive Pro: A Fair CTEM Comparison
CTEM coverage claims sound similar until teams compare how exposure evidence becomes action. A fair platform decision hinges on discovery, validation, intelligence, and the remediation model already in place. Comparing CTEM platforms now? Book a Hive Pro demo to assess integrated discovery,...
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks. The bot network, per the Dutch Politie and the National Cyber Security Center NCSC, consisted of at lea...
Wordfence Bug Bounty Program Monthly Report – March 2026
In March 2026, the Wordfence Bug Bounty Program received 1718 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfence Threat...
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
As threats become more coordinated and faster to execute, endpoint protection has become the proving ground for modern defense. For the seventh consecutive time, Microsoft has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. We believe this reflects both the...
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
As threats become more coordinated and faster to execute, endpoint protection has become the proving ground for modern defense. For the seventh consecutive time, Microsoft has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. We believe this reflects both the...
CTI-Transmute 安全漏洞
CTI-Transmute is an open-source network threat intelligence format conversion service developed by the MISP Project. CTI-Transmute has a security vulnerability. This vulnerability stems from the fact that the notification messages in the notification panel contain transition names that are...
watch-tower
OT/ICS Threat Intelligence Lab Local threat intelligence lab...
TTPrint: Evidence-Grounded TTP Extraction Via Diverge-Then-Converge Verification
Extracting MITRE ATT&CK techniques from cyber threat intelligence CTI reports is an open-set, multi-label problem requiring both high recall not missing techniques and high precision not hallucinating unsupported ones. Existing methods--rule-based, supervised, and LLM-based--struggle to achieve...
cve-researcher
cve-researcher AI-powered CVE research in your terminal —...
Nucleus Security vs Hive Pro: CTEM Comparison
Choosing between Nucleus Security vs Hive Pro is really a decision about how your security team wants to run exposure management: as an aggregation and workflow layer over existing tools, or as a broader CTEM platform that combines aggregation, native discovery, threat intelligence, validation, a...
SOC-Alert-Investigation-Portfolio
SOC Alert Investigation Portfolio This repository contains pr...
GenAI-Driven Threat Detection with Microsoft Security Copilot
Defending against today's increasingly sophisticated cyberattacks requires security analysts to continuously translate evolving attacker tradecraft into detection logic. This places defenders in a reactive posture, requiring constantly updated expertise across an increasingly fragmented security...
Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM
Torrance, United States / California, 19th May 2026, CyberNewswire...