Lucene search
K

21 matches found

GithubExploit
GithubExploit
added 2026/05/10 9:14 a.m.105 views

pocxgen-agent

PoCXGen Agent An LLM-orchestrated multi-agent pipeline for au...

5.9AI score
Exploits0
Talos Blog
Talos Blog
added 2026/04/23 3:10 p.m.10 views

UAT-4356's Targeting of Cisco Firepower Devices

Cisco Talos is aware of UAT-4356's continued active targeting of Cisco Firepower devices' Firepower eXtensible Operating System FXOS. UAT-4356 exploited n-day vulnerabilities CVE-2025-20333 and CVE-2025-20362 to gain unauthorized access to vulnerable devices, where the threat actor deployed their...

9.9CVSS9.5AI score0.85543EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/04/09 4:23 p.m.5 views

UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations NGOs and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/02 7:30 p.m.7 views

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services AWS secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos...

10CVSS7.2AI score0.99562EPSS
Exploits373
Rapid7 Blog
Rapid7 Blog
added 2026/03/11 3:52 p.m.8 views

Rapid7 Analysis: CVE-2026-20127

CVE-2026-20127: Cisco Catalyst SD-WAN Authentication Bypass Overview On 25th February 2026, Cisco published an advisory for CVE-2026-20127, a critical authentication bypass vulnerability in the vdaemon service of Cisco Catalyst SD-WAN formerly Viptela. The flaw allows an unauthenticated, remote...

10CVSS8.8AI score0.57793EPSS
Exploits9
Talos Blog
Talos Blog
added 2026/02/25 4:13 p.m.28 views

Active exploitation of Cisco Catalyst SD-WAN by UAT-8616

Cisco Talos is tracking the active exploitation of CVE-2026-20127, a vulnerability in Cisco Catalyst SD-WAN Controller, formerly vSmart, that allows an unauthenticated remote attacker to bypass authentication and obtain administrative privileges on the affected system by sending a crafted request...

10CVSS6.1AI score0.57793EPSS
Exploits10
Talos Blog
Talos Blog
added 2026/02/11 12:0 a.m.8 views

New threat actor, UAT-9921, leverages VoidLink framework in campaigns

Cisco Talos recently discovered a new threat actor, UAT-9921, leveraging VoidLink in campaigns. Their activities may go as far back as 2019, even without VoidLink. The VoidLink compile-on-demand feature lays down the foundations for AI-enabled attack frameworks, which can create tools on-demand f...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/08 2:54 p.m.10 views

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and Southeastern Europe. The activity cluster, which has been active since at least 2022, primarily focuses on extensive technical reconnaissance of target organizations...

7.7AI score
Exploits0
Talos Blog
Talos Blog
added 2026/01/08 11:0 a.m.13 views

UAT-7290 targets high value telecommunications infrastructure in South Asia

Cisco Talos is disclosing a sophisticated threat actor we track as UAT-7290, who has been active since at least 2022. UAT-7290 is tasked with gaining initial access as well as conducting espionage focused intrusions against critical infrastructure entities in South Asia. UAT-7290's arsenal includ...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/26 5:51 a.m.36 views

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

The U.K. National Cyber Security Centre NCSC has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. "The RayInitiator and LINE...

9.9CVSS8.1AI score0.85543EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/08/15 4:20 p.m.11 views

Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

A Chinese-speaking advanced persistent threat APT actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talo...

7.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in tango-uat-project (npm)

The package tango-uat-project was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-34519 Malicious code in tango-uat-project (npm)

The package tango-uat-project was found to contain malicious code...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/21 1:54 p.m.20 views

UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools

Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. "UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2025/03/20 10:0 a.m.14 views

UAT-5918 targets critical infrastructure entities in Taiwan

By Jung soo An, Asheer Malhotra, Brandon White, and Vitor Ventura. Cisco Talos discovered a malicious campaign we track under the UAT-5918 umbrella that has been active since at least 2023. UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft,...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/17 4:13 p.m.19 views

Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant

The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper aka SnipBot or RomCom...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2024/10/17 10:0 a.m.15 views

UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants

Cisco Talos has observed a new wave of attacks active since at least late 2023, from a Russian speaking group we track as "UAT-5647", against Ukrainian government entities and unknown Polish entities. UAT-5647 is also known as RomCom and is widely attributed to Russian speaking threat actors in...

8.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/08/20 5:13 a.m.9 views

uat.upes.ac.in Open Redirect vulnerability OBB-3959315

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/07/09 7:56 p.m.16 views

investran-uat-us.fisglobal.com Cross Site Scripting vulnerability OBB-3496167

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/07/04 3:53 p.m.16 views

uat-login.altyn-i.kz XSS vulnerability

Open Bug Bounty ID: OBB-640337 Description| Value ---|--- Affected Website:| uat-login.altyn-i.kz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Rows per page
Query Builder