78 matches found
CVE-2026-0232
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection...
CVE-2026-0232
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection...
CVE-2026-0232 Cortex XDR Agent: Local Administrator can disable the agent on Windows
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection...
The threat to critical infrastructure has changed. Has your readiness?
Critical infrastructure CI organizations underpin national security, public safety, and the economy. In 2026, the cyber threat landscape facing these sectors is structurally different than it was even two years ago. What Microsoft Threat Intelligence is observing across critical infrastructure...
CVE-2026-0230
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...
EUVD-2026-11249
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...
CVE-2026-0230 Cortex XDR Agent: Local Administrator can disable the agent on macOS
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...
CVE-2026-0230
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...
PT-2026-24754
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...
EVE Doesn't Protect Rootfs
Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...
GHSA-5H7V-G49C-H887 EVE Doesn't Protect Rootfs
Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...
MiracleLinux 9 : tpm2-tools-5.2-4.el9 (AXSA:2024-9175:01)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9175:01 advisory. tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the attest...
CVE-2025-65553
D3D Wi-Fi Home Security System ZX-G12 v2.1.17 is susceptible to RF jamming on the 433 MHz alarm sensor channel. An attacker within RF range can transmit continuous interference to block sensor transmissions, resulting in missed alarms and loss of security monitoring. The device lacks jamming...
CVE-1999-0598
A network intrusion detection system IDS does not properly handle packets that are sent out of order, allowing an attacker to escape detection...
Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.param_eval
Summary Picklescan uses numpy.f2py.crackfortran.parameval, which is a function in numpy to execute remote pickle files. Details The attack payload executes in the following steps: - First, the attacker crafts the payload by calling the numpy.f2py.crackfortran.parameval function via reduce method....
Time-Constrained Intelligent Adversaries for Automation Vulnerability Testing: a Multi-Robot Patrol Case Study
Simulating hostile attacks of physical autonomous systems can be a useful tool to examine their robustness to attack and inform vulnerability-aware design. In this work, we examine this through the lens of multi-robot patrol, by presenting a machine learning-based adversary model that observes...
VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages
Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics SVG files as part of phishing attacks impersonating the Colombian judicial system. The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded...
MAL-2025-4900 Malicious code in undetected-chromedriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 687b76dc0d575aed0afa6e7d747df99e768e0089d8a461c82a6a962a9ff9e5b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in undetected-chromedriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 687b76dc0d575aed0afa6e7d747df99e768e0089d8a461c82a6a962a9ff9e5b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
python-asyncssh: Rogue Session Attack
A flaw was found in python-synch before the 2.14.1 versions, where the client can log in to the attacker's account without the client being able to detect this. This flaw allows an attacker to control the remote end of the SSH session completely, resulting in a complete break of the confidentiali...