14 matches found
Anthropic’s Project Glasswing Update
In April, Anthropic initated Project Glasswing. The idea was to let companies use their new model to find and fix vulnerabilities in their own software. It was a fantastic PR move, and so many press outlets have uncritically parroted Anthropic's claims that it's now common wisdom that Mythos is...
Web-Application-Pentest-Report
Web-Application-Pentest-Report OWASP methodology penetration t...
Aether - Adaptive Exploit and Threat Hunting Engine for EVM-based Repositories 5.0
Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...
EUVD-2025-37832
EUVD-2025-37832...
A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT
Security researchers found a weakness in OpenAI’s Connectors, which let you hook up ChatGPT to other services, that allowed them to extract data from a Google Drive without any user interaction...
Ubuntu: Security Advisory (USN-7398-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-12510
creationtimestamp| type| source ---|---|--- 2025-02-03 18:53:21+00:00| seen| https://infosec.exchange/users/cve/statuses/113941466402330448 2025-02-03 19:16:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhcawtn3jz2t 2025-02-14 13:44:52+00:00| seen|...
CVE-2025-0753
creationtimestamp| type| source ---|---|--- 2025-01-27 21:08:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113902363379966395 2025-01-27 21:15:36+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqudx7npa2e 2025-03-02 11:46:29+00:00| seen|...
CVE-2024-56517
creationtimestamp| type| source ---|---|--- 2024-12-30 16:41:26+00:00| seen| https://infosec.exchange/users/cve/statuses/113742766801800257 2024-12-30 19:18:33+00:00| seen| https://t.me/cvedetector/13940...
BELL-CVE-2024-0853
Bulletin has no description...
What's Wrong with Manufacturing?
In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also th...
Introducing Enterprise TruRisk Management from Qualys
Since the release of Qualys VMDR 2.0 with TruRisk last year, our customers have quickly adopted it to perform cyber risk assessments across the entire enterprise. With detail-rich cyber risk visualization, customers can now pinpoint the areas of their business exposed to elevated levels of cyber...
Maximize Your VM Investment: Fix Vulnerabilities Faster With Automox + Rapid7
The Rapid7 InsightConnect Extension library is getting bigger! We’ve teamed up with IT operations platform, Automox, to release a new plugin and technology alliance that closes the aperture of attack for vulnerability findings and automates remediation. Using the Automox Plugin for Rapid7...
Crossite scripting in Macromedia Sitespring
Crossite scripting via 500error.jsp...