Lucene search
K

224 matches found

Microsoft Secure
Microsoft Secure
added 2025/12/09 9:41 p.m.13 views

Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack

The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available packages, targeting developer environments, continuous integration and continuous delivery CI/CD...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2025/12/09 12:0 a.m.29 views

CVE-2023-53777 erofs: kill hooked chains to avoid loops on deduplicated compressed images

In the Linux kernel, the following vulnerability has been resolved: erofs: kill hooked chains to avoid loops on deduplicated compressed images After heavily stressing EROFS with several images which include a hand-crafted image of repeated patterns for more than 46 days, I found two chains could ...

0.00168EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/12/01 12:0 a.m.2 views

LeechHijack: Covert Computational Resource Exploitation in Intelligent Agent Systems

Large Language Model LLM-based agents have demonstrated remarkable capabilities in reasoning, planning, and tool usage. The recently proposed Model Context Protocol MCP has emerged as a unifying framework for integrating external tools into agent systems, enabling a thriving open ecosystem of...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/18 3:25 p.m.3 views

Learn How Leading Companies Secure Cloud Workloads and Infrastructure at Scale

You've probably already moved some of your business to the cloud—or you're planning to. That's a smart move. It helps you work faster, serve your customers better, and stay ahead. But as your cloud setup grows, it gets harder to control who can access what. Even one small mistake—like the wrong...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/13 12:0 a.m.6 views

GraphFaaS: Serverless GNN Inference for Burst-Resilient, Real-Time Intrusion Detection

Provenance-based intrusion detection is an increasingly popular application of graphical machine learning in cybersecurity, where system activities are modeled as provenance graphs to capture causality and correlations among potentially malicious actions. Graph Neural Networks GNNs have...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/13 12:0 a.m.22 views

Wazuh 4.14.1

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/12 8:35 a.m.9 views

Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence AI queries in a secure platform in the cloud. The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences,...

7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/11/12 12:0 a.m.5 views

IBM Infrastructure: Continuous Risk & Compliance

Learn all about AI-powered visibility, telemetry, and proactive security across mainframe, cloud, containers, and enterprise workloads...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/04 4:39 p.m.5 views

Wizdom 2025 Product Announcements: Extending the Cloud Operating Model

At Wizdom 2025, we’re unveiling two new AI agents alongside new product innovations that deepen and extend the graph across SaaS, workloads, AI infrastructure, and external exposures. Together, these advances enable teams to secure everything they build and run in the cloud and beyond...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/24 12:0 a.m.10 views

Wazuh 4.14.0

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.13 views

EUVD-2021-12632

Malware in sbrugna...

7.8CVSS5.9AI score0.00211EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2025/10/02 5:0 p.m.7 views

Microsoft named a Leader in the IDC MarketScape for XDR

When cybersecurity stakes are high and complexity is the norm, Microsoft doesn’t just participate, it excels with Microsoft Defender XDR—built to anticipate, disrupt, and outpace modern cyberthreats. We are excited to announce that Microsoft has been named a Leader in the IDC MarketScape: Worldwi...

6.5AI score
Exploits0
CVE
CVE
added 2025/09/24 7:48 p.m.35 views

CVE-2025-59824

The CVE CVE-2025-59824 affects Omni’s WireGuard-based SideroLink used to connect Omni to Talos machines. The issue: the WireGuard interface validates that the source IP matches the Talos peer IPv6 address but does not validate the destination address, meaning a malicious workload on the same Kube...

5.4CVSS6.7AI score0.00182EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/09/23 9:15 p.m.9 views

CVE-2025-58354

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, ...

6.9CVSS0.00312EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/23 9:8 p.m.7 views

CVE-2025-58354 Kata Containers coco-tdx malicious host can circumvent initdata verification

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, ...

6.9CVSS0.00312EPSS
Exploits0References2
OSV
OSV
added 2025/09/23 9:8 p.m.3 views

CVE-2025-58354 Kata Containers coco-tdx malicious host can circumvent initdata verification

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, ...

6.9CVSS6.9AI score0.00312EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/23 12:0 a.m.3 views

Kata Containers 代码问题漏洞

Kata Containers is an open source lightweight virtual machine builder from the Kata Containers community. A code issue vulnerability exists in Kata Containers 3.20.0 and prior versions, which stems from a malicious host that can bypass initdata authentication, potentially allowing an attacker to...

6.9CVSS7AI score0.00312EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.2 views

Wazuh 4.13.0

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2025/09/17 12:33 p.m.13 views

CVE-2025-8077 NeuVector admin account has insecure default password

A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in admin account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default...

9.8CVSS0.0052EPSS
Exploits0References2
Gitee
Gitee
added 2025/09/14 12:2 p.m.184 views

wazuh

This repository is an open-source security platform called Wazuh, which provides unified XDR and SIEM protection for endpoints and cloud workloads. The repository contains various files and templates for issue reporting, testing, and integration with external services. The probable entry points f...

7.2AI score
Exploits0
Rows per page
Query Builder