vulnerability
CISA extends funding to ensure 'no lapse in critical CVE services'
https://www.bleepingcomputer.com/news/security/cisa-extends-funding-to-ensure-no-lapse-in-critical-cve-services/
Added 1 month ago
CVE program faces swift end after DHS fails to renew contract. Leaving security flaw tracking in limbo
https://www.csoonline.com/article/3963190/cve-program-faces-swift-end-after-dhs-fails-to-renew-contract-leaving-security-flaw-tracking-in-limbo.html
Added 1 month ago
AI-hallucinated code dependencies become new supply chain risk
https://www.bleepingcomputer.com/news/security/ai-hallucinated-code-dependencies-become-new-supply-chain-risk/
Added 1 month ago
Remote Code Execution Vulnerabilities in Ingress NGINX | Wiz Blog
https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities
Added 1 month ago
Harden-Runner detection: tj-actions/changed-files action is compromised - StepSecurity
https://search.app/nz29ggeNi26oEF8q9
Added 1 month ago
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials - The GitHub Blog
https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/
Added 1 month ago
Paul Butler – Smuggling arbitrary data through an emoji
https://paulbutler.org/2025/smuggling-arbitrary-data-through-an-emoji/
Added 1 month ago
DeepSeek Jailbreak Reveals Its Entire System Prompt
https://www.darkreading.com/application-security/deepseek-jailbreak-system-prompt
Added 1 month ago
Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection - Flatt Secu
https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/
Added 1 month ago
Google Claims World First As AI Finds 0-Day Security Vulnerability
https://www.forbes.com/sites/daveywinder/2024/11/04/google-claims-world-first-as-ai-finds-0-day-security-vulnerability/
Added 1 month ago
OpenSSF Adds Minder as a Sandbox Project to Simplify the Integration and Use of Open Source Security
https://openssf.org/blog/2024/10/28/openssf-adds-minder-as-a-sandbox-project-to-simplify-the-integration-and-use-of-open-source-security-tools/
Added 1 month ago
Critical doomsday Linux bug is CUPS-based vulnerability • The Register
https://www.theregister.com/2024/09/26/unauthenticated_rce_bug_linux/
Added 1 month ago
Critical Unauthenticated RCE Flaw Impacts all GNU/Linux systems
https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/
Added 1 month ago
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/
Added 1 month ago
Nuclei: Open-source vulnerability scanner - Help Net Security
https://www.helpnetsecurity.com/2024/08/26/nuclei-open-source-vulnerability-scanner/
Added 1 month ago
Open Source Firewall pfsense Vulnerable to Remote Code Execution Attacks
https://cybersecuritynews.com/open-source-firewall-pfsense-vulnerable/
Added 1 month ago
New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users
https://thehackernews.com/2024/08/new-flaws-in-sonos-smart-speakers-allow.html?m=1
Added 1 month ago
Critical AWS Vulnerabilities Allow S3 Attack Bonanza
https://www.darkreading.com/remote-workforce/critical-aws-vulnerabilities-allow-s3-attack-bonanza
Added 1 month ago
https://www.scmagazine.com/news/critical-vulnerabilities-in-6-aws-services-disclosed-at-black-hat-usa
https://www.scmagazine.com/news/critical-vulnerabilities-in-6-aws-services-disclosed-at-black-hat-usa
Added 1 month ago