cyberintel.kalymoon.com · 20524 articles · updated every 4 hours · grows forever
A vulnerability identified as problematic has been detected in datahub-project datahub up to 1.5.0.3 . This issue affects some unknown processing of the component OIDC Call Handler . Performing a mani…
A vulnerability labeled as critical has been found in Aegra up to 0.9.6 . Impacted is an unknown function of the component Message Handler . Executing a manipulation of the argument thread_id can lead…
A vulnerability marked as critical has been reported in Distribution up to 3.1.0 . The affected element is an unknown function of the file /v2/manifests/ of the component Configuration Handler . The m…
A vulnerability described as problematic has been identified in etcd-io etcd up to 3.4.43/3.5.29/3.6.10 . The impacted element is an unknown function of the component Attachments Handler . The manipul…
A vulnerability classified as critical has been found in gtsteffaniak filebrowser up to 1.3.0/1.3.8 . This affects an unknown function. This manipulation causes path traversal. This vulnerability appe…
A vulnerability classified as problematic was found in katalyst koi up to 4.19.x . This impacts an unknown function of the component Session Cookie Handler . Such manipulation leads to session expirat…
A vulnerability, which was classified as problematic , has been found in hatchet-dev hatchet up to 0.83.37 . Affected is an unknown function of the file /api/v1/stable/dags/tasks . Performing a manipu…
A vulnerability, which was classified as problematic , was found in Gotenberg up to 8.31.x . Affected by this vulnerability is an unknown functionality of the file /forms/chromium/convert/url of the c…
A vulnerability has been found in kubetail cli and dashboard and classified as problematic . Affected by this issue is some unknown functionality of the component WebSocket Endpoint . The manipulation…
A vulnerability was found in Nextcloud news up to 28.3.0-beta.0 and classified as critical . This affects an unknown part of the component Web Interface/API . The manipulation results in server-side r…
A vulnerability was found in docling-project docling-graph up to 1.5.0 . It has been classified as problematic . This vulnerability affects the function requests.head of the file docling_graph/core/in…
A vulnerability was found in ntop ntopng 6.7.251215 . It has been declared as problematic . This issue affects some unknown processing. Such manipulation leads to open redirect. This vulnerability is …
A vulnerability was found in Nuvoton NPCT7xx . It has been rated as problematic . Impacted is an unknown function of the component Elliptic Curve Handler . Performing a manipulation results in imprope…
Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploitable misconfigurations lead to RCE and data…
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused oper…
As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center. The post Defense in depth for autonomous AI agents appeared first …
The real question in modern cyber defense isn't who has more technology. It's who uses their resources more efficiently. Here's how AI fused with threat intelligence tips that balance.
Also: Indictments in Theft Case, KelpDAO Restarts Operations This week, banking Trojan TCLBanker targeted crypto platforms, three people indicted in a violent digital assets-related robbery, Kelp DAO …
As Regulators Tighten Liability Rules, Banks Face Pressure to Justify Fraud Losses So far, banks have managed to strike a balance between fraud prevention and customer convenience, often accepting a c…
France's Mistral Makes Digital Sovereignty Case for a European Mythos The European Central Bank added to mounting warnings sent to financial institutions that they must urgently act to protect their s…
Lesson one for aspiring dark web kingpins: don't have your laundered gold bars shipped to your home address. Read more in my article on the Hot for Security blog.
Artificial intelligence is now capable of generating attack telemetry that looks and behaves like the real thing, and that is changing how security teams think about testing their defenses. In new wor…