Kereva LLM Code Scanner is a static analysis tool designed to identify potential security risks, performance issues, and vulnerabilities in Python codebases that use Large Language Models (LLMs). It analyzes your code without execution...
A tool specifically designed for Kubernetes environments aims to efficiently and automatically discover hidden vulnerable APIs within clusters. It reveals and demonstrates a common error through a workshop format, which could lead to API...
Linux kernel vulnerability reproduction is a critical task in system security. To reproduce a kernel vulnerability, the vulnerable environment and the Proof of Concept (PoC) program are needed. Most existing research focuses on the...
AD-AssessmentKit These tools are ideal for network administrators and cybersecurity professionals seeking to assess and enhance the security posture of AD environments and network infrastructures. AD-SecurityAudit.sh It focuses on initial reconnaissance and vulnerability identification...
Honeyscanner – A vulnerability analyzer for Honeypots Honeyscanner is a vulnerability analyzer for honeypots designed to automatically attack a given honeypot, in order to determine if the honeypot is vulnerable to specific types of...
Experts from SSD Secure Disclosure have discovered vulnerabilities in the D-Link EXO AX4800 (DIR-X4860) router, which allow an attacker to gain complete control over the device. The flaws were found in DIR-X4860 routers with...
Security researchers from Phylum have discovered a malicious package in the popular PyPI repository, masquerading as the well-known library “requests,” but posing a significant threat to the entire developer community. The package, named “requests-darwin-lite,”...
Security researchers from Guardio Labs uncovered a significant oversight in Opera’s web browser for Windows and macOS, which allows cybercriminals to launch any file, including malicious ones, on the computer’s base operating system. The...
Bitdefender has identified a vulnerability in the popular Bosch BCC100 Wi-Fi thermostat model. This flaw permits cybercriminals to remotely manipulate device settings, including temperature, and install malicious software. Internet of Things (IoT) devices, ranging...
The ShadowServer platform daily uncovers hundreds of IP addresses scanning or attempting to exploit Apache RocketMQ services vulnerable to Remote Code Execution (RCE), identified as CVE-2023-33246 and CVE-2023-37582. Both vulnerabilities are critical and pertain...
A new threat has emerged, targeting the very core of Linux systems around the globe. This peril, identified as CVE-2023-6817, lurks within the NetFilter subsystem of the Linux kernel, a critical component that governs...
Popular PDF reader Foxit Reader has been found to harbor multiple security vulnerabilities that could allow attackers to remotely execute malicious code on vulnerable systems. These vulnerabilities, discovered by researchers from Cisco’s Talos Vulnerability...
In today’s hyperconnected world, portable hotspots have become indispensable tools for staying connected on the go. However, these devices are not immune to security vulnerabilities, and one such vulnerability has been discovered in the...
Synology, a leading provider of network-attached storage (NAS) and surveillance solutions, has issued a security advisory to address a high-severity vulnerability affecting Synology Router Manager (SRM). This vulnerability, discovered during the PWN2OWN 2023 security...
Microsoft has released a security update to address a critical vulnerability in the Azure CLI that could be exploited by attackers to recover plaintext passwords and usernames from log files created by the affected...
Cisco issued a security bulletin explaining the recently discovered and fixed security vulnerabilities. According to the bulletin, Cisco used hard-coded debugging accounts in some devices. The so-called hard-coded debugging account refers to the account...
