soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
soc

CVE-2026-0300 Enables Root RCE in PAN-OS Captive Portal

CVE-2026-0300 Enables Root RCE in PAN-OS Captive Portal Palo Alto Networks disclosed CVE-2026-0300, a critical pre-authentication buffer overflow in the User-ID™ Authentication Portal (Captive Portal) service in PAN-OS. Under the right exposure conditions, an unauthenticated attacker can trigger remote code execution (RCE) as root on affected PA-Series and VM-Series firewalls. The vendor rates exploit maturity […]

Mehr lesen →
soc

Trellix Source Code Repository Incident: What Defenders Should Know

Trellix Source Code Repository Incident: What Defenders Should Know Trellix publicly disclosed that it identified unauthorized access to a portion of its internal source code repository. The company said it engaged external forensic experts, notified law enforcement, and, as of its disclosure, found no evidence that its release or distribution process was affected or that […]

Mehr lesen →
soc

ShinyHunters Breached Instructure: 275 Million Students, Teachers and Staff Potentially Exposed

ShinyHunters Breached Instructure: 275 Million Students, Teachers and Staff Potentially Exposed If your school uses Canvas, your data may already be in the hands of one of the most active hacking groups on the planet. On May 1, 2026, Instructure, the company behind the Canvas learning management system, confirmed a cybersecurity incident. Two days later, […]

Mehr lesen →
soc

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation Progress Software has disclosed and patched two vulnerabilities in MOVEit Automation, its managed file transfer automation and workflow engine. CVE-2026-4670 is an authentication bypass, and CVE-2026-5174 is a privilege escalation issue tied to improper input validation. The issues relate to MOVEit Automation’s service […]

Mehr lesen →
soc

Top 10 Ways Hackers Use AI for Cyber Attacks

Top 10 Ways Hackers Use AI for Cyber Attacks Artificial intelligence is reshaping every industry, including cybercrime. But unlike most professionals watching AI with caution, threat actors are welcoming it with open arms. Threat actors now use generative AI to write flawless phishing lures, clone voices, build self-mutating malware, and run full intrusion chains with […]

Mehr lesen →
soc

WhatsApp Number Leak, OpenVPN Access Sale, LiteLLM Exploit Scanner, BIN Leads Listing, and PHI Buyer Post

WhatsApp Number Leak, OpenVPN Access Sale, LiteLLM Exploit Scanner, BIN Leads Listing, and PHI Buyer Post SOCRadar Dark Web Team identified several new underground posts, including a claim of 20.65 million Indonesian WhatsApp numbers being shared, a separate listing advertising OpenVPN access into an Indian financial services target, and an exploit or scan script sale […]

Mehr lesen →
soc

Top 10 AI Pentest Tools

Top 10 AI Pentest Tools AI pentest tools are gaining popularity in offensive security workflows. These tools accelerate reconnaissance and automate workflows, but at the same time, enable less skilled actors to execute complex attacks. Now, security teams are forced to confront automated threats that move quickly and scale at minimal cost. We saw an […]

Mehr lesen →
soc

Top 10 Threat Intelligence Feeds for Enterprises

Top 10 Threat Intelligence Feeds for Enterprises Threat intelligence feeds help enterprises turn scattered threat data into security decisions. They can support alert enrichment, malware investigation, vulnerability prioritization, phishing defense, identity exposure monitoring, and external attack surface visibility. However, not every feed serves the same purpose, and relying on one source alone can leave major […]

Mehr lesen →
soc

March 2026: Wiper Attack Paralyzes Stryker as BPO Breaches & Data Thefts Sweep the Month

March 2026: Wiper Attack Paralyzes Stryker as BPO Breaches & Data Thefts Sweep the Month March 2026 brought a heavy concentration of significant cyber incidents across healthcare, outsourcing, software supply chains, and the entertainment sector. A politically motivated wiper attack against a major medical device manufacturer drew particular attention, while a sprawling supply chain campaign […]

Mehr lesen →
soc

CVE-2026-31431: “Copy Fail,” the Nine-Year-Old Linux Bug Introduced in 2017

CVE-2026-31431: “Copy Fail,” the Nine-Year-Old Linux Bug Introduced in 2017 A vulnerability hiding in plain sight for nearly a decade, capable of granting full root access to almost any Linux server with just a 732-byte Python script. Meet “Copy Fail” (CVE-2026-31431), a critical local privilege escalation flaw in the Linux kernel that affects virtually every […]

Mehr lesen →