soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
soc

CVE-2026-42945: 18-Year-Old NGINX Rewrite Flaw May Enable Unauthenticated RCE

Web infrastructure bugs remain especially dangerous when they sit in widely deployed request-handling logic for years without detection. Among the latest vulnerabilities impacting NGINX Plus and NGINX Open, the CVE-2026-42945 vulnerability stands out as an 18-year-old heap buffer overflow in ngx_http_rewrite_module that can be reached by an unauthenticated attacker through crafted HTTP requests and may […]

Mehr lesen →
soc

CVE-2026-46300: Fragnesia Linux Kernel Flaw Grants Root via Page Cache Corruption

Local privilege-escalation bugs remain especially dangerous when they turn an ordinary user foothold into immediate root access. The CVE-2026-46300 vulnerability, nicknamed Fragnesia, is a high-severity Linux kernel flaw in the XFRM ESP-in-TCP subsystem that allows an unprivileged local attacker to write arbitrary bytes into the page cache of read-only files and escalate privileges. Public reporting […]

Mehr lesen →
soc

CVE-2026-42945: NGINX Rewrite Heap Overflow Enables Remote DoS & Potential RCE

CVE-2026-42945: NGINX Rewrite Heap Overflow Enables Remote DoS & Potential RCE CVE-2026-42945 is a heap-based buffer overflow in NGINX that occurs in ngx_http_rewrite_module (the rewrite module). The bug is remotely reachable over HTTP and can be triggered without authentication when specific rewrite-rule patterns are present, which makes it relevant for internet-facing NGINX reverse proxies. Many […]

Mehr lesen →
soc

Top 5 Surface Web Hacker Forums in 2026

Top 5 Hacker Forums on the Surface Web Security teams often associate cybercrime forums exclusively with the Dark Web and Tor. However, several of the most active underground communities now operate openly on the surface web, accessible via standard browsers and indexed infrastructure. These forums facilitate the trade of stolen credentials, corporate access, ransomware tools, […]

Mehr lesen →
soc

BreachForums & TeamPCP Promote Supply Chain Competition as Cybercrime Gets Gamified

BreachForums & TeamPCP Promote Supply Chain Competition as Cybercrime Gets Gamified Underground cybercrime communities are increasingly borrowing ideas from legitimate tech ecosystems: branding, public challenges, shared tools, reputation building, and even prize-based competitions. Recently BreachForums and TeamPCP promoted what they describe as a “supply chain competition,” encouraging threat actors to conduct the “biggest supply chain […]

Mehr lesen →
soc

SOCRadar’s Free Ransomware Intelligence Dashboard: Track Live Ransomware Activity

SOCRadar’s Free Ransomware Intelligence Dashboard: Track Live Ransomware Activity The ransomware threat intelligence community has been doing incredible work making data more accessible from projects like Ransomware.live, Ransomlook, and CTI.fyi to curated resources like Will Thomas’s Awesome-Ransomware repo on GitHub, there’s a growing ecosystem of free, community-driven tools that help analysts, researchers, journalists, and defenders […]

Mehr lesen →
soc

Dark Web Profile: Keymous+

Dark Web Profile: Keymous+ Keymous Plus, also known as Keymous+ threat group, markets itself as a hacktivist collective fighting for humanity. What intelligence investigations have documented is structurally different: a North African hybrid actor blending political performance with a commercial DDoS-as-a-Service platform, an alliance network spanning 70+ groups, and an operational tempo that has made […]

Mehr lesen →
soc

May 2026 Patch Tuesday: 137 Vulnerabilities, No Zero-Days

May 2026 Patch Tuesday: 137 Vulnerabilities, No Zero-Days Microsoft released its May 2026 Patch Tuesday security updates, resolving a total of 137 vulnerabilities across Windows and a broad range of Microsoft products and components. Unlike the previous several months, this release contains no zero-day vulnerabilities – neither actively exploited nor publicly disclosed prior to today’s […]

Mehr lesen →
soc

Top 10 Deep & Dark Web Forums

Top 10 Deep Web and Dark Web Forums in 2026 The top Deep Web and Dark Web Forums actively monitored in 2026 are XSS, Exploit.in, BHF, Dread, DarkForums, Altenen, CryptBB, Cracked, and DamageLib, based on how frequently they surface in threat intelligence investigations, court records, and breach response work. Several previously dominant forums have been […]

Mehr lesen →