Threat Surface Pulse
Real-time snapshots from CISA KEV and other signals. Highlights exposed risk and trending CVEs.
- Recent KEV additions
- Exec-ready talking points
Grafana Labs
Grafana contains a path traversal vulnerability that could allow access to local files.
Synacor
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that exists in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an e-mail message containing a malicious ICS entry, its embedded JavaScript executes via an ontoggle event inside a tag. This allows an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions such as setting e-mail filters to redirect messages to an attacker-controlled address. As a result, an attacker can perform unauthorized actions on the victim's account, including e-mail redirection and data exfiltration.
Linux
Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.
Microsoft
Microsoft Internet Explorer contains an uninitialized memory corruption vulnerability that could allow for remote code execution. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
Microsoft
Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.
AI/ML Signal Tracker
Tracks model releases, repos, and outages; summarizes impact for platform roadmaps.
- Top moving repos
- Signal strength
RepiFahmiSidiq/Onchain-Security-Suite
🛡️ Strengthen Web3 security with our AI-driven token auditor and reputation engine, ensuring safer transactions and reliable smart contracts.
mikehubers/Awesome-AI-For-Security
🛡️ Discover essential tools and resources that leverage AI for enhancing cybersecurity, focusing on modern technologies and their applications in security operations.
prashantshukla01/Network_Security
This project aims to detect malicious network activity using Machine Learning-based Intrusion Detection. It focuses on analyzing network traffic data to classify whether behavior is normal or attack-related, helping organizations strengthen their cybersecurity posture.
PeterHovng/HUTECH_DACN.CyberSecurity
Đồ án chuyên ngành - ngành An ninh mạng "Hệ thống phát hiện tấn công mạng trên AWS bằng Machine Learning (Network Intrusion Detection System - NIDS)"
polymons/MCP-Security-Proxy
A project to test MCP voulnerabilities and defense strategies in a cloud-native Dockerized environment. This repository is part of my Bsc thesis in computer engineering at Óbuda University.
AyoubElmortaji/Cloud-Security
Analysis and Detection of Threats in Cloud Environments Using Machine Learning Developed an anomaly detection model achieving 80% accuracy with Random Forest. This academic project, completed during my Cybersecurity & Cloud Computing studies at ENSAM Casablanca, focuses on identifying suspicious activities and threats in cloud logs using machine l