Threat Surface Pulse
Real-time snapshots from CISA KEV and other signals. Highlights exposed risk and trending CVEs.
- Recent KEV additions
- Exec-ready talking points
PEAR
PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.
PEAR
PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.
Palo Alto Networks
A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.
SAP
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.
Apple
Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.
AI/ML Signal Tracker
Tracks model releases, repos, and outages; summarizes impact for platform roadmaps.
- Top moving repos
- Signal strength
mikehubers/Awesome-AI-For-Security
🛡️ Discover essential tools and resources that leverage AI for enhancing cybersecurity, focusing on modern technologies and their applications in security operations.
RepiFahmiSidiq/Onchain-Security-Suite
🛡️ Strengthen Web3 security with our AI-driven token auditor and reputation engine, ensuring safer transactions and reliable smart contracts.
hmshujaatzaheer/federated-scion-security-framework
Formally Verified Federated Learning Framework for Privacy-Preserving Anomaly Detection in Path-Aware Networks (PhD Research)
Mohamed-Tamer-Nassr/Network-Security-Model
A machine-learning–based phishing detection system that analyzes URL and network features to identify malicious sites, built with Python, FastAPI, Scikit-Learn, MongoDB, and Docker.
XSource-Sec/awesome-ai-security
A curated list of AI security resources, tools, research papers, and more
MUKUL-TIWARI/CyberShield-Security-Suite
AI-powered phishing, email, and vishing detection system.