Threat Surface Pulse
Real-time snapshots from CISA KEV and other signals. Highlights exposed risk and trending CVEs.
- Recent KEV additions
- Exec-ready talking points
Atlassian
Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.
Microsoft
Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.
Microsoft
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
Mitel
The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation.
Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
AI/ML Signal Tracker
Tracks model releases, repos, and outages; summarizes impact for platform roadmaps.
- Top moving repos
- Signal strength
mikehubers/Awesome-AI-For-Security
🛡️ Discover essential tools and resources that leverage AI for enhancing cybersecurity, focusing on modern technologies and their applications in security operations.
RepiFahmiSidiq/Onchain-Security-Suite
🛡️ Strengthen Web3 security with our AI-driven token auditor and reputation engine, ensuring safer transactions and reliable smart contracts.
hmshujaatzaheer/federated-scion-security-framework
Formally Verified Federated Learning Framework for Privacy-Preserving Anomaly Detection in Path-Aware Networks (PhD Research)
Mohamed-Tamer-Nassr/Network-Security-Model
A machine-learning–based phishing detection system that analyzes URL and network features to identify malicious sites, built with Python, FastAPI, Scikit-Learn, MongoDB, and Docker.
XSource-Sec/awesome-ai-security
A curated list of AI security resources, tools, research papers, and more
MUKUL-TIWARI/CyberShield-Security-Suite
AI-powered phishing, email, and vishing detection system.