Threat Surface Pulse
Real-time snapshots from CISA KEV and other signals. Highlights exposed risk and trending CVEs.
- Recent KEV additions
- Exec-ready talking points
Apple
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Trend Micro
Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
MinIO
MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket` to conduct privilege escalation. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access.
Samsung
Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.
Realtek
Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request.
AI/ML Signal Tracker
Tracks model releases, repos, and outages; summarizes impact for platform roadmaps.
- Top moving repos
- Signal strength
mikehubers/Awesome-AI-For-Security
🛡️ Discover essential tools and resources that leverage AI for enhancing cybersecurity, focusing on modern technologies and their applications in security operations.
RepiFahmiSidiq/Onchain-Security-Suite
🛡️ Strengthen Web3 security with our AI-driven token auditor and reputation engine, ensuring safer transactions and reliable smart contracts.
MUKUL-TIWARI/CyberShield-Security-Suite
AI-powered phishing, email, and vishing detection system.
zimingttkx/Network-Security-Based-On-ML
🛡️ 基于机器学习的网络安全威胁检测系统 | 完整的端到端ML项目,包含数据处理、模型训练、Web界面和API服务 | 适合初学者学习的实战项目 | Python + FastAPI + Scikit-learn + XGBoost
Western-OC2-Lab/AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security
This repository includes code for the AutoML-based IDS and adversarial attack defense case studies presented in the paper "Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis" published in IEEE Transactions on Network and Service Management.
prashantshukla01/Network_Security
This project aims to detect malicious network activity using Machine Learning-based Intrusion Detection. It focuses on analyzing network traffic data to classify whether behavior is normal or attack-related, helping organizations strengthen their cybersecurity posture.