Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Vulnerability Disclosure

20 articles

CSO Online Vulnerability Disclosure Amazon Jun 23

OpenAI rolls out AI-led push to fix open-source software flaws

OpenAI has launched a program with cybersecurity firm Trail of Bits to use AI to find and fix vulnerabilities in widely used open-source software, as enterpr...

T1195

CSO Online →

Help Net Security Vulnerability Disclosure Jun 23

OpenAI wants AI to fix vulnerabilities, not just find them

OpenAI expanded Daybreak, its cybersecurity initiative that combines AI models, Codex Security, security researchers, maintainers, industry partners, and acc...

Help Net Security →

GBHackers Vulnerability Disclosure Jun 23

OpenAI Launches Daybreak to Automate Vulnerability Patching With GPT-5.5-Cyber

OpenAI has announced Daybreak, a new cybersecurity initiative aimed at automating vulnerability patching on a large scale using its latest GPT-5.5-Cyber model.

GBHackers →

Elastic Security Labs Vulnerability Disclosure Jun 23

From vulnerability report to CVE draft in minutes: how Elastic automated security advisories with AI

How Elastic's security team built an AI agent with RAG against MITRE's CWE and CAPEC catalogues to draft CVE advisories from raw vulnerability reports, inclu...

Elastic Security Labs →

CSO Online Vulnerability Disclosure GitHub Jun 22

GitHub Actions hardens checkout security to block ‘pwn request’ attacks

Stung by a surge in cyberattacks that have run amok in developer environments, GitHub has strengthened the security of actions/checkout to block ‘pwn request...

CSO Online →

SC Media Vulnerability Disclosure Jun 22

Squid proxy vulnerability dubbed Squidbleed discovered

Squidbleed allows an attacker to read beyond the boundary of a memory buffer within Squid's FTP parser.

SC Media →

Unit 42 Vulnerability Disclosure Jun 22

The Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration

Unit 42 research details how attackers could exploit global name uniqueness in bucket hijacking to redirect cloud data streams across major CSPs. The post Th...

T1041

Unit 42 →

BleepingComputer Vulnerability Disclosure Jun 22

FFmpeg fixes PixelSmash flaw in widely used video decoder

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also tri...

T1190

BleepingComputer →

BleepingComputer Vulnerability Disclosure Microsoft Jun 22

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executin...

BleepingComputer →

Cisco Advisories Vulnerability Disclosure Cisco Jun 22

Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center En...

T1598

Cisco Advisories →

Infosecurity Magazine Vulnerability Disclosure Apple Jun 22

Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips

Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices

Infosecurity Magazine →

SC Media Vulnerability Disclosure WordPress Jun 22

WordPress plugin Gravity SMTP exploited for sensitive information disclosure

The vulnerability resides in an exposed REST API endpoint within the Gravity SMTP plugin.

SC Media →

SecurityWeek Vulnerability Disclosure Jun 22

Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data

Squidbleed, discovered with the aid of Claude Mythos Preview, has been described as a Heartbleed-style vulnerability. The post Decades-Old Squid Proxy Flaw ‘...

SecurityWeek →

SecurityWeek Vulnerability Disclosure WordPress Jun 22

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Vulnerable WordPress plugin iterations leak API keys, secrets, tokens, server information, and other data. The post Attackers Exploit Gravity SMTP Plugin Fla...

SecurityWeek →

SecurityWeek Vulnerability Disclosure Apple Jun 22

New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones

The vulnerability exploited by the Usbliter8 exploit cannot be patched and a PoC exploit has been released by researchers. The post New Exploit Bypasses Appl...

SecurityWeek →

Security Affairs Vulnerability Disclosure Apple Jun 22

usbliter8 Brings Unpatchable BootROM Exploit to Apple A12 and A13 Devices

usbliter8 is an unpatchable BootROM exploit affecting A12/A13 devices, enabling code execution and extending checkm8-like risks to newer iPhones. Security re...

Security Affairs →

GBHackers Vulnerability Disclosure Jun 22

GlassWorm Uses Blockchain-Based C2 and Invisible Unicode to Steal Developer Secrets

A trio of coordinated campaigns a JetBrains fake AI assistant campaign, the GlassWorm self‑propagating worm, and the compromised Nx Console Visual Studio Cod...

T1566 T1078

GBHackers →

Help Net Security Vulnerability Disclosure Fortinet Splunk Jun 21

Week in review: 74k Fortinet firewall credentials stolen, Splunk Enterprise RCE under active attack

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A hardware neural network backdoor that hides in plain sigh...

Help Net Security →

GBHackers Vulnerability Disclosure Microsoft Jun 20

AutoJack Exploit Chain Hits Microsoft AutoGen Studio With Zero-Click RCE Attack

A critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft’s AutoGen Studio browsing agent and silently execute arb...

GBHackers →

BleepingComputer Vulnerability Disclosure WordPress Jun 19

Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin

Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. [.

BleepingComputer →

«Previous page 1 ... 8 9 10 11 12 ... 44 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA