Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Vulnerability Disclosure

20 articles

BleepingComputer Vulnerability Disclosure Microsoft Jul 2

CISA: Microsoft SharePoint RCE flaw now actively exploited

CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution vulnerability patched in May. [.

T1190

BleepingComputer →

SecurityWeek Vulnerability Disclosure Cisco Jul 2

Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability

A PoC exploit has been available since public disclosure, and the first exploitation attempts were observed last week. The post Cisco Confirms In-the-Wild Ex...

SecurityWeek →

GBHackers Vulnerability Disclosure Jul 2

JetBrains Patches Critical Hub Authentication Bypass and Account Takeover Vulnerabilities

JetBrains has released patches for several critical vulnerabilities in JetBrains Hub that could allow for full authentication bypass, account takeover, and u...

T1548 T1556

GBHackers →

Security Affairs Vulnerability Disclosure Amazon Adobe Jul 2

Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic

Adobe fixed multiple critical flaws, including max severity bugs in ColdFusion and Campaign Classic that could lead to remote code execution Adobe has releas...

T1190

Security Affairs →

GBHackers Vulnerability Disclosure Apple Jul 2

Apple Hide My Email Vulnerability Lets Attackers Reveal Users’ Real Email Addresses

Apple’s Hide My Email privacy feature currently faces a significant flaw that may expose users’ real email addresses, compromising one of iCloud+’s core anon...

GBHackers →

The Hacker News Vulnerability Disclosure GitHub Jul 2

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in...

The Hacker News →

GBHackers Vulnerability Disclosure GitHub Jul 2

ChocoPoC Campaign Abuses GitHub PoC Repositories to Steal Browser Credentials

A coordinated supply-chain campaign has been weaponizing GitHub proof-of-concept (PoC) repositories to compromise vulnerability researchers and penetration t...

GBHackers →

Help Net Security Vulnerability Disclosure Jul 2

What the AI patch gap means for enterprise security

Open-source maintainers are receiving more vulnerability reports than they can act on, and a rising share now comes from an AI system working at machine spee...

Help Net Security →

SC Media Vulnerability Disclosure Apple Amazon Jul 1

Apple releases early security updates, citing AI-driven exploit acceleration

The updates address critical flaws in WebKit, the rendering engine for Safari and other applications on Apple devices.

SC Media →

SC Media Vulnerability Disclosure Jul 1

Major Russian-language cybercrime forum XSS.is shut down, alleged admin arrested

Europol coordinated the operation, dubbed Ratatouille, which dismantled XSS.is, a forum with over 50,000 members.

SC Media →

SC Media Vulnerability Disclosure Jul 1

Shell injection flaw found in 10 of 11 open-source AI agents

The GuardFall vulnerability stems from a fundamental mismatch between how security filters inspect commands and how the Bash shell interprets and executes them.

SC Media →

SC Media Vulnerability Disclosure Jul 1

Progress Kemp LoadMaster vulnerability actively exploited

The operating system command injection flaw, with a CVSS score of 9.6, enables unauthenticated attackers to execute arbitrary commands on the LoadMaster appl...

T1059

SC Media →

BleepingComputer Vulnerability Disclosure Jul 1

Webinar: Why traditional email security is no longer enough

Modern phishing, business email compromise, and account takeover attacks increasingly exploit trusted identities and legitimate business workflows, making th...

T1566 T1598

BleepingComputer →

Cisco Advisories Vulnerability Disclosure Cisco Docker Jul 1

Cisco Catalyst Center Arbitrary File Read Vulnerability

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerabil...

Cisco Advisories →

The Hacker News Vulnerability Disclosure Amazon Adobe Jul 1

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolv...

T1548

The Hacker News →

GBHackers Vulnerability Disclosure Microsoft Jul 1

ToddyCat Uses Shadow Token via Remote Debug to Compromise Gmail Accounts

ToddyCat, an advanced persistent threat group long associated with targeted espionage against corporate environments, has evolved its toolkit to exploit OAut...

GBHackers →

Security Affairs Vulnerability Disclosure Jul 1

GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents

Researchers found a shell injection flaw in 10 of 11 popular open-source AI agents, allowing attackers to bypass command filters.

Security Affairs →

GBHackers Vulnerability Disclosure Amazon GitHub Jul 1

Fluentd Security Flaws Enable Remote Code Execution, SSRF, DoS, and Credential Exposure

Fluentd, a widely used open-source data collector for unified logging, has reported several high-impact vulnerabilities that could enable attackers to achiev...

T1190

GBHackers →

GBHackers Vulnerability Disclosure Jul 1

New RustDuck Botnet Targets IoT Devices and Servers With Weak Passwords and RCE Exploits

A sophisticated new botnet family dubbed RustDuck emerged in early 2026, leveraging a two-stage Loader and Core architecture to compromise IoT devices, route...

T1190

GBHackers →

Unit 42 Vulnerability Disclosure Jul 1

Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector

Attackers can exploit LLM domain hallucinations through phantom squatting to target supply chains. Read the analysis to learn more.

T1195

Unit 42 →

«Previous page 1 ... 4 5 6 7 8 ... 44 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA