Indicators of Compromise

Check Point Research 📡 RSS Apr 20

20th April – Threat Intelligence Report

Domains: booking.com

Check Point Research →

Infosecurity Magazine 📡 RSS Apr 20

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

CVEs: CVE-2024-3721

Infosecurity Magazine →

Fortinet Blog 📡 RSS Apr 17

Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign

CVEs: CVE-2024-3721 CVE-2017-17215

Fortinet Blog →

Unit 42 📡 RSS Apr 16

A Deep Dive Into Attempted Exploitation of CVE-2023-33538

CVEs: CVE-2023-33538

Unit 42 →

Rapid7 Blog 📡 RSS Apr 16

CVE-2026-33032: Nginx UI Missing MCP Authentication

CVEs: CVE-2026-33032

Rapid7 Blog →

Cisco Advisories 📡 RSS Apr 15

Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Domains: sec.cloudapps.cisco.com

Cisco Advisories →

Infosecurity Magazine 📡 RSS Apr 15

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

CVEs: CVE-2026-33032

Infosecurity Magazine →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability

CVEs: CVE-2026-22898

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-291: NI LabVIEW LVCLASS File Parsing Memory Corruption Remote Code Execution Vulnerability

CVEs: CVE-2026-32861

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-290: NI LabVIEW LVLIB File Parsing Memory Corruption Remote Code Execution Vulnerability

CVEs: CVE-2026-32860

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-289: Linux Kernel ETS Scheduler Race Condition Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71066

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-288: DriveLock Directory Traversal Information Disclosure Vulnerability

CVEs: CVE-2026-5492

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-287: DriveLock Directory Traversal Information Disclosure Vulnerability

CVEs: CVE-2026-5491

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-286: DriveLock SQL Injection Privilege Escalation Vulnerability

CVEs: CVE-2026-5490

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-285: DriveLock Directory Traversal Information Disclosure Vulnerability

CVEs: CVE-2026-5489

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-284: DriveLock Directory Traversal Information Disclosure Vulnerability

CVEs: CVE-2026-5487

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-283: GStreamer qtdemux Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-5056

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-282: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-2050

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-281: Microsoft vcpkg OpenSSL Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2026-34054

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-280: (Pwn2Own) HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-4682

Zero Day Initiative →