Tools & Techniques
9 articles
HIGHMetasploit Adds Vim Plugin Persistence, Exploits for Three CVEs
Rapid7's Metasploit Framework adds Vim plugin persistence, exploits for CVE-2025-6793 (Marvell QConvergeConsole), CVE-2024-48760 (GestioIP), and CVE-2023-30253 (Dolibarr).
HIGHSignal Adds In-App Warnings to Block Russian-Linked Phishing Attacks
Signal introduced new in-app confirmations and warnings to counter phishing attacks linked to Russian state hackers who abused the Linked Device feature to hijack high-profile...
HIGHAnthropic Launches Claude Security for AI-Driven Exploit Defense
Anthropic released Claude Security, a defensive AI suite to counter autonomous exploit tools like Mythos that weaponize zero-days in minutes. Targets enterprise SOCs.
HIGHPalo Alto Networks Zealot AI Agent Autonomously Hacks Cloud Systems
Palo Alto Networks researchers built Zealot, a multi-agent AI penetration testing PoC that autonomously performs reconnaissance, exploitation, and data exfiltration on cloud…
INFORMATIONALNAKIVO Backup & Replication v11.2 Adds Ransomware Defense and Proxmox Support
NAKIVO Inc. has released version 11.2 of its Backup & Replication platform, introducing a ransomware defense module, support for Proxmox VE 9.0, and performance enhancements for VMware vSphere 9 environments.
INFORMATIONALGitLab 18.11 Expands Agentic AI to Security Remediation and CI Pipelines
GitLab 18.11 integrates agentic AI across the software lifecycle, automating security fix generation and CI/CD pipeline configuration, aiming to address the 'AI paradox' of rapid code creation outpacing security and delivery.
INFORMATIONALLegitify Open-Source Tool Scans GitHub, GitLab for Security Misconfigurations
Legit Security releases Legitify, an open-source scanner that identifies security misconfigurations in GitHub and GitLab organizations, repositories, and CI/CD runners to combat software supply chain risks.
INFORMATIONALMITRE F3 Framework Bridges Cybersecurity and Fraud Analysis
MITRE released the Fight Fraud Framework (F3), a unified knowledge base mapping the intersection of cyber attack tactics and financial fraud, aiming to close the operational gap between security and fraud teams.
INFORMATIONALMetasploit Framework Expands with Cisco, osTicket Exploits and LDAP Enhancements
The latest Metasploit Framework release introduces exploit modules for Cisco Catalyst SD-WAN and osTicket, alongside significant improvements to LDAP/ADCS data collection and Windows persistence techniques.