Author: DEFENDEDGE

  • How Threat Actors Are Abusing Microsoft Entra ID Self-Service Password Reset (SSPR) to Compromise Cloud Environments

    How Threat Actors Are Abusing Microsoft Entra ID Self-Service Password Reset (SSPR) to Compromise Cloud Environments

    DEFENDEDGE

    Threat actors are increasingly leveraging Microsoft Entra ID’s Self-Service Password Reset (SSPR) feature to conduct highly targeted, identity-driven attacks. Advanced threat groups, such as Storm-2949, have demonstrated how legitimate account recovery functionality can be manipulated to gain access to high-value executive and IT accounts. Once access is obtained, attackers move beyond traditional account compromise, targeting… Read more

  • Vulnerability Summary for the Week of May 25, 2026

    DEFENDEDGE

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1Panel-dev–MaxKB MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB’s webhook trigger endpoint (/api/trigger/v1/webhook/{trigger_id}) is accessible without authentication. The WebhookAuth class unconditionally returns (None, {}), which Django REST Framework interprets as successful authentication. Combined with optional per-trigger token verification and no… Read more

  • Supply Chain Compromises Impact Nx Console and GitHub Repositories

    DEFENDEDGE

    CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development (CI/CD) pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code (VS Code) extension and the “Megalodon” supply chain intrusion campaign, demonstrate how cyber threat actors are abusing tools and… Read more

  • Vulnerability Summary for the Week of May 18, 2026

    DEFENDEDGE

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 10-Strike–Network Inventory Explorer 10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string with… Read more

  • Emerging Cyber Threat Trends Global SOC Teams Should Prepare For

    Emerging Cyber Threat Trends Global SOC Teams Should Prepare For

    DEFENDEDGE

    Cybercriminals are leveraging new technologies, targeting new industries, and exposing operational weaknesses. The evolving threat landscape spans healthcare, finance, government, manufacturing, education, and critical infrastructure. No industry is safe from ransomware, supply chain compromise, cloud misconfiguration, social engineering, and nation-state activity. Global SOC teams need to look beyond detecting the latest threats. Building and scaling… Read more

  • Vulnerability Summary for the Week of May 11, 2026

    DEFENDEDGE

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info acl–ACL Analytics ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to… Read more

  • Vulnerability Summary for the Week of May 4, 2026

    DEFENDEDGE

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info gotenberg–gotenberg Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata keys for control characters but leaves metadata values unsanitized. A newline character in a metadata value splits the ExifTool stdin line… Read more

  • Vulnerability Summary for the Week of April 27, 2026

    DEFENDEDGE

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info n/a– OVMS3 3.3.005 Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via… Read more

  • Using AI Responsibly: Risks, Incidents, and Controls

    Using AI Responsibly: Risks, Incidents, and Controls

    DEFENDEDGE

    Summary AI chatbots, including Claude, ChatGPT, or any other AI-powered chatbot, carry the inherent risk of unauthorized data exposure/loss. Since the introduction of AI chatbots to the public, multiple incidents have occurred that have either directly or indirectly resulted in unwanted data exposure. Non-exhaustive but impactful ways to reduce risk can be with AI usage… Read more

  • Vulnerability Summary for the Week of April 20, 2026

    DEFENDEDGE

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Thinkphp–ThinkPHP ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can craft requests to the index.php endpoint with malicious function parameters to execute system commands with… Read more