Blind SSRF/DoS in Java TLS x509 AIA Extension
Blind SSRF/DoS in Java TLS x509 AIA Extension A Blind Server-Side Request Forgery (SSRF) vulnerability exists in Oracle Java 21. The vulnerability, which leads...
[R1] Nessus Agent Versions 11.0.3 and 10.9.3 Fix One Vulnerability
Nessus Agent Versions 11.0.3 and 10.9.3 Fix One Vulnerability Arnie Cabral Wed, 01/07/2026 - 08:47
A vulnerability has been identified in the installation/uninstallation...
Trend Micro Apex Central Multiple Vulnerabilities
Trend Micro Apex Central Multiple Vulnerabilities CVE-2025-69258: MsgReceiver.exe LoadLibraryEx RCE (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)MsgReceiver.exe listens on default TCP port 20001 and accepts messages having the following structures://...
Google Cloud Platform (GCP) Cloud Monitoring PE to Cloud Run Using Uptime Checks Service...
Google Cloud Platform (GCP) Cloud Monitoring PE to Cloud Run Using Uptime Checks Service Agent Authentication Tenable Research has identified and responsibly disclosed a...
Google Cloud Platform (GCP) Cloud Monitoring Cross-Tenant BigQuery Leak with Custom Dashboard
Google Cloud Platform (GCP) Cloud Monitoring Cross-Tenant BigQuery Leak with Custom Dashboard Tenable Research has identified and responsibly disclosed a data exfiltration vulnerability in...
[R1] Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.1
Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.1 Jason Schavel Wed, 09/24/2025 - 10:34
Security Center leverages third-party...
Google Cloud Platform (GCP) Dialogflow Service Agent Token Leak and Abuse Through Conversational Agents
Google Cloud Platform (GCP) Dialogflow Service Agent Token Leak and Abuse Through Conversational Agents Tenable Research has identified and responsibly disclosed a critical privilege...
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant BigQuery Leak with Log Analytics
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant BigQuery Leak with Log Analytics Tenable Research has identified and responsibly disclosed a data exfiltration vulnerability in...
[R1] Tenable Patch Management Fixes One Vulnerability
Tenable Patch Management Fixes One Vulnerability Jason Schavel Wed, 09/24/2025 - 14:46
Tenable Patch Management leverages third-party software to help provide underlying functionality....
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant Denial of Wallet with Log Analytics
Google Cloud Platform (GCP) Cloud Logging Cross-Tenant Denial of Wallet with Log Analytics Tenable Research has identified and responsibly disclosed a Denial of Wallet...
Latest article
Why AI, Zero Trust, and modern security require deep visibility
AI. Automation. Zero Trust. They dominate every security strategy document. But there’s a truth sitting underneath all three: none of them...
Samsung MagicINFO Server Multiple Vulnerabilities
Samsung MagicINFO Server Multiple Vulnerabilities MagicINFO User Credential Disclosure (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)NOTE: Samsung mentioned this item may have been fixed with version 21.1090.1, but we were...
Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files
Researchers say a vulnerability in Perplexity’s Comet AI browser could expose local files and credentials through malicious calendar invites.
The post Perplexity AI Browser Flaw...
Tycoon 2FA Phishing Kit Disrupted by Microsoft, Europol and Partners
Microsoft, Europol, and partners have dismantled the Tycoon 2FA phishing-as-a-service (PhaaS) platform, seizing 330 domains used for credential theft and MFA bypass. This coordinated...
