Coverage

Vulnerabilities

748 articles on vulnerability disclosures and exploits

Detecting Malicious Web Shells: Analysis of Persistence and TTPs

Discover how attackers use deceptive naming and pre-set credentials in web shells to maintain persistence and how to detect these malicious files on servers.

Runtime Rebel Intel

4 min read·Apr 8, 2026

CRITICAL

Vulnerabilities

Ivanti CSA 4.6 Exploited via CVE-2024-9380: Migration Required

Attackers are actively exploiting Ivanti CSA 4.6 via CVE-2024-9379 and CVE-2024-9380. Learn how to detect these command injection exploits and migrate to version 5.0.

Runtime Rebel Intel

3 min read·Apr 8, 2026

HIGH

Threat Intel

Storm-1175: High-Velocity Medusa Ransomware Campaigns

Runtime Rebel reports on Storm-1175's rapid Medusa ransomware campaigns, exploiting N-day and zero-day vulnerabilities for financial gain.

Runtime Rebel Intel

5 min read·Apr 8, 2026

CRITICAL

Vulnerabilities

CVE-2023-3800: RCE Vulnerability in Ninja Forms File Uploads Extension

Attackers are exploiting a critical unauthenticated file upload flaw in Ninja Forms File Uploads. Secure your WordPress site and mitigate RCE risks immediately.

Runtime Rebel Intel

3 min read·Apr 8, 2026

INFO

Threat Intel

AI's Impact on Software Supply Chain Security and Vulnerability Management

AI is set to revolutionize software development, enabling 'instant software' and advanced vulnerability detection, profoundly reshaping future cybersecurity strategies.

Runtime Rebel Intel

5 min read·Apr 7, 2026

Grafana AI Assistant Flaw Exposes User Data — Immediate Patch Required

HIGH

Vulnerabilities

Grafana AI Assistant Flaw Exposes User Data — Immediate Patch Required

Grafana patched an AI vulnerability where malicious instructions on web pages could trick its AI assistant into leaking sensitive user data. Immediate action needed.

Runtime Rebel Intel

4 min read·Apr 7, 2026

HIGH

Vulnerabilities

Mitsubishi Electric ICS Vulnerabilities Expose SQL Credentials

High-severity vulnerabilities (CVE-2025-14815, CVE-2025-14816) in Mitsubishi Electric ICS/SCADA products risk SQL credential exposure and data compromise.

Runtime Rebel Intel

4 min read·Apr 7, 2026

CRITICAL

Vulnerabilities

Android StrongBox DoS Vulnerability Patched – Update Now

A critical Denial-of-Service vulnerability in Android's StrongBox keymaster and Framework component has been patched. Immediate updates are crucial for device security.

Runtime Rebel Intel

4 min read·Apr 7, 2026

CRITICAL

Vulnerabilities

Critical Flowise Vulnerability: Arbitrary Code Execution and File Access

A critical vulnerability in Flowise allows attackers to execute arbitrary code and access file systems due to improper JavaScript validation. Patching is urgent.

Runtime Rebel Intel

4 min read·Apr 7, 2026

CVE-2026-34040: Docker AuthZ Bypass and Host Access — Patch Now

HIGH

Vulnerabilities

CVE-2026-34040: Docker AuthZ Bypass and Host Access — Patch Now

Attackers can bypass Docker Engine AuthZ plugins via CVE-2026-34040, an incomplete fix for CVE-2024-41110. Secure your container host with this guide.

Runtime Rebel Intel

3 min read·Apr 7, 2026

HIGH

Malware

Medusa Ransomware: Rapid Vulnerability Weaponization and Analysis

An analysis of Medusa ransomware's rapid exploitation of vulnerabilities and Zero-Day bugs to exfiltrate and encrypt data within days of initial access.

Runtime Rebel Intel

3 min read·Apr 7, 2026

HIGH

Vulnerabilities

GPUBreach Attack: Exploiting GPU Rowhammer for Root Shell Access

Research reveals GPUBreach, a technique using GPU-based Rowhammer to achieve root shell access and privilege escalation on shared memory systems.

Runtime Rebel Intel

4 min read·Apr 7, 2026