socradar.io
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-06-05.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-06-05 2026 | CVE-2026-20230: Cisco Unified CM WebDialer SSRF Can Lead to Root-Level CompromiseSSRF | Writeup of CVE-2026-20230, a critical SSRF vulnerability in Cisco Unified CM and SME, enabling root-level compromise through arbitrary file writes. Exploitation requires the WebDialer service to be enabled, though it is disabled by default. Public Proof-of-Concept exploit code exists, making patching or disabling WebDialer the recommended immediate actions. Targeted monitoring for SSRF and post-exploitation signals can also aid defenders. |
| 2026-05-17 2026 | CVE-2026-42945: NGINX Rewrite Heap Overflow Enables Remote DoS & Potential RCERCE | Writeup of CVE-2026-42945, an NGINX rewrite heap overflow vulnerability, details its exploitation via crafted HTTP requests, particularly when using unnamed PCRE captures with a question mark in the replacement string. This flaw, present in versions from 0.6.27 through 1.30.0, can lead to Denial of Service through worker crashes or potential Remote Code Execution, especially with ASLR disabled. A proof-of-concept demonstrating RCE has been published. |
| 2026-04-27 2026 | OSINT Tools for Cybersecurity: A Practical Guide for Security TeamsOSINT | Library of OSINT tools for cybersecurity teams, categorized by function: Domain and IP Intelligence (Shodan, DNSDumpster), Email and Credential Exposure (Have I Been Pwned, Holehe), People and Social Media Intelligence (Maltego, Sherlock), Dark Web and Paste Site Monitoring (SOCRadar, IntelligenceX), and Metadata and Search Engine Intelligence (Google Hacking Database, ExifTool). It also highlights key websites like osintframework.com and crt.sh, and details a practical investigation workflow emphasizing initial question framing and passive reconnaissance. |
| 2026-04-22 2026 | Axios npm Hijack 2026: Everything You Need to KnowSupply Chain | Analysis of the Axios npm Hijack 2026 details a sophisticated supply chain attack where threat actors compromised the lead maintainer's npm account, publishing malicious versions of the popular JavaScript library. These versions, [email protected] and [email protected], silently installed a cross-platform RAT (SILKBELL and WAVESHAPER.V2) via a hidden dependency upon `npm install`. The attack, attributed to UNC1069, bypassed standard CI/CD security by directly publishing to the npm registry using a stolen access token, highlighting the importance of OIDC provenance and SLSA checks. |
| 2026-04-22 2026 | CVE-2025-68664: Critical LangChain Flaw Enables Secret ExtractionPython | Writeup of CVE-2025-68664, a critical serialization injection vulnerability in LangChain Core, enabling secret extraction and unintended object instantiation. The flaw, stemming from improper handling of the "lc" key during data serialization and deserialization, affects Python versions >= 1.0.0 and < 1.2.5 and < 0.3.81, and a similar issue, CVE-2025-68665, impacts LangChain.js. Exploitation involves crafting attacker-controlled LLM outputs that masquerade as trusted objects, leading to risks like secret leakage and network operations. Patched versions implement deserialization allowlists and disable environment-based secret loading by default. |
| 2026-04-11 2026 | December 2025 Android Security Bulletin: Two Zero-Day Flaws ExploitedMobile | Analysis of the December 2025 Android Security Bulletin, detailing over 100 vulnerabilities. This release highlights two zero-day Framework exploits, CVE-2025-48633 (information disclosure) and CVE-2025-48572 (elevation of privilege), which are under limited, targeted exploitation across Android 13-16. The bulletin also addresses a critical Framework DoS (CVE-2025-48631), kernel privilege escalations (including pKVM and IOMMU issues), and vendor-specific flaws in Arm, Imagination GPU, MediaTek, Unisoc, and Qualcomm components. |