Track CVEs, attack groups, malware, vendors and training in one place.
CybersecurityBoard.com brings together vulnerability intelligence, security news, MITRE ATT&CK group profiles, cyber events, certifications, training, products, companies and service providers.
CVE-2021-29441 is an authentication bypass vulnerability in Alibaba's Nacos configuration service. It allows attackers to bypass authentication and gain administrative access. The…
CVE-2024-49113 was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber news, CVEs, malware,…
A high-severity remote code execution vulnerability in Microsoft SharePoint Server caused by deserialization of untrusted data. CVSS score 8.8. Exploited in the…
Identity lifecycle management (ILM) was architected around human principals with employment records, managers, and departure dates. AI agents have none of these,…
access managementActive DirectoryAI AgentsAmazon Web Services
Microsoft has announced an acceleration of its quantum-safe security roadmap, moving the target for transitioning critical products and services to post-quantum cryptography…
The 2026 Bitdefender Cybersecurity Assessment, based on a survey of 1,200 IT and cybersecurity professionals across six countries, reveals a significant gap…
Palo Alto Networks' Unit 42 has identified a new attack vector called 'phantom squatting,' where threat actors register AI-hallucinated domains that do…
AI Hallucinationbrand impersonationCVE-2026-20245Domain Security
The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were…
An independent survey of 1,200 IT and cybersecurity professionals across six countries, revealing contradictions in AI visibility, attack surface reduction, threat prioritization,…
PCI DSS v4.0.1 introduced requirements 6.4.3 and 11.6.1, mandating that merchants inventory, authorize, and verify the integrity of all scripts on payment…
Agentic AI represents a paradigm shift in offensive cybersecurity, where AI tools no longer require human operators to execute attacks. Unlike previous…
Microsoft Visual Studio's VSTestVideoRecorder.exe was abused by Umbrij malware for DLL side-loading. Visual Studio is an integrated development environment from Microsoft.
development toolDLL side-loadingMicrosoft Visual Studio
Bitdefender ConnectAgent's BDSubWiz.exe was used by Umbrij malware for DLL side-loading. ConnectAgent is a component of Bitdefender's endpoint security solutions.
ServiceNow is a cloud-based IT service management (ITSM) platform. Its HR Service Delivery module integrates with identity governance systems to manage employee…
AutoGen was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber news, CVEs, malware,…
Proton Mail is an encrypted email service based in Switzerland. The JADEPUFFER ransom note included a Proton Mail contact address (e78393397@proton.me) for…
Europol was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber news, CVEs, malware,…
Nokia Deepfield Emergency Response Team was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related…