Track CVEs, attack groups, malware, vendors and training in one place.
CybersecurityBoard.com brings together vulnerability intelligence, security news, MITRE ATT&CK group profiles, cyber events, certifications, training, products, companies and service providers.
CVE-2023-24489 is an unauthenticated vulnerability in Citrix ShareFile Storage Zones Controller that was actively exploited in 2023. CISA flagged it as exploited, leading Citrix to block unpatched controllers from the ShareFile cloud.
Researchers at firmware security firm Binarly have discovered six new vulnerabilities in U-Boot, the widely used bootloader for devices ranging from home…
A vulnerability in U-Boot's FIT image signature verification allowed a tampered image to swap in unsigned components, bypassing integrity checks. Patched in…
Security researcher Chinmohan Nayak has detailed a WhatsApp-to-host attack chain leveraging three now-patched vulnerabilities in the OpenClaw personal AI assistant. The flaws,…
A critical unpatched vulnerability, dubbed XRING, has been disclosed in XQUIC, Alibaba's open-source QUIC and HTTP/3 library. Discovered by FoxIO researcher Sébastien…
Progress Software has instructed ShareFile customers to immediately shut down Windows servers running Storage Zone Controllers in response to a credible external…
A 41-year-old former ransomware negotiator, Angelo Martino, has been sentenced to 70 months in prison for conspiring with the now-defunct BlackCat ransomware…
Datadog Security Labs has uncovered several overlapping campaigns that leverage dormant GitHub accounts—some created two to five years ago—to systematically enumerate corporate…
API SecurityCloud SecurityCVE-2026-46817CVE-2026-55200
The Clop ransomware group exploited a zero-day vulnerability in Progress MOVEit in 2023, impacting over 2,700 organizations. They are known for large-scale…
A sophisticated threat actor tracked as O-UNC-066 by Okta is targeting organizations across multiple sectors with a voice-based phishing (vishing) scheme that…
The China-linked cybercrime group Silver Fox has been attributed to a new Rust-based remote access trojan (RAT) called MODBEACON. Chinese cybersecurity company…
The MVPNalyzer framework was presented at the Network and Distributed System Security (NDSS) symposium in February 2026, detailing findings from a study…
EAL6+ is a high assurance level under the Common Criteria certification, indicating strong resistance to tampering. The Samsung S3D232A chip in Tangem…
Common CriteriaEAL6+secure elementsecurity certification
Injective Labs is a blockchain development company focused on decentralized finance (DeFi) and cryptocurrency solutions. Their SDK was compromised in a supply…
Binarly is a firmware security company that discovered six new vulnerabilities in U-Boot, including two code-execution flaws. They published advisories BRLY-2026-037 through…
Binarlyfirmware securityU-Bootvulnerability research
Exaforce MDR offers managed security operations using the same agentic AI platform as the in-house solution. Customers like Forcepoint have achieved 14-minute…