For several years, we have offered a “new domain” list of recently registered (or, more accurately, recently discovered) domains. This list is offered via our API (https://isc.sans.edu/api). However, the size of the list has been causing issues, resulting in a “cut-off” list being returned. To resolve this issue, I updated the API call. It is…
By: Dikla Barda, Roaman Zaikin & Oded Vanunu On November 3, 2025, Check Point Research’s blockchain monitoring systems detected a sophisticated exploit targeting Balancer V2’s ComposableStablePool contracts. The attacker exploited arithmetic precision loss in pool invariant calculations to drain $128.64 million across six blockchain networks in under 30 minutes. The attack leveraged a rounding error…
ISC Stormcast For Wednesday, November 5th, 2025 https://isc.sans.edu/podcastdetail/9686, (Wed, Nov 5th) Source link
Losing connection to the internet can be frustrating. For some of us, the WiFi going down just means rebooting the router and getting back to browsing within a few minutes — but in other cases, losing access to the internet is more serious and prolonged. What happens when the internet goes down during a moment…
By Andrey Charikov and Oded Vanunu Key Findings: Check Point Research uncovered four vulnerabilities in Microsoft Teams that allow attackers to impersonate executives, manipulate messages, alter notifications, and forge identities in video and audio calls. Both external guest users and malicious insiders could exploit these flaws, fundamentally breaking trust in a platform used by 320M+…
CVE-2025-31199: An app may be able to access sensitive user data. Affects Spotlight x CVE-2025-43292: An app may be able to access sensitive user data. Affects CoreMedia …
ISC Stormcast For Tuesday, November 4th, 2025 https://isc.sans.edu/podcastdetail/9684, (Tue, Nov 4th) Source link
Arti is our ongoing project to create a next-generation Tor implementation in Rust. We’re happy to announce the latest release, Arti 1.7.0. Arti 1.7.0 stabilizes the onion service restricted discovery feature, previously known as “client authorization”. This requires Arti to be built with the restricted-discovery feature enabled, and for the appropriate configuration options to be…
70 TB+ of data, hard-coded keys, and weak IAM controls. For even the most experienced enterprises, one configuration decision can be enough to surface how interdependent and vulnerable modern cloud systems truly are. The recent data exposure incident at a large automotive firm highlights this reality, an incident shaped less by exploitation and more by…
XWiki describes itself as “The Advanced Open-Source Enterprise Wiki” and considers itself an alternative to Confluence and MediaWiki. In February, XWiki released an advisory (and patch) for an arbitrary remote code execution vulnerability. Affected was the SolrSearch component, which any user, even with minimal “Guest” privileges, can use. The advisory included PoC code, so it is…
