OpenSourceMalware.com - Community Threat Intelligence opensourcemalware.com

🚨CVE-2026-21962 (CVSS 10.0 critical unauth RCE) disclosed in various Oracle products (HTTP Server, Weblogic Proxy plugin) No POCs exists as of right now - perfect time to deploy some honeypots! We've added a Oracle HTTP Server stream into Defused 🍯 console.defusedcyber.com/signup

🛠️ Microsoft Launches Open-Source WinApp CLI to Streamline Windows App Development Source: cybersecuritynews.com/microsoft-wina… Microsoft has unveiled the public preview of WinApp CLI (winapp), a new open-source command-line tool designed to simplify Windows app development for developers

‼️CVE-2026-24061: Telnet RCE Exploit GitHub: github.com/SafeBreach-Lab… This script exploits the CVE-2026-24061 vulnerability in Telnet servers using a malformed USER environment variable. CVSS: 9.8 Usage: python telnet_rce.py <host> [-p <port>] Arguments: host: Target IP

🚨 The watchTowr team is rapidly reacting to CVE-2026-1281 & CVE-2026-1340 - unauth RCE vulnerabilities within Ivanti's Endpoint Manager Mobile (EPMM). Active watchTowr Platform clients have been made aware of their exposure - reach out via the watchTowr website for support.

🚨 Ivanti has released fixes for 2 critical EPMM vulns (CVE-2026-1281, CVE-2026-1340) enabling unauthenticated remote command execution. Active exploitation already observed. Track exploit activity live via our Ivanti EPMM honeypot intel feed 👉 console.defusedcyber.com/intel

‼️ CVE-2025-1974: Kubernetes IngressNightmare Vulnerability CVSS: 9.8 PoC: github.com/hakaioffsec/In… PoC Published: March 26th, 2026

⚠️ FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication Source: cybersecuritynews.com/fortios-ldap-a… Fortinet has disclosed a high-severity authentication bypass vulnerability in FortiOS, tracked as CVE-2026-22153 (FG-IR-25-1052), that could allow

imho Trade Workstation is the best FREE Trading Journal in the industry right now Free forever No 14 day trial bullshit Modern clean UI. And this isn’t even the final form Give it a few months, it’s going to look stupidly next level. use for FREE: app.tradeworkstation.com

I found a vulnerability in Oracle VirtualBox (CVE-2026-21957) back in September 2025. It can be turned into AAR/AAW, and then escaping the VM is pretty easy. I originally planned to find a vulnerability for Pwn2Own, but since I found the vuln in September, sitting on a practical

Cyber Islamic Resistance channel is claiming the formation of an alliance involving multiple hacktivist groups (incl. RipperSec, Cyb3rDrag0nzz, APT IRAN, Cyber Fattah, and others). As of this post, many of these groups appear inactive, but the announcement suggests potential

อะไรที่ทำให้​ อิสราเอลถึงสามารถรู้ตำแหน่งท่านคาเมเนอี​ ผู้นำ​สูงสุด​ของ​อิหร่าน​ได้แบบ​ real time​ ก่อนที่จะส่งขีปนาวุธ​ยิงถล่มอาคารที่จัดประชุมลับ​ ทั้งที่ควรจะเป็นความลับสุดยอด​ นักวิเคราะห์มอง​ เกิดจาก 3 ปัจจัยหลัก ​1. มี "หนอนบ่อนไส้" ระดับสูงภายใน​ IRGC

Proofpoint reveals Iran-aligned TA453 is exploiting Operation Epic Fury to launch targeted credential phishing campaigns against U.S. think tanks. #OperationEpicFury #TA453 #CharmingKitten #APT42 #CyberEspionage securityonline.info/iran-aligned-t…

🚨 FortiGate Firewalls Exploited in Wave of Attacks to Breach Networks & Steal Credentials Source: cybersecuritynews.com/fortigate-fire… A series of intrusions in early 2026 in which threat actors compromised FortiGate Next-Generation Firewalls (NGFW) to establish persistent footholds

FBI Watchdog 3.0.0: A multi-layered domain monitoring tool that detects law enforcement seizures, DNS changes, HTTP fingerprint shifts, WHOIS record mutations, and IP address changes across clearnet domains and Tor onion sites. github.com/DarkWebInforme…

🎉 Hundreds of new malicious browser extensions added to extsentry.github.io !

CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE #BugBounty #CyberSecurity

🚨 Bug Bounty / Red Team Tip CVE-2026-21643 — Critical Pre-Auth SQL Injection (CVSS 9.1) in FortiClient EMS 7.4.4 (multi-tenant mode only) Unauthenticated attackers can inject arbitrary SQL via the Site HTTP header to the public endpoint /api/v1/init_consts (or login endpoint).

This is my free tool github.com/The-XSS-Rat/su…