An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

#cybersecurity #ivanti #vulnerabilitymanagement #vulnerability

Thanks @reverseics for the infographics and Ivanti for the continuous source of discoveries.

https://db.gcve.eu/vuln/CVE-2026-1603

Someone asked me, “Have you read the latest Dan Brown?” There’s actually a mention of MISP in The Secret of Secrets. And yes, it fits surprisingly well within the story. Alex Conan (who assists Jonas Faukman in the investigation) mentions that he detected the activity using FTK, and that the indicators were later reused by the threat actor (having a hit on a MISP instance).

@misp

#misp #danbrown #cybersecurity #threatintelligence

French government always talks about technological sovereignty…

https://www.lemonde.fr/en/france/article/2025/12/15/us-tech-firm-palantir-extends-deal-with-french-intelligence-agency_6748523_7.html

#palantir #french #sovereignty

Why it matters to create and maintain open-source infrastructure for security monitoring including collection of forums and malicious communication channels.

This is a strong example (Google dark web report is discontinued) of the risks of relying solely on commercial vendors. If a capability does not align with their business interests or generate sufficient revenue, it can be discontinued at any time. Open-source infrastructure helps ensure continuity, transparency, and long-term access to critical monitoring capabilities that are essential for the security community.

If you want to run your own "darkweb" monitoring, we develop open source tooling supporting such monitoring

• https://www.ail-project.org/ @ail_project
• https://github.com/ail-project

#darkweb #opensource #osint #cybersecurity

🔗 https://support.google.com/websearch/answer/16767242?hl=en&ref_topic=7028834&co=GENIE.Platform%3DiOS

🐍 Meet the new file identification package for Python!

Say hello to pure-magic-rs, the brand-new Python package that’s changing the game for file type detection!

✨ Safe – A reliable, pure Rust implementation of libmagic, ensuring high compatibility with existing magic rules.
🌍 Cross-Platform – No more headaches! Works seamlessly across all platforms without needing external dependencies or compiling C code.
📦 Self-Contained – Forget about managing external magic database files—it embeds its own, making setup a breeze.

Whether you're parsing unknown files, validating uploads, or building security tools, pure-magic-rs simplifies the process with safety, speed and accuracy.

Check it out and supercharge your file handling today: https://pypi.org/project/pure-magic-rs/

#Python #Rust #LibMagic #OpenSource

The MISP Galaxy now includes an updated knowledge base of UAVs and drones covering both civilian and military models.

It comes with detailed attributes such as manufacturer, cost, and technical specs.
You can now easily classify, model, and share UAV-related observations directly in MISP.

🔗 MISP UAVs overview - https://www.misp-galaxy.org/uavs/

Thanks to @Thanat0s for the huge contribution.

#misp #threatintel #threatintelligence #uav #military #intelligence

@misp

Imagine a threat intelligence report that concludes, ‘The target is three hops away, therefore it is the correct one.’ This is the method the Pentagon reportedly uses today: not only to identify targets, but also to justify and execute strikes.

🔗 https://theweek.com/politics/pentagon-name-boat-strike-casualties

Remember the tertiary people contacted and referenced in some interception cases in intelligence:

https://www.atlanticcouncil.org/blogs/new-atlanticist/three-hops-and-you-re-out/

Now it’s actually direct strikes on the tertiary people.

#threatintelligence #threatintel #us