Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cycognito

Emerging Threat: CVE-2025-15467 - OpenSSL CMS AuthEnvelopedData Stack-Based Buffer Overflow

Jan 31, 2026 By Amit Sheps In CyCognito
CVE-2025-15467 is a stack-based buffer overflow vulnerability in the Cryptographic Message Syntax (CMS) implementation of OpenSSL, specifically within handling of AuthEnvelopedData structures. The flaw occurs during parsing of attacker-controlled CMS messages where length fields are not sufficiently validated before being copied into fixed-size stack buffers.
Read Post
cycognito

Emerging Threat: CVE-2026-24061 - Telnet Authentication Bypass in GNU Inetutils

Jan 28, 2026 By Amit Sheps In CyCognito
CVE-2026-24061 is an authentication bypass vulnerability affecting the Telnet service provided by GNU Inetutils. The issue allows an unauthenticated remote attacker to bypass expected authentication checks and gain access to the Telnet service under certain conditions.
Read Post
cycognito

Domain-to-IP Volatility at Scale: A Study of 4 Million Enterprise Domains

Jan 27, 2026 By Zohar Venturero In CyCognito
Exposure management depends on the ability to consistently observe and attribute externally reachable systems. Domains are commonly treated as stable identifiers, resolving to IP addresses that can be associated with specific assets and monitored over time. In modern enterprise environments, this assumption increasingly fails. In many architectures, IP addresses function as routing mechanisms rather than stable identifiers, changing as traffic is distributed and infrastructure is rebalanced.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.