Vendor
high
advisory
Jupyter Notebook Authentication Token Theft via CommandLinker XSS
2 rulesA stored Cross-Site Scripting (XSS) vulnerability in Jupyter Notebook versions 7.0.0 through 7.5.5 and JupyterLab versions up to 4.5.6 allows attackers to steal authentication tokens by tricking users into interacting with malicious notebook files, leading to complete account takeover via the Jupyter REST API.
@jupyter-notebook/help-extension +4
xss
jupyter
authentication
account-takeover
vulnerability
2r
medium
advisory
Registry Persistence via AppInit DLL Modification
2 rules 2 TTPsModification of the AppInit DLLs registry keys on Windows systems allows attackers to execute code in every process that loads user32.dll, establishing persistence and potentially escalating privileges.
Microsoft Windows +6
persistence
defense-evasion
appinit-dlls
registry
windows
2r
2t
medium
advisory
LSASS Loading Suspicious DLL
2 rules 2 TTPs 9 IOCsDetection of LSASS loading an unsigned or untrusted DLL, which can indicate credential access attempts by malicious actors targeting sensitive information stored in the LSASS process.
Windows
credential-access
lsass
dll-injection
2r
2t
9i