Threats Tagged 'yara rules'
View all threats tagged with 'yara rules'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'yara rules'
Click on any threat for detailed analysis and mitigation recommendations
How to defend ARM64 cloud infrastructureCVE-2026-46316 0 CVE-2026-46316 (ITScape) is a guest-to-host escape vulnerability in the vGIC-ITS emulation within KVM on ARM64 architectures. It arises from a race condition in the vgic_its_invalidate_cache() function causing a double-put use-after-free, which enables execution of host kernel code. The flaw exists in the in-kernel KVM component rather than QEMU user-space, allowing successful exploitation to grant host kernel privileges. This poses a significant risk to multi-tenant ARM64 cloud environments. The vulnerability can be chained with local privilege escalation when guest root access is unavailable. The affected kernel versions range from commit 8201d1028caa through 13031fb6b835, where the patch was applied. Detection is aided by two YARA rules targeting proof-of-concept constants and privilege drop behavioral patterns. Join the discussion | AlienVault OTX General | 06/12/2026, 16:57:58 UTC Added: 06/15/2026, 18:45:13 UTC |
Showing 1 to 1 of 1 result