{"uuid": "2f2a2a45-854a-46c3-8846-933504f5fd0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6973", "type": "seen", "source": "https://gist.github.com/VortekOffensive/1f75446dc7e61026798ddbe15ec12e1f", "content": "# /ROOT/osint-targets/INTEL_SOURCES.md\n## > REFERENCIAS Y TELEMETR\u00cdA - REPORTE T\u00c1CTICO SEMANAL\n\n**[0x01] VM2 NODE.JS SANDBOX ESCAPE:**\n- The Hacker News: [vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution](https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html)\n\n**[0x02] PYPI ZICHATBOT / OCEANLOTUS (APT32):**\n- The Hacker News: [PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux](https://thehackernews.com/2026/05/pypi-packages-deliver-zichatbot-malware.html)\n\n**[0x03] IVANTI EPMM RCE ZERO-DAY (CVE-2026-6973):**\n- The Hacker News: [Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access](https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html)\n\n**[0x04] FILTRACI\u00d3N BANCO DE SANGRE IMSS (IDOR):**\n- Reporte OSINT / Facebook & Dark Web: Exposici\u00f3n de 3.4M de registros por actores \"ColdK3y\", \"Lizard\" y \"Gordo\". Vulnerabilidad IDOR en portal p\u00fablico bancodesangre.imss.gob.mx. [Evidencia en Video](https://www.facebook.com/watch/?v=856632617470137)\n\n---\n*V\u00d8RTEK OFFENSIVE - Purple Team Ops & Threat Intelligence*", "creation_timestamp": "2026-05-11T06:16:28.000000Z"}