Aggregator

A vulnerability, which was classified as problematic, has been found in Google Android 13/14/15. Impacted is the function generateFileInfo of the file BluetoothOppSendFileInfo.java. Performing manipulation results in information disclosure. This vulnerability is cataloged as CVE-2024-49728. The attack must be initiated from a local position. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability labeled as problematic has been found in Google Android 12/12L/13/14/15. Affected by this issue is some unknown functionality. Executing manipulation can lead to resource consumption. This vulnerability is registered as CVE-2024-49740. The attack needs to be launched locally. No exploit is available. Applying a patch is advised to resolve this issue.

Name: Nullcon Berlin HackIM 2025 CTF (an HackIM event.)
Date: Sept. 4, 2025, 10:30 a.m. — 05 Sept. 2025, 13:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: Berlin, Germany
Offical URL: https://ctf.nullcon.net/
Rating weight: 30.00
Event organizers: ENOFLAG

Bridgestone confirms a cyberattack that disrupted manufacturing plants. This article details the impact on employees, expert analysis, and…

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Does Your Cloud Security Strategy Include Reliable NHI Practices? Data safeguarding and secrets management are fundamental for any organization aiming for a secure infrastructure. Building a robust, cloud-based infrastructure relies heavily on Non-Human Identities (NHIs), machine identities that are vital in ensuring a secure and efficient operational framework. How much do you know about this […]

The post Get Reassured with Reliable Cloud NHI Practices appeared first on Entro.

The post Get Reassured with Reliable Cloud NHI Practices appeared first on Security Boulevard.

How Assured Are You About Your Organization’s NHI Security? Non-Human Identities (NHIs) and their Secret Security Management have become a key focal point. But how confident are you in your organization’s current NHI security measures? With value-based optimization as the benchmark for success, many businesses are now recognizing the need to achieve assured security with […]

The post Feel Assured with Improved NHI Security Measures appeared first on Entro.

The post Feel Assured with Improved NHI Security Measures appeared first on Security Boulevard.

Can Non-Human Identity Security Give Your Business an Edge? Imagine where your machine identities and their “secrets” are managed with the proficiency of a seasoned cybersecurity specialist. Imagine if these identities, like tourists in a foreign land, could be actively monitored and managed, their passports, visas and behaviors under constant scrutiny. It is not only […]

The post Staying Ahead in Non-Human Identity Security appeared first on Entro.

The post Staying Ahead in Non-Human Identity Security appeared first on Security Boulevard.

Alleged Data Breach of Agua de Puebla Para Todos

Experts see subtle improvements from new laws and best practices, but much work remains.

A recent investigation has revealed that Microsoft employed China-based engineers to maintain and support SharePoint software, the same collaboration platform that was recently compromised by Chinese state-sponsored hackers. This revelation raises significant concerns about cybersecurity practices and potential insider threats within critical infrastructure systems used by hundreds of government agencies and private companies. The cybersecurity […]

The post New Report Claims Microsoft Used China-Based Engineers For SharePoint Support and Bug Fixing appeared first on Cyber Security News.

Cybercriminals unleashed a massive wave of mobile malware attacks during the second quarter of 2025, with security researchers detecting nearly 143,000 malicious installation packages targeting Android and iOS devices. This surge represents a significant escalation in mobile cyber threats, affecting millions of users worldwide through sophisticated attack vectors designed to steal sensitive data, compromise financial […]

The post 143,000 Malware Files Attacked Android and iOS Device Users in Q2 2025 appeared first on Cyber Security News.

A vulnerability was found in Red Hat Keycloak and classified as problematic. The impacted element is an unknown function of the component Message Handler. The manipulation of the argument error_description results in cross site scripting. This vulnerability is identified as CVE-2025-10044. The attack can be executed remotely. There is not any exploit available.

A vulnerability has been found in Linux Kernel up to 6.6.102/6.12.43/6.16.3 and classified as critical. The affected element is the function qat_4xxx. The manipulation leads to use after free. This vulnerability is referenced as CVE-2025-39721. The attack needs to be initiated within the local network. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.102/6.12.43/6.16.3/6.17-rc2. Impacted is the function ksmbd_conn_releasing of the component ksmbd. Executing manipulation can lead to improper update of reference count. The identification of this vulnerability is CVE-2025-39720. The attack needs to be done within the local network. There is no exploit available. You should upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.40/6.15.8. This issue affects the function shrink_folio_list. Performing manipulation results in denial of service. This vulnerability was named CVE-2025-39725. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Red Hat Keycloak. This vulnerability affects unknown code of the component Vault Handler. Such manipulation leads to file inclusion. This vulnerability is uniquely identified as CVE-2025-10043. The attack can be launched remotely. No exploit exists.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.100/6.12.40/6.15.8. This affects the function ism_cmd. This manipulation causes state issue. This vulnerability is handled as CVE-2025-39726. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.12.43/6.16.3/6.17-rc2. Affected by this issue is the function write_iter of the component netfs. The manipulation results in null pointer dereference. This vulnerability is known as CVE-2025-39723. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.16.3. Affected by this vulnerability is the function bno055_get_regmask of the file bno055.c of the component iio. The manipulation of the argument hw_xlate_len leads to out-of-bounds read. This vulnerability is traded as CVE-2025-39719. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.