Aggregator

A vulnerability categorized as problematic has been discovered in Apple tvOS. Impacted is an unknown function. Such manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2023-40384. Local access is required to approach this attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Apple macOS. The affected element is an unknown function. Performing manipulation results in information disclosure. This vulnerability was named CVE-2023-40384. The attack needs to be approached locally. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Apple macOS 13. It has been declared as problematic. This issue affects some unknown processing of the component Web Content Handler. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2023-39233. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS 13 and classified as problematic. This affects an unknown function of the component Lock Screen. Executing manipulation can lead to state issue. This vulnerability is tracked as CVE-2023-37448. The physical device can be targeted for the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Apple macOS 13. It has been classified as critical. This impacts an unknown function. The manipulation leads to improper access controls. This vulnerability is listed as CVE-2023-38586. The attack must be carried out locally. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability labeled as problematic has been found in Apple macOS 13. This vulnerability affects unknown code of the component Safari. Executing manipulation can lead to insecure temporary file. This vulnerability appears as CVE-2023-40388. The attack requires local access. There is no available exploit. The affected component should be upgraded.

A vulnerability, which was classified as critical, has been found in Apple macOS 13. This vulnerability affects unknown code. This manipulation causes memory corruption. This vulnerability is handled as CVE-2023-38615. It is possible to launch the attack on the local host. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as problematic has been found in Apple macOS 13. This issue affects some unknown processing of the component Notes Attachment Handler. This manipulation causes insecure temporary file. This vulnerability appears as CVE-2023-40386. The attack requires local access. There is no available exploit. It is recommended to upgrade the affected component.

Cisco has issued a critical security advisory addressing two severe vulnerabilities in its Unified Contact Center Express (CCX) platform that could enable remote attackers to execute arbitrary commands and gain unauthorized system access. The vulnerabilities, published on November 5, 2025, require immediate attention from organizations running Cisco Unified CCX systems. CVE ID Vulnerability Type CVSS […]

The post Cisco UCCX Vulnerabilities Allow Remote Attackers to Execute Arbitrary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have identified a sophisticated new malware family, Airstalk, that exploits VMware’s AirWatch API—now known as Workspace ONE Unified Endpoint Management—to establish covert command-and-control channels. The discovery represents a significant threat to evolution, with both PowerShell and .NET variants discovered in what researchers assess with medium confidence was a nation-state-sponsored supply chain attack. The […]

The post Airstalk Malware Exploits AirWatch MDM for Covert C2 Communication appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Are you importing indicators of compromise (IOC) in the form of domain names and IP addresses into your SIEM, NDR or IDS? If so, have you considered for how long you should keep looking for those IOCs? An IoT botnet study from 2022 found that 90% of C2 servers had a lifetime of less than 5 days and[...]

CISA released four Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. 

• ICSA-25-310-01 Advantech DeviceOn iEdge
• ICSA-25-310-02 Ubia Ubox
• ICSA-25-310-03 ABB FLXeon Controllers
• ICSA-25-282-01 Hitachi Energy Asset Suite (Update A)

CISA encourages users and administrators to review newly released ICS Advisories for technical details and mitigations.

ENISA report reveals DDoS accounted for 60% of public sector security incidents last year

Introduction Financial institutions are facing a new reality: cyber-resilience has passed from being a best practice, to an operational necessity, to a prescriptive regulatory requirement. Crisis management or Tabletop exercises, for a long time relatively rare in the context of cybersecurity, have become required as a series of regulations has introduced this requirement to FSI organizations in

A vulnerability described as critical has been identified in Red Hat JBoss Enterprise Application Platform and WildFly. Affected by this issue is some unknown functionality. Such manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2022-0866. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Hancom Office 2020. The affected element is an unknown function of the component HWord. This manipulation causes use after free. This vulnerability appears as CVE-2023-32541. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in Apple iOS and iPadOS and classified as critical. Affected by this vulnerability is an unknown functionality. Such manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2023-35984. The attack can be executed directly on the physical device. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Apple watchOS. It has been classified as critical. Affected by this issue is some unknown functionality. Performing manipulation results in out-of-bounds write. This vulnerability was named CVE-2023-35984. The attack may be carried out on the physical device. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Apple tvOS. It has been declared as critical. This affects an unknown part. Executing manipulation can lead to out-of-bounds write. The identification of this vulnerability is CVE-2023-35984. The physical device can be targeted for the attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to insecure temporary file. This vulnerability is uniquely identified as CVE-2023-29497. Local access is required to approach this attack. No exploit exists. Upgrading the affected component is advised.