Aggregator

A vulnerability was found in Apache Kafka up to 3.3.2 and classified as critical. This issue affects some unknown processing of the component SASL JAAS JndiLoginModule Handler. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2025-27819. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apache Kafka up to 3.9.0 and classified as critical. This vulnerability affects unknown code of the component SASL JAAS LdapLoginModule Handler. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-27818. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apache Kafka Client up to 3.9.0. This affects an unknown part. The manipulation leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2025-27817. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in barryvdh laravel-translation-manager up to 0.6.7. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-49130. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in WilderForge. Affected by this vulnerability is an unknown functionality. The manipulation leads to code injection. This vulnerability is known as CVE-2025-49013. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

虽然网上存在许多hook Javanative反序列化的文章，然而却没有针对Hessian反序列化的。本文探究了一种通用性的方式，能够在awdp等线下赛中针对Hessian反序列化进行高效快速的修复。

A vulnerability classified as critical has been found in Discourse up to 3.4.3/3.5.0.beta4/3.5.0.beta5-dev. Affected is the function allowed_iframes of the component Setting Handler. The manipulation leads to insecure automated optimizations. This vulnerability is traded as CVE-2025-48877. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in wasp-lang wasp up to 0.16.5. It has been rated as critical. This issue affects some unknown processing of the component OAuth. The manipulation leads to incorrect default permissions. The identification of this vulnerability is CVE-2025-49006. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in labring FastGPT up to 4.9.10. It has been declared as critical. This vulnerability affects unknown code of the component Python Module. The manipulation leads to incorrect permission assignment. This vulnerability was named CVE-2025-49131. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

一次恶意挖矿样本分析到捕获矿池地址

第二届“Parloo 杯”-CTF 应急响应挑战赛，是由“知攻善防实验室”、“OneFox 安全团队”、“Solar 应急响应团队”联合承办，思而听(山东)网络科技有限公司协办，大赛以“提升应急响应能力、强化安全防护”为宗旨，通过构建高度还原的真实网络安全应急场景，全面检验参赛选手在漏洞挖掘、攻击溯源、事件处置、协同攻防等核心领域的实战能力。

Contrast Security announced Northstar, a major release for the company that redefines how businesses see cyberattacks, stop breaches, and protect their applications and APIs. Contrast pairs runtime data and contextual analysis with AI-powered auto-remediation to cut response times and eliminate noise. The Contrast Graph: Live runtime insight that drives precision At the core of the platform is the Contrast Graph, which powers its most advanced capabilities, including optional agentic AI workflows that help teams respond … More →

The post Contrast Northstar pairs runtime data and contextual analysis with AI-powered auto-remediation appeared first on Help Net Security.

A wide-ranging executive order issued before the weekend makes changes to directives from previous presidential administrations and sets some policy deadlines on quantum computing and artificial intelligence.

A critical phishing campaign targeting Windows users has been uncovered by FortiGuard Labs, leveraging malicious Excel attachments to exploit a long-standing vulnerability in older versions of Microsoft Office. This sophisticated attack distributes FormBook, a notorious information-stealing malware designed to harvest sensitive data such as login credentials, keystrokes, and clipboard information. Phishing Campaign Exploits Old Microsoft […]

The post Hackers Deploy FormBook Malware via Weaponized Excel Files to Target Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA), the U.S. government’s frontline civilian cybersecurity force, has lost nearly one-third of its workforce—roughly 1,000 employees—since the start of the current Trump administration, according to multiple sources and internal communications. This exodus, driven by buyouts, early retirements, and layoffs, has left the agency with approximately 2,200 to 2,600 […]

The post Over 1,000 Employees Departed CISA Since Trump Administration Began appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

United Natural Foods (UNFI), North America's largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. [...]

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable security engineers Arnie Cabral and Jason Schavel share how you can use risk-based metrics. You can read the entire Exposure Management Academy series here.

We’re information security engineers at Tenable. If you’re anything like us, you spend your days on the front lines of the battle against a constantly changing set of cybersecurity threats. No matter your role, you probably face any number of complex challenges to stay one step ahead of the bad guys. 

To be most effective, you need to move beyond operating across silos toward bringing all of the data together. Exposure management helps bring this all together. 

Maybe you’re contemplating a move to exposure management or maybe you’ve already started the shift. (Not sure how mature your program is? Check out the Tenable exposure management security assessment.) No matter where you are, exposure management represents a fundamental shift toward a unified view of exposures across the attack surface. It involves continuously discovering, assessing, prioritizing and remediating all types of security exposures, including vulnerabilities, misconfigurations and excessive permissions across various assets. As we like to say, “give us all the things.”

In our roles, we are helping Tenable move in this direction. So we thought we’d share some of our experiences. 

If you have any questions or you’d like to share your exposure management experiences with us, please use the form at the bottom of the page. 

Managing exposures

Exposure management is about more than just finding flaws. It's about understanding business risk and prioritizing actions that reduce the potential for attack. If you react to every alert or finding, you’ll soon end up draining your resources, burning out the staff and wasting tons of valuable time.

So, with limited resources, how can security teams effectively manage the vast threat landscape and focus on what truly matters? 

Robust, risk-based metrics are the key to guiding the exposure management lifecycle, which begins with comprehensive and continuous discovery of all assets, identities and applications. Then, by prioritizing risks based on business impact and technical context, and by proactively mitigating the highest-risk exposures through remediation, you’ll have an ongoing exposure management process. 

Exposure management builds upon vulnerability management to deliver results based on severity and adds the context and prioritization that comes with risk-based vulnerability management (RBVM). In addition, it ingests a wide array of security data sources across the enterprise. Exposure management provides critical context for those assets and we’re able to look at more than just the usual data points.

This approach can transform raw data into actionable intelligence so your organization has a focused, proactive defense.

Tracking progress with exposure management

A fundamental part of effective exposure management is consistent, clear communication about the organization's risk posture. Exposure management helps us paint a more holistic picture of our environment. For example, we monitor our cloud accounts and we have several different sensors there. Exposure management unites all those sources and shows us everything in a consolidated view, in contrast to the old way of looking at the data via multiple point products and having to put that all together manually.

These metrics provide a snapshot comparing the current exposure landscape to previous periods. They offer an overview of quantifiable risk across different business units and asset groups. Frequent assessments are essential for tracking progress, identifying emerging risk areas, and informing strategic decisions within a continuous exposure management framework.

Considerations that drive exposure prioritization

Our exposure management program relies on metrics that facilitate effective prioritization. It’s about understanding which exposures represent the most significant threat right now and communicating those threats to the right asset owners to ensure effective remediation of findings:

• Exploitability and threat context: Is there a known exploit for this exposure? Is it being actively used by threat actors? Prioritizing exposures based on real-world threat intelligence ensures remediations target the most likely attack vectors.
• Asset criticality and business context: How critical is the affected asset to the business? Understanding the potential impact of an exploit guides prioritization beyond technical severity alone.
• Actual impact vs. theoretical risk: A high-severity vulnerability might pose little actual risk in your specific environment due to mitigating controls or specific configurations. Assessing actual impact helps filter out less critical issues, though investigating every exposure's context remains challenging.
• Remediation service level agreements (SLAs): Tracking remediation timeliness against SLAs provides a crucial performance indicator for the exposure management program. Deviations often point to bottlenecks or systemic issues in remediation workflows, patching processes, or asset visibility that need addressing.
• Exposure trends: Monitoring trends over time so you can understand whether exposures are increasing or decreasing (overall and in specific areas) is vital. Upward trends signal potential breakdowns or emerging risks requiring investigation and potentially resource reallocation.

Getting to informed decisions 

Risk-based metrics are fundamental to each stage of the exposure management lifecycle. We look at it like this: 

• Discovery and assessment: Metrics give us the context we need to understand the raw data we gather from scanning and assessment tools.
• Prioritization: These metrics provide an objective basis to help us decide which exposures we should tackle first.
• Validation: Often, it can be hard to validate our remediation efforts. We can use metrics to understand whether we succeeded and if we reduced risk.
• Mobilization: Clear reporting based on these metrics helps mobilize the right teams and secure necessary resources.

By using metrics to connect technical findings with business risk, we have been able to communicate more effectively with our leadership. In turn, we have data that justifies the resources we need for targeted remediations and we’ve demonstrated the value of our exposure management program.

Takeaways

Incorporating risk-based metrics as part of an exposure management program requires addressing challenges like managing diverse asset types (including user workstations, mobile devices, cloud, IoT, etc.) so you can ensure accurate data across disparate tools and maintain visibility across the changing attack surface.

But an effective exposure management program requires more than just tools. Your metrics-driven approach should help you to continuously understand and reduce risk across the entire attack surface. 

With risk-based metrics focused on exploitability, impact, SLAs and trends, you’ll start to move beyond reactive prioritization. You and your team will proactively prioritize efforts, make smarter remediation decisions and optimize resource allocation. Ultimately, you’ll build a more resilient defense.

Have a question about exposure management you’d like us to tackle?

We’re all ears. Share your question and maybe we’ll feature it in a future post.

 

MktoForms2.loadForm("//info.tenable.com", "934-XQB-568", 14070);

Tel Aviv, Israel, June 9th, 2025, CyberNewsWire Available to the public and debuting at the Gartner Security & Risk Management Summit,BrowserTotal is a first of its kind browser security assessment tool conducting more than 120tests to provide posture standing, emerging threat insights, URL analysis, extension risks, andmore. Seraphic Security, a leader in enterprise browser security, […]

The post Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment For Enterprises appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Authorities said they busted a ring responsible for illegally extracting citizens' data from Kazakhstan's government networks and distributing it through Telegram and other ways.