Aggregator

A vulnerability labeled as problematic has been found in SUSE Rancher. This impacts an unknown function. The manipulation results in sensitive information in log files. This vulnerability was named CVE-2024-58269. The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in Wazuh up to 4.10.x. This affects the function fim_fetch_attributes_state. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-62790. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A massive 4TB SQL Server backup file belonging to global accounting giant Ernst & Young (EY) was discovered publicly accessible on Microsoft Azure. The exposure, uncovered by cybersecurity firm Neo Security during a routine asset mapping exercise, highlights how even well-resourced organizations can inadvertently leave sensitive data vulnerable to the internet’s automated scanners. Neo Security’s […]

The post EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure appeared first on Cyber Security News.

A vulnerability categorized as problematic has been discovered in Wazuh up to 4.10.x. The impacted element is the function fim_alert. Executing manipulation can lead to unchecked return value. This vulnerability is handled as CVE-2025-62789. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

Fraudulent investment platforms impersonating cryptocurrency and forex exchanges have emerged as the predominant method used by financially motivated cybercriminals to defraud victims across Asia and beyond. These sophisticated scam operations deploy advanced social engineering tactics to manipulate victims into transferring funds to attacker-controlled systems that masquerade as legitimate trading platforms. The threat landscape has evolved […]

The post Huge Surge in Fake Investment Platforms Mimic Forex Exchanges Steal Logins appeared first on Cyber Security News.

A vulnerability was found in Wazuh up to 4.10.x. It has been rated as critical. The affected element is the function w_copy_event_for_log. Performing manipulation results in use after free. This vulnerability is known as CVE-2025-62788. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Wazuh up to 4.10.1. It has been declared as problematic. Impacted is the function fillData. Such manipulation leads to unchecked return value. This vulnerability is traded as CVE-2025-62785. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Wazuh up to 4.10.x. It has been classified as problematic. This issue affects the function DecodeCiscat. This manipulation causes unchecked return value. This vulnerability appears as CVE-2025-62791. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in SUSE Rancher up to 0.0.0-20251014212116-7faa74a968c1 and classified as critical. This vulnerability affects unknown code. The manipulation results in preservation of permissions. This vulnerability is reported as CVE-2023-32199. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Wazuh up to 4.11.x. Affected by this issue is the function w_expression_match. Executing manipulation can lead to buffer over-read. This vulnerability is registered as CVE-2025-62792. It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.

A vulnerability has been found in Wazuh up to 4.10.1 and classified as problematic. This affects the function DecodeWinevt. The manipulation leads to buffer over-read. This vulnerability is documented as CVE-2025-62787. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability, which was classified as problematic, has been found in floragunn Search Guard FLX up to 3.1.1. Affected by this vulnerability is an unknown functionality. Performing manipulation results in information disclosure. This vulnerability is cataloged as CVE-2025-12148. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in floragunn Search Guard FLX up to 3.1.1. Affected is an unknown function. Such manipulation leads to information disclosure. This vulnerability is listed as CVE-2025-12147. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Wazuh up to 4.10.1. This impacts an unknown function. This manipulation causes buffer underwrite. This vulnerability is tracked as CVE-2025-62786. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in code-projects Online Complaint Site 1.0. This affects an unknown function of the file /cms/admin/subcategory.php. The manipulation of the argument Category results in sql injection. This vulnerability is identified as CVE-2025-63622. The attack can be executed remotely. There is not any exploit available.

Microsoft has confirmed that the Windows 11 Media Creation Tool (MCT) is working again on Windows 10 22H2 and Windows 11 25H2 systems. [...]

Microsoft experienced a widespread service outage on Wednesday, October 29, 2025, affecting its Azure cloud platform and Microsoft 365 suite, leaving thousands of users unable to access critical business services. The disruption, which began around 16:00 UTC (approximately 9:30 PM IST), was attributed to Domain Name System (DNS) configuration issues that crippled connectivity across Microsoft’s […]

The post Microsoft DNS Outage Disrupts Azure and Microsoft 365 Services Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Новая технология позволит врачам изучать движение жизни. С точностью до микрометра.