Aggregator

A vulnerability classified as problematic was found in PackageKitd. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2024-0217. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in FreeType 2.8.1 and classified as problematic. This vulnerability affects the function cf2_doFlex of the file cff/cf2intrp.c. The manipulation leads to integer overflow. This vulnerability was named CVE-2025-23022. Attacking locally is a requirement. There is no exploit available.

PolarCTF网络安全2025春季个人挑战赛-Writeup

В погоне за прибылью QLED-индустрия тайно отказалась от квантовых технологий.

Пользователям сервиса стоит насторожиться?

Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frameworks that provide a clear path to achieving robust cybersecurity practices. For service providers, adhering to NIST

North Korean IT workers have intensified their global operations, expanding their employment footprint across Europe to infiltrate corporate networks and generate revenue for the regime. According to the latest report by Google Threat Intelligence Group (GTIG), these workers pose as legitimate remote employees, leveraging advanced technical skills and deceptive tactics to gain access to sensitive […]

The post North Korea IT Workers Expand Their Employment Across Europe To Infiltrate the Company Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Red Hat OpenShift and classified as problematic. This vulnerability affects unknown code of the component Tempo Operator. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-2842. The attack needs to be done within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Red Hat OpenShift. This affects an unknown part of the component Tempo Operator. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-2786. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Moodle. Affected by this issue is some unknown functionality of the component Grade Report Handler. The manipulation leads to permission issues. This vulnerability is handled as CVE-2025-32045. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Moodle up to 4.5.2. Affected by this vulnerability is an unknown functionality of the component REST API. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-32044. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The Israeli Internet Association has issued a public warning about a surge in cyberattacks targeting Telegram accounts in Israel. The campaign, traced to hackers in Bangladesh and Indonesia, exploits vulnerabilities in voicemail systems to hijack accounts and, in some cases, register new ones using phone numbers of individuals who have never used Telegram, including minors. […]

The post Hackers Hijack Telegram Accounts via Default Voicemail Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Gootloader malware has resurfaced with a new campaign that combines old tactics with modern delivery methods. This latest iteration leverages Google Ads to target users searching for legal document templates, such as non-disclosure agreements (NDAs) or lease agreements. The campaign exemplifies the evolving strategies of threat actors who exploit trust in legitimate platforms […]

The post Gootloader Malware Spreads via Google Ads with Weaponized Documents appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Почему генерал боится искусственного интеллекта больше, чем живых шпионов.

Google has found a significant increase in North Korean actors attempting to gain employment as IT workers in European companies, leading to data theft and extortion

A vulnerability was found in Apple iOS up to 12.1.2. It has been classified as critical. This affects an unknown part of the component WebKit. The manipulation leads to incorrect type conversion. This vulnerability is uniquely identified as CVE-2019-6215. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Cybersecurity researchers have shed light on an "auto-propagating" cryptocurrency mining botnet called Outlaw (aka Dota) that's known for targeting SSH servers with weak credentials. "Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation to infect and maintain control over systems," Elastic Security Labs said in a new analysis