Aggregator

关键词零日漏洞谷歌近日发布了2025年4月Android安全更新，共修复62个安全漏洞。

Luxembourg, Luxembourg, 9th April 2025, CyberNewsWire

The post Gcore Super Transit Brings Advanced DDoS Protection and Acceleration for Superior Enterprise Security and Speed appeared first on Security Boulevard.

The cybersecurity community has raised alarms over the rapid evolution of the Hellcat ransomware group, which has escalated its tactics to target critical sectors. Hellcat, which emerged in mid-2024, now employs a sophisticated blend of psychological manipulation, zero-day vulnerabilities, and Ransomware-as-a-Service (RaaS) to expand its influence. Spear Phishing and Zero-day Exploits Hellcat operators initiate attacks […]

The post Hellcat Ransomware Upgrades Arsenal to Target Government, Education, and Energy Sectors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

By taking simple steps like choosing a cost-effective backup storage strategy and minimizing recovery infrastructure costs, you can protect your business without bloating your budget. 

The post Four Tips for Optimizing Data Backup and Recovery Costs appeared first on Security Boulevard.

4月9日，绿盟科技CERT监测到微软发布4月安全更新补丁，修复了126个安全问题，涉及Windows、Microsoft Office、Azure等广泛使用的产品，其中包括权限提升、远程代码执行等高危漏洞类型。

4月9日，绿盟科技CERT监测到微软发布4月安全更新补丁，修复了126个安全问题，涉及Windows、Microsoft Office、Azure等广泛使用的产品，其中包括权限提升、远程代码执行等高危漏洞类型。

73% of respondents in an Armis survey said they worried about nation-state actors using AI for cyber-attacks

A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited Vulnerabilities catalog on Tuesday. According to the vulnerability’s entry in NIST’s National Vulnerability Database, the flaw has been leveraged in attacks since March 2025. About CVE-2025-30406 CentreStack is a platform that allows managed service providers (MSPs) to offer cloud-like file services to their customers: file sharing, backup, collaboration, and remote access. CVE-2025-30406 is a deserialization vulnerability … More →

The post RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) appeared first on Help Net Security.

企业版产品火绒终端安全管理系统由于产品发展规划，中心V2.0.16.0及以上版本将不再支持Windows Server 2008及以下系统，请火绒用户避免在以上环境下继续运行中心，以免影响您的管控。

IBM 宣布了最新的 z17 大型机，每秒能处理最多 27 万亿次操作，性能比 2022 年发布的 z16 快 50%，预计夏天上市。z17 使用了 Telum II 处理器，是 z16 使用的 Telum 处理器的升级版，为 8 核、频率 5.5GH，配有 360MB 虚拟 L3 缓存和 2.88GB 虚拟 L4 缓存。Telum II 还引入了旨在帮助加速 AI 工作负载的新数据处理单元等功能。Telum 一代使用三星 7 纳米工艺制造，二代尚无更多信息。

GitGuardian's State of Secrets Sprawl report for 2025 reveals the alarming scale of secrets exposure in modern software environments. Driving this is the rapid growth of non-human identities (NHIs), which have been outnumbering human users for years. We need to get ahead of it and prepare security measures and governance for these machine identities as they continue to be deployed, creating an

Microsoft has uncovered a sophisticated ransomware campaign exploiting a zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824. The vulnerability allows attackers to escalate privileges from a standard user account to SYSTEM level, enabling widespread deployment of ransomware within compromised environments. Exploitation Details The exploit, deployed by the threat actor known […]

The post Ransomware Group Actively Exploits Windows CLFS Zero-Day Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Currently trending CVE - Hype Score: 17 - An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

Currently trending CVE - Hype Score: 18 - A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

Currently trending CVE - Hype Score: 1 - OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

Currently trending CVE - Hype Score: 7 - Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed ...