Aggregator

Вещество, из которого состоит панцирь крабов, буквально взломало код вечности.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting   ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia   Analyzing Dead#Vax: Analyzing Multi-Stage VHD […]

本文中引入了MAGIC，这是一种新颖而灵活的自监督的APT检测方法，能够在不同级别的监督下执行多粒度检测。

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Italian university La Sapienza still offline to mitigate recent cyber attack CISA pushes Federal agencies to […]

Currently trending CVE - Hype Score: 6 - TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this ...

Currently trending CVE - Hype Score: 1 - Diagnostics command injection vulnerability

Ученые из Университета Гёте сравнили эффективность MV2 и MV3 в Google Chrome.

Name: BITSCTF 2026 [Postponed] (an BITSCTF event.)
Date: Feb. 6, 2026, 5:30 a.m. — 08 Feb. 2026, 05:30 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.bitskrieg.in/
Rating weight: 25.54
Event organizers: BITSkrieg

Name: Pragyan CTF 2026 (an Pragyan CTF event.)
Date: Feb. 6, 2026, 1 p.m. — 08 Feb. 2026, 13:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.prgy.in/
Rating weight: 1.84
Event organizers: Pragyan

Name: Nullcon Goa HackIM 2026 CTF (an HackIM event.)
Date: Feb. 7, 2026, 8:30 a.m. — 08 Feb. 2026, 08:30 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.nullcon.net/
Rating weight: 24.72
Event organizers: ENOFLAG

Name: DUCKERZ CTF 2026 (an DUCKERZ CTF event.)
Date: Feb. 7, 2026, 9 a.m. — 08 Feb. 2026, 09:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://teams.duckerz.ru/
Rating weight: 23.20
Event organizers: DUCKERZ

Name: EncipherX CTF 4.0 (an EncipherX CTF event.)
Date: Feb. 7, 2026, 11 a.m. — 08 Feb. 2026, 11:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://encipherx.in/
Rating weight: 0.00
Event organizers: Phoenixcybersecurity

A vulnerability marked as critical has been reported in Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4/6.18-rc1. This affects the function recv. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-40176. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.17.4/6.18-rc1. The impacted element is the function switch_mm_irqs_off. Executing a manipulation can lead to privilege escalation. This vulnerability is tracked as CVE-2025-40174. The attack is only possible within the local network. No exploit exists. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.17.4/6.18-rc1. It has been rated as critical. Affected by this issue is the function skb_get of the component idpf. Performing a manipulation results in improper update of reference count. This vulnerability is reported as CVE-2025-40175. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.18-rc1. Affected by this issue is the function ip6_tunnel. This manipulation causes privilege escalation. The identification of this vulnerability is CVE-2025-40173. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.17.2. Affected by this vulnerability is the function dst_dev_rcu of the component net. Executing a manipulation can lead to privilege escalation. The identification of this vulnerability is CVE-2025-40170. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.194/6.1.155/6.6.111/6.12.52/6.17.2. This affects the function nvmet_fc_ls_req_op. The manipulation results in memory leak. This vulnerability is identified as CVE-2025-40171. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical was found in Linux Kernel up to 6.17.2. Impacted is the function __sk_dst_get. Such manipulation leads to use after free. This vulnerability is referenced as CVE-2025-40168. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.111/6.12.52/6.17.2. Affected by this vulnerability is the function check_alu_op of the component bpf. The manipulation leads to privilege escalation. This vulnerability is listed as CVE-2025-40169. The attack must be carried out from within the local network. There is no available exploit. It is advisable to upgrade the affected component.