Aggregator

Top Security Incidents of 2025:  The Emergence of the ChainedShark APT Group

Security Boulevard
4 months 1 week ago

In 2025, NSFOCUS Fuying Lab disclosed a new APT group targeting China’s scientific research sector, dubbed “ChainedShark” (tracking number: Actor240820). Been active since May 2024, the group’s operations are marked by high strategic coherence and technical sophistication. Its primary targets are professionals in Chinese universities and research institutions specializing in international relations, marine technology, and related […]

The post Top Security Incidents of 2025:  The Emergence of the ChainedShark APT Group appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Top Security Incidents of 2025:  The Emergence of the ChainedShark APT Group appeared first on Security Boulevard.

NSFOCUS

CVE-2025-71102 | Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.2 __scs_magic denial of service (WID-SEC-2026-0119)

Vuldb Updates
4 months 1 week ago
A vulnerability was found in Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.2. It has been classified as critical. The impacted element is the function __scs_magic. Performing a manipulation results in denial of service. This vulnerability was named CVE-2025-71102. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-71103 | Linux Kernel up to 6.18.2/6.19-rc2 a7xx_patch_pwrup_reglist null pointer dereference (WID-SEC-2026-0119)

Vuldb Updates
4 months 1 week ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.18.2/6.19-rc2. This affects the function a7xx_patch_pwrup_reglist. Performing a manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-71103. The attack must originate from the local network. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

麻疹卷土重来

Solidot
4 months 1 week ago
在许多国家,麻疹已变得极为罕见,甚至一些医生从未接诊过一个病例,但这种情况正在改变。美国去年报告了逾 2000 例麻疹病例,创 30 年来纪录,且 2026 年病例数可能超过 2025 年。今年 1 月,英国、西班牙、奥地利等 6 国均失去了官方“无麻疹”认证。加拿大在去年 11 月失去“无麻疹”国家的地位,美国预计于今年 4 月步其后尘。麻疹病毒具有极强的传染性,可引起发热、咳嗽和皮疹,甚至导致死亡。数据显示,若周围人群均易感,那么每位麻疹患者平均会传染 12-18 人;若接触感染者,高达 90% 的未免疫人群会患上麻疹。好在麻疹疫苗的效果非常显著。接种一剂后,93% 的人将获得免疫力而免于感染;接种两剂后,保护率可提升至 97%。对于多数人而言,这种保护作用终身有效。当 92%~94% 的人群通过接种疫苗或既往感染获得免疫力时,麻疹病毒便无法继续传播,这种现象被称为群体免疫。然而在美国,幼儿园儿童的疫苗接种率从 2019—2020 学年的 95.2% 降至 2024—2025 学年的 92.5%,为疫情暴发打开了大门。

CVE-2024-56706 | Linux Kernel up to 6.12.1 cpum_sf mutex_lock allocation of resources (WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 6.12.1. This affects the function mutex_lock of the component cpum_sf. The manipulation results in allocation of resources. This vulnerability was named CVE-2024-56706. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2024-56707 | Linux Kernel up to 6.1.119/6.6.63/6.11.10/6.12.1 otx2_dmac_flt.c otx2_mbox_get_rsp privilege escalation (Nessus ID 216191 / WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability marked as problematic has been reported in Linux Kernel up to 6.1.119/6.6.63/6.11.10/6.12.1. This vulnerability affects the function otx2_mbox_get_rsp of the file otx2_dmac_flt.c. This manipulation causes privilege escalation. The identification of this vulnerability is CVE-2024-56707. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2024-56705 | Linux Kernel up to 6.12.1 atomisp ia_css_3a_statistics_allocate allocation of resources (Nessus ID 216493 / WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability identified as problematic has been detected in Linux Kernel up to 6.12.1. Affected by this issue is the function ia_css_3a_statistics_allocate of the component atomisp. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2024-56705. The attack can only be initiated within the local network. No exploit exists. You should upgrade the affected component.
vuldb.com

CVE-2024-56701 | Linux Kernel up to 6.12.1 pseries dtl_access_lock buffer overflow (Nessus ID 216493 / WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability was found in Linux Kernel up to 6.12.1. It has been classified as critical. Impacted is the function dtl_access_lock of the component pseries. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2024-56701. Access to the local network is required for this attack to succeed. There is no exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2024-56700 | Linux Kernel up to 6.12.1 wl128x fmc_send_cmd null pointer dereference (Nessus ID 216224 / WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.1. Affected by this vulnerability is the function fmc_send_cmd of the component wl128x. Executing a manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2024-56700. The attack can only be done within the local network. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-56704 | Linux Kernel up to 6.12.1 xen double free (Nessus ID 214453 / WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability was found in Linux Kernel up to 6.12.1. It has been declared as critical. The affected element is an unknown function of the component xen. The manipulation results in double free. This vulnerability is known as CVE-2024-56704. Access to the local network is required for this attack. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-56699 | Linux Kernel up to 6.11.10/6.12.1 s390 zpci_exit_slot use after free (Nessus ID 216493 / WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability labeled as critical has been found in Linux Kernel up to 6.11.10/6.12.1. Affected is the function zpci_exit_slot of the component s390. Executing a manipulation can lead to use after free. The identification of this vulnerability is CVE-2024-56699. The attack needs to be done within the local network. There is no exploit available. The affected component should be upgraded.
vuldb.com

CVE-2024-56697 | Linux Kernel up to 6.11.10/6.12.1 AMD GPU amdgpu_discovery_get_nps_info null pointer dereference (Nessus ID 216493 / WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.11.10/6.12.1. This impacts the function amdgpu_discovery_get_nps_info of the component AMD GPU. Performing a manipulation results in null pointer dereference. This vulnerability was named CVE-2024-56697. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.
vuldb.com

CVE-2024-56698 | Linux Kernel up to 6.12.1 dwc3_request null pointer dereference (Nessus ID 216493 / WID-SEC-2024-3762)

Vuldb Updates
4 months 1 week ago
A vulnerability was found in Linux Kernel up to 6.12.1. It has been rated as critical. Affected is the function dwc3_request. Performing a manipulation results in null pointer dereference. This vulnerability is known as CVE-2024-56698. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is advised.
vuldb.com

Managed ad