Aggregator

The government in Switzerland is informing that sensitive information from various federal offices has been impacted by a ransomware attack at the third-party organization Radix. [...]

Multiple critical vulnerabilities in D-Link router models could allow remote attackers to execute arbitrary code and gain unauthorized access to the network infrastructure.  The vulnerabilities affect all hardware revisions and firmware versions of the non-US DIR-816 models, which have now reached their End-of-Life (EOL) status. Buffer Overflow Flaws Enable Remote Code Execution Four of the […]

The post Multiple Critical Vulnerabilities in D-Link Routers Let Attackers Execute Arbitrary Code Remotely appeared first on Cyber Security News.

Microsoft has released RIFT (Rust Identification and Function Tagging), a groundbreaking open-source tool designed to help cybersecurity analysts identify and analyze malware concealed within Rust binaries.  The cybersecurity community has witnessed a significant shift toward Rust-based malware development over the past five years. Notable examples include the BlackCat ransomware in December 2021, followed by Hive […]

The post RIFT – Microsoft’s New Open-Source Tool to Analyze Malware in Rust Binaries appeared first on Cyber Security News.

The agencies said U.S. critical infrastructure entities should be on high alert for "Iranian-affiliated cyber actors" trying to target American networks.

A vulnerability was found in MikroTik RouterOS up to 7.13. It has been declared as critical. This vulnerability affects unknown code of the component IPv6 UDP Traceroute Packet Handler. The manipulation leads to improper access controls. This vulnerability was named CVE-2023-47310. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Tenda AC1206 15.03.06.23_multi_TD01. It has been classified as critical. This affects the function formSetCfm. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2024-53621. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in IBM Cloud Pak System up to 2.3.4.1 iFix1 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. This vulnerability is handled as CVE-2025-2895. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Spanish authorities arrested five members of a criminal network responsible for laundering €460 million stolen through global cryptocurrency investment fraud schemes. Source: Europol The operation, led by the Guardia Civil with support from Europol and law enforcement in Estonia, France, and the United States, uncovered that more than 5,000 victims worldwide were defrauded. The action day led to: 5 arrests (3 on the Canary Islands and 2 in Madrid), and 5 searches (3 on the … More →

The post Fraudsters behind €460 million crypto scam arrested in Spain appeared first on Help Net Security.

Currently trending CVE - Hype Score: 2

Currently trending CVE - Hype Score: 4 - In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier's perspective is that this is intended behavior for this privilege level, and that system administrators ...

Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more than 5,000 victims across the world. The international effort, codenamed Operation Borrelli, was carried out by the Spanish Guardia Civil, along with support from law enforcement authorities from Estonia, France, and the United States. Europol said the

This week’s cyber threat landscape reveals a surge in zero-day exploit activity, advanced phishing schemes, and the active targeting of […]

The post Weekly Threat Landscape Digest – Week 26 appeared first on HawkEye.

大模型时代，越来越多的数据中心安装了专用 GPU 加速器，而这些加速器配备了数百 GB 容量的显存（VRAM）。在特定的情况下，如果服务器系统内存容量太少，休眠功能可能会出现问题，从休眠中恢复可能需要多达 1 个小时。AMD 工程师 Samuel Zhang 递交了补丁修复了该问题。他解释说，如果一台 Linux 服务器有 2 TB 系统内存，配了 8 个 AMD Instinct 加速器，每个加速器显存 192GB 共 1,536GB。休眠时所有 VRAM 显存都迁移到 GTT 或 shmem。在这两种情况下，它都在系统内存中，内核会尝试将复制页到休眠镜像。在最糟糕的情况下，这会导致系统内存中有 2 个 VRAM 副本，1,536GB * 2 = 3TB > 2 TB，系统内存不够用了。

US Defense Industrial Base (DIB) companies are “at increased risk” of cyber-attacks from Iran-aligned hacking groups

Over 2,100 vulnerable Citrix NetScaler servers remain exposed to active exploitation, despite patches being available for critical vulnerabilities that allow attackers to bypass authentication mechanisms and steal session tokens. Cybersecurity firm ReliaQuest has issued warnings about active exploitation of two critical vulnerabilities affecting Citrix NetScaler ADC and NetScaler Gateway systems. The vulnerabilities, tracked as CVE-2025-5777 […]

The post 2100+ Citrix Servers Vulnerable to Actively Exploited Bypass Authentication Vulnerability appeared first on Cyber Security News.

Ahold Delhaize has confirmed a cyber-attack exposed personal data of over 2.2 million individuals in the US

A sophisticated new phishing campaign has emerged, leveraging obsolete Windows file formats and advanced evasion techniques to distribute the notorious Remcos Remote Access Trojan. The attack chain employs DBatLoader as its primary delivery mechanism, utilizing a combination of User Account Control bypass methods, obfuscated scripts, and Living Off the Land Binaries abuse to establish persistent […]

The post Hackers Use .PIF Files and UAC Bypass to Drop Remcos Malware on Windows appeared first on Cyber Security News.

Malicious websites designed to rank high in Google search results for ChatGPT and Luma AI deliver the Lumma and Vidar infostealers and other malware.

Alleged Sale of Access to an Unidentified Major Indian Telecom Provider