Aggregator

Trust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.

Вход в интернет по паспорту. Выход — только с личного одобрения товарища Си.

A highly coordinated phishing campaign impersonating various U.S. state Departments of Motor Vehicles (DMVs) has emerged as a significant threat, targeting citizens across multiple states with the intent to harvest personal and financial data. This sophisticated operation employs SMS phishing, commonly known as smishing, by sending alarming text messages from spoofed numbers that often appear […]

The post Weaponized DMV-Themed Phishing Scam Targets U.S. Citizens to Steal Personal and Financial Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. House of Representatives has banned the installation and use of WhatsApp on government-issued devices belonging to congressional staff, citing concerns over how the app encrypts and secures data. [...]

Barracuda Networks launched Barracuda Managed Vulnerability Security. This fully managed service, powered by Barracuda’s global Security Operations Center (SOC), extends the BarracudaONE platform to help organizations proactively identify, assess and prioritize vulnerabilities. This enables them to reduce risk and strengthen their security resilience. “By proactively identifying vulnerabilities, we can better predict the likelihood of an attack, giving both Barracuda and our customers a decisive edge to stop threats before they’re exploited and reduce cyber risk,” … More →

The post Barracuda Managed Vulnerability Security identifies and prioritizes vulnerabilities appeared first on Help Net Security.

A vulnerability was found in Mozilla Firefox up to 139. It has been rated as critical. Affected by this issue is some unknown functionality of the component FontFaceSet. The manipulation leads to use after free. This vulnerability is handled as CVE-2025-6424. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 139 on Android. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Link Handler. The manipulation leads to an unknown weakness. This vulnerability is known as CVE-2025-6431. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 139. It has been classified as problematic. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to cross site scripting. This vulnerability is traded as CVE-2025-6430. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 139 on Android and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument querystring leads to open redirect. The identification of this vulnerability is CVE-2025-6428. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 139 and classified as problematic. This vulnerability affects unknown code of the component File Extension Handler. The manipulation leads to an unknown weakness. This vulnerability was named CVE-2025-6435. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 139. This affects an unknown part of the component HTTPS-Only Feature. The manipulation leads to clickjacking. This vulnerability is uniquely identified as CVE-2025-6434. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

ManageEngine launched a MSP Central, a unified platform designed to help MSPs streamline service delivery, device management, threat protection, and infrastructure monitoring from a single interface. ManageEngine focuses on addressing specific operational models and business challenges of MSPs, developing tools that support multi-client environments, technician efficiency, and service scalability. MSP Central brings together these capabilities into a unified platform tailored to how MSPs deliver and manage IT services today. Meeting the evolving needs of MSPs … More →

The post ManageEngine helps MSPs manage day-to-day operations appeared first on Help Net Security.

A vulnerability, which was classified as problematic, has been found in Mozilla Firefox up to 139. Affected by this issue is some unknown functionality of the component TLS Handler. The manipulation leads to improper certificate validation. This vulnerability is handled as CVE-2025-6433. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mozilla Firefox up to 139. Affected by this vulnerability is an unknown functionality of the component Multi-Account Container Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-6432. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Mozilla Firefox up to 139. Affected is an unknown function of the component Embed Tag Handler. The manipulation leads to an unknown weakness. This vulnerability is traded as CVE-2025-6429. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 139. It has been rated as problematic. This issue affects some unknown processing of the component Content Security Policy Handler. The manipulation of the argument connect-src leads to improper restriction of rendered ui layers. The identification of this vulnerability is CVE-2025-6427. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 139 on macOS. It has been declared as problematic. This vulnerability affects unknown code of the component Executable File Handler. The manipulation leads to improper restriction of rendered ui layers. This vulnerability was named CVE-2025-6426. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 139 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-6436. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 139. It has been classified as critical. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-6436. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 139 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component WebCompat Extension. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-6425. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.