Aggregator

SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them now

Security Affairs
1 month 3 weeks ago
SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. The company released firmware updates to block bypass attacks and unauthorized access. SonicWall released urgent firmware updates to fix three SonicOS vulnerabilities affecting Gen 6, Gen 7, and Gen 8 firewalls. The flaws could allow attackers to bypass security controls, access restricted services, […]
Pierluigi Paganini

China-Aligned Attackers Use ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign

Cyber Security News
1 month 3 weeks ago

A China-aligned threat group has been carrying out a carefully planned espionage campaign against government agencies and critical infrastructure across Asia. The group, tracked under the temporary designation SHADOW-EARTH-053, has been active since at least December 2024, quietly targeting organizations in at least eight countries. The campaign uses a combination of malware tools and living-off-the-land […]

The post China-Aligned Attackers Use ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2026-7585 | Open5GS up to 2.7.7 AMF /src/amf/nudm-handler.c amf_nudm_sdm_handle_provisioned denial of service (Issue 4403)

VulDB Recent Entries
1 month 3 weeks ago
A vulnerability was found in Open5GS up to 2.7.7 and classified as problematic. The impacted element is the function amf_nudm_sdm_handle_provisioned of the file /src/amf/nudm-handler.c of the component AMF. Executing a manipulation can lead to denial of service. This vulnerability is tracked as CVE-2026-7585. The attack can be launched remotely. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com

CVE-2026-42996 | JS8Call-improved up to 2.3.1 APRSISClient.cpp grid2deg stack-based overflow (GHSA-98hp-pjp7-w62x)

VulDB Recent Entries
1 month 3 weeks ago
A vulnerability has been found in JS8Call-improved up to 2.3.1 and classified as critical. The affected element is the function grid2deg of the file APRSISClient.cpp. Performing a manipulation results in stack-based buffer overflow. This vulnerability is identified as CVE-2026-42996. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2026-7584 | Zurich Instruments LabOne Q up to 26.1.1/26.4.0b5 File deserialization

VulDB Recent Entries
1 month 3 weeks ago
A vulnerability, which was classified as critical, was found in Zurich Instruments LabOne Q up to 26.1.1/26.4.0b5. Impacted is an unknown function of the component File Handler. Such manipulation leads to deserialization. This vulnerability is referenced as CVE-2026-7584. It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.
vuldb.com

SLH

Dark Feed IO
1 month 3 weeks ago

You must login to view this content

cohenido

SLH

Dark Feed IO
1 month 3 weeks ago

You must login to view this content

cohenido

Managed ad