Aggregator
CVE-2025-0438 | Google Chrome up to 131.0.6778.264 Tracing stack-based overflow (Nessus ID 214233)
Intel security advisory (AV25-079)
Apple Releases Urgent Patch for USB Vulnerability
Rachel Hunter Claims to have Leaked cPanel Access of the Islamic Republic Railway in Iran
HPE security advisory (AV25-078)
OpenSSL patched high-severity flaw CVE-2024-12797
Authorities Seize 8Base Ransomware Infrastructure, Arrest Four Russians
With "Operation Phobos Aetor," international law enforcement, including the US DOJ and Europol, arrest four Russian nationals and seize infrastructure connected to the 8Bbase ransomware group, the largest affiliate of the prolific Phobos RaaS operation.
The post Authorities Seize 8Base Ransomware Infrastructure, Arrest Four Russians appeared first on Security Boulevard.
CVE-2024-21924 | AMD EPYC 7002 Processors SMM unnecessary privileges
CVE-2023-31361 | AMD AIM-T Integrated Management Technology Software prior 4.0.0.722 Manageability Service uncontrolled search path
CVE-2025-25525 | H3C FA3010L SWFA1B0V100R005 Setting buffer overflow
CVE-2025-25524 | TOTOLINK X6000R 9.4.0cu.652_B20230116 Wi-Fi Filtering Rule buffer overflow
CVE-2025-25523 | Trendnet TEG-40128 Web Smart Switch 1.00.023 buffer overflow
CVE-2024-21966 | AMD Ryzen Master Utility 2.14.0.3205 privileges management
CVE-2023-31360 | AMD AIM-T Integrated Management Technology software prior 4.0.0.722 Manageability Service default permission
CVE-2025-25526 | Mercury MIPC552W Camera 1.0 PPTP Server buffer overflow
Adobe security advisory (AV25–077)
U.S. California Teen Sentenced to 4 Years in Prison for Nationwide Swatting Rampage
February Patch Tuesday delivers 57 packages
Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under active exploitation. CVE-2025-21418 and CVE-2025-21391 CVE-2025-21418 is a vulnerability in the Windows Ancillary Function Driver (AFD.sys), which interfaces with the Windows Sockets API to enable Windows applications to connect to the internet. It can be exploited by attackers to elevate privileges on the target host. “An authenticated user would need to run … More →
The post Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) appeared first on Help Net Security.