Aggregator

A vulnerability was found in Kitware VTK up to 9.5.0. It has been declared as critical. Affected by this issue is the function vtkGLTFDocumentLoader. Executing manipulation can lead to buffer overflow. This vulnerability is handled as CVE-2025-57106. The attack can only be done within the local network. There is not any exploit available.

The U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively leveraging the security vulnerability in ransomware campaigns targeting organizations worldwide. The vulnerability, tracked as CVE-2024-1086, represents a significant threat to Linux-based systems and requires immediate attention from cybersecurity teams. […]

The post CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Математики впервые доказали существование фигуры, которая не может «пропустить» сама себя.

周末三款游戏限免：交通模拟器、《Five Nights at Freddy’s: Into the Pit》与《Bendy and the Ink Machine》。作者分享了自己与朋友的游戏拖延经历，并提醒谨慎购买新游戏。

European Startup Acquisition Aims to Unify Technical and Financial Cyber Insights
The acquisition of Intangic enhances Searchlight Cyber's ability to quantify and price cyber risk by using AI and dark web intelligence. The combined platform will offer actionable third-party risk data for CISOs, CFOs and insurance providers to better understand and manage cyber exposure.

Denmark Concedes Domestic and International Opposition Against Client Scanning
Denmark is withdrawing a proposal that would have required online service providers to scan communications and files on user devices for child sexual abuse material after domestic and international opposition. The Scandinavian country presides over the Council of the European Union until December.

Multimillion Dollar Deal Resolves 27 Lawsuits After 2023 Email Storage Hack
A Tennessee federal court has approved a multimillion dollar settlement in consolidated class action litigation against HCA Healthcare in the wake of a 2023 email data theft hack that the publicly traded company reported as affecting nearly 11.3 million individuals.

Non-Dilutive Funding From General Catalyst Supports Global Go-to-Market Push
Backed by $280 million in growth financing from General Catalyst, Chainguard plans to scale global go-to-market efforts and invest in its open-source security platform. The non-dilutive funding structure allows for targeted investment based on customer acquisition.

Больница выставила оверпрайс, но тут пришёл ИИ и сказал: "Нет, ребят, так не пойдёт".

Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices, deploying a malicious implant known as BADCANDY across networks worldwide. The Australian Signals Directorate (ASD) has confirmed that over 150 devices remain compromised in Australia alone as of late October 2025, despite ongoing remediation efforts […]

The post Cisco IOS XE Vulnerability Being Abused in the Wild to Plant BADCANDY appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability labeled as problematic has been found in Restaurant Brands International Assistant Platform up to 2025-09-06. This affects an unknown part of the component JWT Handler. The manipulation results in incorrect authorization. This vulnerability was named CVE-2025-62647. The attack may be performed from remote. There is no available exploit. This product is provided as a managed service, meaning users do not have the ability to maintain vulnerability countermeasures themselves.

A vulnerability, which was classified as critical, has been found in Restaurant Brands International Assistant Platform up to 2025-09-06. Affected is an unknown function of the component Drive Thru Speaker Audio Volume Handler. This manipulation causes incorrect authorization. This vulnerability is tracked as CVE-2025-62648. The attack is possible to be carried out remotely. No exploit exists. This product is a managed service. This means that users cannot maintain vulnerability countermeasures themselves.

A vulnerability has been found in Restaurant Brands International Assistant Platform up to 2025-09-06 and classified as problematic. This vulnerability affects unknown code of the component Anyone Can Join This Party Signup API. Performing manipulation results in missing authorization. This vulnerability is reported as CVE-2025-62642. The attack is possible to be carried out remotely. No exploit exists. This product is a managed service, indicating that users are not permitted to maintain vulnerability countermeasures themselves.

A vulnerability was found in Restaurant Brands International Assistant Platform up to 2025-09-06. It has been rated as critical. Impacted is an unknown function of the component Diagnostic Screen. This manipulation causes use of client-side authentication. This vulnerability appears as CVE-2025-62650. The attack may be initiated remotely. There is no available exploit. This product is a managed service, which means users themselves cannot handle vulnerability countermeasures.

A vulnerability labeled as problematic has been found in Restaurant Brands International Assistant Platform up to 2025-09-06. This affects an unknown function of the component Equipment Order Submission Handler. Executing manipulation can lead to use of client-side authentication. This vulnerability is handled as CVE-2025-62649. The attack can be executed remotely. There is not any exploit available. This product is available as a managed service. Users are not able to maintain vulnerability countermeasures themselves.

A vulnerability was found in Restaurant Brands International Assistant Platform up to 2025-09-06. It has been declared as problematic. This impacts an unknown function of the component Conversation Handler. Such manipulation leads to incorrect resource transfer. This vulnerability is traded as CVE-2025-62646. The attack may be launched remotely. There is no exploit available. This product is a managed service. It is not possible for users to maintain vulnerability countermeasures themselves.

A vulnerability classified as problematic was found in Restaurant Brands International Assistant Platform up to 2025-09-06. This impacts an unknown function of the component E-Mail Message Handler. The manipulation results in cleartext transmission of sensitive information. This vulnerability is identified as CVE-2025-62643. The attack can be executed remotely. There is not any exploit available. This product is a managed service. It is not possible for users to maintain vulnerability countermeasures themselves.

A vulnerability was found in Restaurant Brands International Assistant Platform up to 2025-09-06. It has been classified as problematic. This vulnerability affects unknown code of the component Global Store Directory. The manipulation leads to exposure of private personal information to an unauthorized actor. This vulnerability is documented as CVE-2025-62644. The attack can be initiated remotely. There is not any exploit available. This product is a managed service, indicating that users are not permitted to maintain vulnerability countermeasures themselves.

A vulnerability has been found in elunez eladmin up to 2.7 and classified as problematic. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STR_PARAM with the input Passw0rd leads to inadequate encryption strength. This vulnerability is documented as CVE-2025-9239. The attack can be initiated remotely. There is not any exploit available.