Aggregator

A vulnerability categorized as critical has been discovered in Linux Kernel up to 5.15.89/6.0.2. This vulnerability affects unknown code of the component io_uring. Executing a manipulation can lead to state issue. This vulnerability is tracked as CVE-2022-50705. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.86/6.0.18/6.1.4. It has been rated as critical. This vulnerability affects the function vdpasim_net_init of the component vdpa_sim. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-50702. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

朝鲜勒索软件攻击的主要推动者之一是Lazarus组织的子组织Andariel，该组织大约在五年前开始涉足勒索软件攻击。现在正在使用 Medusa 勒索软件，并继续对美国医疗保健行业发起勒索攻击。  朝鲜长期以来一直参与勒索软件攻击，此前曾与 Maui 和 Play 勒索软件家族有关联合作情况。 证据表明，朝鲜攻击者曾使用Medusa勒索软件攻击中东地区的一个目标。 同一批攻击者还曾对美国一家医疗机构发起过一次未遂的攻击。  Medusa勒索软件由Spearwing网络犯罪集团运营，于2023年推出，以“勒索软件即服务”（RaaS）的形式运行，合作攻击者可以通过部署该勒索软件来换取一定比例的赎金，相关攻击者已声称使用Medusa勒索软件发动了超过366起攻击。图1 对 Medusa 泄露网站的分析显示，自 2025 年 11 月初以来，美国有四家医疗保健和非营利组织遭到攻击。 Lazarus 在使用Medusa勒索软件攻击活动中使用了一系列工具，其中包括： Comebacker：一款与 Lazarus 独家关联的定制后门和加载器。  Blindingcan：与 Lazarus 关联的远程访问木马 (RAT)。  ChromeStealer： 一款用于从 Chrome 浏览器中提取已存储密码的工具。 Curl：一个开源的命令行工具，用于使用各种网络协议传输数据。 Infohook：窃取信息的恶意软件。 Mimikatz：一款 公开可用的凭证导出工具。 RP_Proxy：一款自定义代理工具。 工具Hash列表 https://www.security.com/blog-post/lazarus-medusa-ransomware

A malicious NPM package named buildrunner-dev has been caught hiding .NET malware inside innocent-looking PNG images, using steganography to slip past antivirus tools and deliver a Remote Access Trojan onto Windows systems. Discovered in February 2026, this campaign signals a notable shift in supply chain attack methods, where the actual malicious code remains completely invisible inside what […]

The post Hackers Leverage Steganographic Images to Bypass Anti-Malware Scans and Deploy Malware Payloads appeared first on Cyber Security News.

Ransomware Medusa linked to North Korean hackers targets US healthcare amid ongoing attacks

Strengthen DDoS Readiness with proactive protection strategies, risk assessments, traffic monitoring, scalable defenses, and rapid response planning.

New Relic announced enterprise-grade Agentic Platform capabilities that enable organizations to build, deploy, and manage a full spectrum of AI agents and agentic workflows, from simple single-task automations to complex, multi-agent orchestrations. With an intuitive no-code builder for domain experts, New Relic’s Agentic Platform empowers enterprises to intelligently automate a wide range of processes, leading to a significant reduction in manual toil, faster incident resolution, and improved operational resilience. “As software complexity outpaces human ability … More →

The post New Relic Agentic Platform brings governance and scale to AI agents appeared first on Help Net Security.

A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities supporting the war-torn nation. The activity, which targeted an unnamed entity involved in regional

В Anthropic признали, что их лучшие функции утекли в Пекин через обычное диалоговое окно.

Learn how to strengthen app performance without slowing innovation using metrics, observability, scalability planning, and disciplined release strategies.

Aikido Security has unveiled Aikido Infinite, a continuous AI penetration testing solution that autonomously validates and remediates vulnerabilities. Infinite reduces risk with every release by testing software changes as they move through deployment, confirming exploitability, and fixing vulnerabilities within the same workflow. Penetration testing often relies on manual or point-in-time assessments, frequently delivered weeks after software has already shipped. In a recent survey of 500 security and engineering leaders conducted by Aikido, 76% reported deploying … More →

The post Aikido Infinite introduces continuous, self-remediating AI penetration testing appeared first on Help Net Security.

How to observe, detect, investigate and mitigate against overly permissive Entra app consent

A vulnerability classified as critical has been found in Microsoft SharePoint Server 2010 SP2/2013 SP1/2016/2019. This vulnerability affects unknown code of the component Markup Handler. Performing a manipulation as part of Application Package results in download of code without integrity check. This vulnerability is known as CVE-2020-1210. Remote exploitation of the attack is possible. No exploit is available. Applying a patch is the recommended action to fix this issue.

A vulnerability was found in Microsoft Windows. It has been classified as critical. Affected is an unknown function of the component Diagnostics Hub Standard Collector. The manipulation leads to improper privilege management. This vulnerability is uniquely identified as CVE-2020-1133. The attack is possible to be carried out remotely. No exploit exists. To fix this issue, it is recommended to deploy a patch.

A vulnerability was found in Microsoft Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Store Runtime. The manipulation results in improper privilege management. This vulnerability was named CVE-2020-1146. The attack may be performed from remote. There is no available exploit. It is advisable to implement a patch to correct this issue.

A vulnerability was found in Microsoft Windows. It has been rated as critical. Affected by this issue is some unknown functionality in the library Win32k.sys. This manipulation causes improper privilege management. The identification of this vulnerability is CVE-2020-1152. It is possible to initiate the attack remotely. There is no exploit available. Applying a patch is the recommended action to fix this issue.

A vulnerability categorized as critical has been discovered in Microsoft Windows up to Server 2004. This affects an unknown part in the library StartTileData.dll. Such manipulation leads to improper privilege management. This vulnerability is referenced as CVE-2020-1159. It is possible to launch the attack remotely. No exploit is available. It is best practice to apply a patch to resolve this issue.

A vulnerability identified as critical has been detected in Microsoft Windows. This vulnerability affects unknown code of the component Windows Runtime. Performing a manipulation results in improper privilege management. This vulnerability is identified as CVE-2020-1169. The attack can be initiated remotely. There is not any exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability labeled as critical has been found in Microsoft Edge and ChakraCore. This issue affects some unknown processing of the component Scripting Engine. Executing a manipulation can lead to out-of-bounds write. This vulnerability is tracked as CVE-2020-1180. The attack can be launched remotely. No exploit exists. Applying a patch is advised to resolve this issue.

A vulnerability marked as critical has been reported in Microsoft Office up to 2019. Impacted is an unknown function of the component Excel. The manipulation leads to memory corruption. This vulnerability is listed as CVE-2020-1193. The attack may be initiated remotely. There is no available exploit. It is suggested to install a patch to address this issue.