Aggregator

A vulnerability classified as problematic was found in OpenHarmony up to 5.0.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to type confusion. This vulnerability is known as CVE-2025-27536. Attacking locally is a requirement. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in OpenHarmony up to 5.0.3.x. Affected by this issue is some unknown functionality. The manipulation leads to memory leak. This vulnerability is handled as CVE-2025-27562. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setRIP of the file /goform/setRIP. The manipulation of the argument RIPmode/RIPpasswd leads to stack-based buffer overflow. This vulnerability is handled as CVE-2025-8824. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801 and classified as critical. This vulnerability affects the function um_rp_autochannel of the file /goform/RP_setBasicAuto. The manipulation of the argument apcli_AuthMode_2G/apcli_AuthMode_5G leads to stack-based buffer overflow. This vulnerability was named CVE-2025-8826. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A critical vulnerability was uncovered that transforms ordinary Linux-powered webcams into weaponized BadUSB attack tools, enabling remote hackers to inject malicious keystrokes and compromise target systems without detection.  The research, presented at DEF CON 2025, demonstrates the first known case where attackers can remotely weaponize USB devices already connected to computers, marking a significant evolution […]

The post Hackers Weaponized Linux Webcams as Attack Tools to Inject Keystrokes and Launch Attacks appeared first on Cyber Security News.

Meta has introduced a transformative update to Instagram, evolving the platform from a simple photo-sharing service into an always-on real-time location broadcaster via its new “Map” feature. Announced in early August 2025, this functionality allows users to opt-in for sharing their last active location with selected friends, updating automatically whenever the app is opened or […]

The post Meta’s New Feature Turns Instagram into a Real-Time Location Broadcaster appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

15 скрытых правил GPT-5, которые вы никогда не увидите в интерфейсе.

The cybersecurity landscape faces an unprecedented threat as artificial intelligence coding assistants inadvertently transform into reconnaissance tools for malicious actors. A recent investigation reveals how developers’ interactions with AI tools like Claude CLI and GitHub Copilot are creating comprehensive attack blueprints that eliminate the traditional barriers to sophisticated cyber intrusions. Modern AI coding assistants store […]

The post AI Coding Assistant Creating a Perfect Blueprints for Attackers appeared first on Cyber Security News.

2024年CCF-绿盟科技“鲲鹏”科研基金项目申报指南

Hackers release 9GB of stolen files from the computer of an alleged North Korean hacker, revealing tools, logs,…

Steam 创意工坊知名模组遭遇大规模恶意 DMCA 举报，问题始于《钢铁雄心4》，然后迅速扩散到其它流行游戏，包括 Left 4 Dead 2、Terraria、Garry's Mod、Stellaris、Wallpaper Engine 和 Rimworld 等等。恶意人士滥用了 Steam 平台创意工坊 DMCA 举报机制。当有模组遭遇 DMCA 投诉时，Valve 采取了一种非常节省它自己时间的做法：模组开发者首先收到警告邮件，要求解决 DMCA 问题，模组开发者然后需要递交证据证明没有违反 DMCA，Valve 会进行审核，但你知道谁去审核证据？是举报人。当举报人发现他们不需要任何证据就可以举报流行模组后，他们开始恶意将各个流行游戏的流行模组全部举报。问题起源于《钢铁雄心4》，《钢铁雄心4》有一个模组叫 The Fire Rises (TFR)，TFR 有一个来自中国的子模组 Loong Rising of Darkness(LROD)，双方的开发者不知何故发生了冲突，TFR 向 LROD 发出了 DMCA，双方试图和解，但 TFR 发出的 DMCA 没有撤销，最终导致 LROD 下架，随后 LROD 发起了反击，举报了 TFR，并发现可以滥用 DMCA，因此扩大了举报范围，导致各大游戏的流行模组几乎无一幸免。玩家呼吁 Valve 立即采取行动，改变它处理 DMCA 的方法。

Ваш смартфон помогает красть деньги, а вы об этом даже не догадываетесь.

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we learn about life before and after exposure management, from members of Tenable’s own security team. You can read the entire Exposure Management Academy series here.

If you’re a cybersecurity pro, you know the drill: You log in to face a deluge of alerts from a dozen (or more!) different tools. Armed with little more than a cup of coffee and a protein bar, you forge ahead into the sea of red.

One system flags a cloud misconfiguration. Another finds a critical vulnerability. Oh, and all the while, the vulnerability management dashboard is still glowing scarlet. Like you need that reminder.

Recently, two members of the Tenable cybersecurity team, Saeed Elahi, Head of Cyber Risk and Assurance, and Arnie Cabral, Senior Staff Information Security Engineer, joined a webinar, How Tenable Optimized Security Effectiveness and Efficiency with Exposure Management, to share their journey from the kind of security chaos we just described to the clarity that comes with exposure management.

The organizational drag of disparate data

Elahi and Cabral described the initial state of their cybersecurity program. If you’re in cybersecurity, the story will ring a few bells. Like many of their peers, their security organization was built around silos. There were dedicated teams for identity management, application security and cloud infrastructure. They operated pretty well within their own domains. But each used specialized tools. 

Elahi described this structure as creating “organizational drag,” with inefficient communication and challenges aligning priorities across the organization.

A visualization of the organization looked like a plate of spaghetti. But rather than a delectable Bolognese, this was a chaotic web, with data from a dozen security tools flowing from various engineering and IT teams. A lack of central aggregation made getting a unified view of the organization’s risk posture an impossibility. 

Before exposure management

Source: Tenable, 2025

Three significant challenges arose from the silos:

• Data overload: Alerts were unrelenting and impossible to wrangle, with multiple tools often flagging the same problem on the same asset. This added up to duplicate work and overwhelmed analysts.
• No attacker’s view: Cabral said that, although internal sensors were robust, the siloed data didn’t see the whole picture. He added that not being able to see things from the bad guy’s perspective put them at a disadvantage because they couldn’t see how an attacker could piece together disparate weaknesses or exploit shadow IT assets.
• Too many manual tasks: Engineers were consumed by low value tasks like pulling data, consolidating it in a spreadsheet and correlating the findings. Daily life was a struggle to balance the need to understand the piles of data streaming in with equally critical security work.

The change catalyst

The turning point came when CSO Robert Huber issued a clear directive: Get everything into one place. And do it now!

The mandate forced a rethink. The old processes and technologies needed a thorough overhaul, and that meant the vulnerability management team went from managing about five tools to two- to three-times that number. 

Like many engineers, their first thought was to build a new solution themselves. So, using a business intelligence tool, they made a valiant effort to create a custom dashboard that would unify all their security data. There’s often nothing as bracing as a first effort that doesn’t quite work. That was the case here. It was simply not feasible. 

Cabral said the effort was "taking too long and costing too much money." Two months in, data was still siloed and all they’d done was some testing. 

Soon, Elahi and Cabral had a strategic realization. A security program shouldn’t turn its engineers into full-time software developers. Instead, with limited resources, the team needed to focus on securing the company. So they started looking for a dedicated platform. And the solution was right in front of them.

The pivot: Finding the signal with exposure management 

The team quickly moved to adopt a Continuous Threat Exposure Management (CTEM) program, in which an exposure assessment platform helped lead to a fundamental redesign of their workflow. They transformed that chaotic spaghetti diagram into an elegant, logical model with all security tools feeding into a single, intelligent system. 

After exposure management

Source: Tenable, 2025

Those pesky silos, including everything from vulnerability scanners to cloud security agents, were essentially a thing of the past.

With this unified platform in place, the team gained a few powerful capabilities:

• Complete visibility: The team said that the unified platform provided an immediate and complete picture of the attack surface. They discovered “thousands upon thousands” of assets they didn’t know existed.
• Smart deduplication: The way the platform is able to understand context changed the game for the team. When three tools flagged the same vulnerability on the same server, those findings were consolidated into a single alert.
• Automated workflow: The shift eliminated all that manual drudgery. Cabral said the platform now handles the “dirty work” of automatically correlating findings and prioritizes them based on factors like exploitability and asset criticality. It also creates a single, actionable JIRA ticket that automatically goes to the right team.

Talk about night and day, right? The old problem of more noise than signal was finally solved. That flood of alerts was reduced to a trickle. And finally, the security team had a short, clear list of exactly what needed to be fixed and why.

Takeaways: Quantifiable results and reclaimed time

The results of the transition were immediate and quantifiable.

One dramatic metric jumped out. The team was able to reduce thousands of raw security alerts into just 10 actionable tickets. You read that right. It’s a pretty powerful demonstration of the value of exposure management. 

But the benefits didn’t end there. 

The team’s overall productivity doubled and reports that once took days of manual effort became available in seconds. 

The most significant (and positive!) impact was on the team itself. Freed from all the manual administrivia, engineers could finally be engineers again. They had time to focus on more specialized, engaging, high-value work like threat hunting. 

The journey of Tenable's cybersecurity team shows how security operations have evolved. By moving from a siloed, reactive model to unified exposure management, they were able to eliminate noise, increase efficiency and ultimately strengthen the company’s security posture.

Learn more

Check out the Tenable exposure management resource center to discover the value of exposure management and explore resources to help you stand up a continuous threat exposure management program.

SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-32724) can also be leveraged to force public DCs to participate in distributed denial-of-service (DDoS) attacks. Win-DDoS – as the researchers dubbed this new attack technique – hinges on the attackers’ ability to trick public DCs into connecting to a Lightweight Directory Access Protocol (LDAP) server they set up, … More →

The post Win-DDoS: Attackers can turn public domain controllers into DDoS agents appeared first on Help Net Security.

In recent months, security researchers have observed a novel phishing campaign targeting macOS users under the guise of a CAPTCHA verification process. This attack, dubbed “ClickFix,” leverages a blend of social engineering and operating system detection to coax victims into executing malicious commands directly in their terminals. By mimicking legitimate Cloudflare-style checks, the malware avoids […]

The post ClickFix Malware Attacks macOS Users to Steal Login Credentials appeared first on Cyber Security News.

刚刚发布的 Debian 13 正式加入了对  RISC-V CPU 架构的支持，而下一个版本考虑正式支持龙芯的 LoongArch CPU 架构。Debian 14 代号为 Forky，预计将在 2027 年发布。Debian 发布团队在邮件列表上表示，他们准备在不久之后接受为 Loong64 构建的软件包。

ЕС защитил журналистов от слежки, но может проиграть войну за свободу слова.

ClickFix has emerged as one of the most dangerous and rapidly growing cybersecurity threats of 2025, representing a sophisticated evolution in social engineering attacks. This deceptive technique has surged by an unprecedented 517% in the first half of 2025, becoming the second most common attack vector after phishing and accounting for nearly 8% of all […]

The post What is ClickFix Attack – How Hackers are Using it to Attack User Device With Malware appeared first on Cyber Security News.