Aggregator

A Finnish judge set free Aleksanteri "Julius" Kivimäki, convicted of extorting victims of the Vastaamo psychotherapy center's data breach, as his appeal in the case continues.

A vulnerability was found in libming 0.4.8. It has been declared as problematic. Impacted is the function parseSWF_ENABLEDEBUGGER2. Executing manipulation can lead to memory leak. This vulnerability is handled as CVE-2025-29483. The attack can only be done within the local network. There is not any exploit available.

A vulnerability identified as critical has been detected in libming 0.4.8. The affected element is the function decompileSETVARIABLE. This manipulation causes memory corruption. This vulnerability is handled as CVE-2025-29492. The attack can only be done within the local network. Additionally, an exploit exists.

A vulnerability identified as problematic has been detected in libming 0.4.8. This affects the function parseSWF_MORPHLINESTYLES. This manipulation causes memory leak. The identification of this vulnerability is CVE-2025-29489. The attack needs to be done within the local network. There is no exploit available.

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a now-patched vulnerability disclosed earlier this year. Slovakian cybersecurity company ESET said the samples were uploaded

The Cybersecuritynews researcher team uncovered a sophisticated social engineering campaign that is exploiting the public’s need for free internet access, using deceptive Wi-Fi portals to trick users into downloading and executing PowerShell-based malware. Dubbed the “Clickfix” attack, this method turns a user’s own browser actions against them to compromise their system under the guise of […]

The post New Clickfix Attack Promises “Free WiFi” But Delivers Powershell-Based Malware appeared first on Cyber Security News.

A malicious ISO image named Servicenow-BNM-Verify.iso was uploaded to VirusTotal from Malaysia with almost no detections. The image contains four files—two openly visible and two hidden. The visible files include a Windows shortcut, servicenow-bnm-verify.lnk, which launches PanGpHip.exe, a legitimate Palo Alto Networks binary. Hidden in the same ISO are libeay32.dll, a genuine OpenSSL library, and […]

The post New Malware Abuses Azure Functions to Host Command and Control Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CVE-2025-21043, that was exploited in zero-day attacks against Android users. The vulnerability is an out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1. A remote attacker can exploit […]

Пароли, MFA и даже сессии теперь в руках у кого-то очень коварного.

A Tennessee court has sentenced a Memphis man who worked for a DVD and Blu-ray manufacturing and distribution company to 57 months in prison for stealing and selling digital copies of unreleased movies. [...]

A sophisticated malvertising campaign has been uncovered targeting unsuspecting users through “dangling commits” in a legitimate GitHub repository. Attackers are injecting promotional content for a counterfeit GitHub Desktop installer into popular development and open-source projects. When users download what appears to be the genuine client, the installer quietly delivers malicious payloads in the background, compromising […]

The post New Malvertising Campaign Exploits GitHub Repositories to Distribute Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new kernel address leak vulnerability has been discovered in the latest versions of Windows 11 (24H2) and Windows Server 2022 (24H2). The flaw, identified as CVE-2025-53136, was ironically introduced by a Microsoft patch intended to fix a separate vulnerability, CVE-2024-43511. According to Crowdfense, the new bug undermines recent security enhancements in Windows, providing a […]

The post Microsoft Patch for Old Flaw Reveals New Kernel Address Leak Vulnerability in Windows 11/Server 2022 24H2 appeared first on Cyber Security News.

A new report from Cofense reveals that cybercriminals are blending phishing and malware, including Muck Stealer, Info Stealer,…

Сначала они сказали, что всё безопасно, но теперь внутренние документы доказывают обратное.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-5086, carries a CVSS score of 9.0 out of 10.0. According to

关键词网络攻击英国伦敦东北铁路公司（LNER）证实，其一家第三方供应商遭到网络攻击，导致部分乘客信息泄露。

关键词virtualbox甲骨文于 2025 年 9 月 10 日发布了 VirtualBox 7.2.2，这

关键词数据泄露捷豹路虎（JLR）证实，在 8 月 31 日爆发的网络攻击中，黑客不仅导致公司多家工厂停产，还窃

关键词安全漏洞微软在 2025 年 9 月 9 日的安全更新中修复了 Windows Defender 防火墙

阿尔巴尼亚负责公共采购的新任部长不会接受贿赂、不会受到威胁或巴结的影响。因为她是 AI 聊天机器人 Diella。阿尔巴尼亚被认为是全球贩毒和武器犯罪团伙洗钱的中心，腐败早已蔓延到权力中心。任命一名 AI 部长是打击腐败的措施的一部分。即将开始第四个总理任期的 Edi Rama 称 Diella 在阿尔巴尼亚语中意思是“太阳”，将负责政府与私营公司签订各类项目的公共招标，帮助阿尔巴尼亚“成为一个公共招标 100% 零腐败的国家”。