Aggregator

A ransomware attack on a large healthcare network in Maryland has forced officials to shut off IT s

Submit #485445 / VDB-293998

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-0840. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Submit #485255 / VDB-293997

The state-sponsored threat actors are increasingly exploiting Google’s AI-powered assistant, Gemini, to enhance their cyber operations.  While generative AI tools like Gemini hold immense potential for innovation and productivity, their misuse by advanced persistent threat (APT) groups and information operations (IO) actors underscores the dual-use nature of such technologies. Google’s Threat Intelligence Group (GTIG) has […]

The post State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks appeared first on Cyber Security News.

A vulnerability, which was classified as problematic, has been found in MIT Kerberos 5 1.7. Affected by this issue is some unknown functionality of the file kadmind of the component Incremental Propagation. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-24528. The attack needs to be done within the local network. There is no exploit available.

Home > Apple Intelligence, Mac administration, macOS, Management Profiles > Managing Apple I

Researchers have uncovered two critical vulnerabilities in Apple’s custom silicon chips, dubbed SLAP (Speculative Load Address Prediction) and FLOP (False Load Output Predictions).  These flaws, found in Apple’s A- and M-series processors, expose sensitive user data such as credit card details, location history, and even private email content to potential attackers.  The vulnerabilities affect a […]

The post Apple Chips Vulnerability Exposes Credit Cards & Location History to Hackers appeared first on Cyber Security News.

A significant cybersecurity threat has emerged as hackers on a prominent Russian dark web forum claim to be selling an active exploit targeting Fortinet devices. The exploit reportedly leverages a critical vulnerability, CVE-2024-55591, which affects FortiOS versions 7.0.0 through 7.0.16.  This vulnerability, categorized as “Authentication Bypass Using an Alternate Path or Channel,” enables remote attackers […]

The post Hackers Allegedly Selling Fortinet Vulnerability Exploit on Dark Web Forums appeared first on Cyber Security News.

As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the ris

Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.

As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Learn how a complimentary LayerX risk assessment can help identify, assess, and address browsing and SaaS risks in your workplace. [...]

Het jaarlijkse Frisian Flag is dusdanig hoogwaardig dat de NAVO de oefening graag onder NAVO-vlag wil. Dat gebeurt nu ook, onder de naam Ramstein Flag. Dit maakt het hoofdkwartier voor alle luchtmachtzaken binnen de NAVO zojuist bekend. Ramstein Flag speelt zich van 31 maart tot en met 11 april af, op en vanaf Vliegbasis Leeuwarden. 

Китайский ИИ с радостью научит вас отмывать деньги и изготавливать взрывчатку.

A vulnerability classified as critical was found in RuoYi 4.8.0. Affected by this vulnerability is an unknown functionality of the component Cookie Handler. The manipulation leads to improper authorization. This vulnerability is known as CVE-2024-57436. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as critical has been found in RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/list. The manipulation of the argument orderby leads to sql injection. This vulnerability is traded as CVE-2024-57437. It is possible to launch the attack remotely. There is no exploit available.