Aggregator

In the ever-evolving world of cybersecurity, distributed denial-of-service (DDoS) attacks continue to grow in frequency and sophistication. For organizations across every sector, from telecommunications to healthcare, having robust, intelligent protection isn’t a luxury—it’s a necessity. This is why the latest...

Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign

In June 2025, a previously undocumented campaign leveraging end-of-support software began surfacing in telemetry data gathered across Eastern Asia. Dubbed TAOTH, the operation exploits an abandoned Chinese input method editor (IME), Sogou Zhuyin, to deliver multiple malware families. Initial intelligence indicated that victims, primarily traditional Chinese users and dissidents, downloaded what appeared to be legitimate […]

The post New TAOTH Campaign Exploits End-of-Support Software to Distribute Malware and Collect Sensitive Data appeared first on Cyber Security News.

Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues affecting solid-state drives (SSDs) and hard disk drives (HDDs). [...]

Currently trending CVE - Hype Score: 1 - Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config ...

Currently trending CVE - Hype Score: 19 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being ...

Currently trending CVE - Hype Score: 1 - A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple ...

Introducing the Data Vending Machine, schema caching in Structural, strengthened synthesis in Textual, + Object and Array generators in Fabricate!

The post Tonic.ai product updates: August 2025 appeared first on Security Boulevard.

A clandestine campaign in which threat actors are weaponizing a legitimate-looking PDF document, titled “국가정보연구회 소식지 (52호)” (National Intelligence Research Society Newsletter – Issue 52), alongside a malicious Windows shortcut (LNK) file named 국가정보연구회 소식지(52호).pdf.LNK. The attackers distribute both files together—either within the same archive or as seemingly related attachments. When victims open the LNK […]

The post Weaponized PDFs and LNK Files Used in Windows Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cloudy now supercharges analytics investigations and Cloudforce One threat intelligence! Get instant insights from threat events and APIs on APTs, DDoS, cybercrime & more - powered by Workers AI.

A vulnerability categorized as critical has been discovered in X.org X Server. This issue affects some unknown processing of the component X Event Handler. The manipulation results in memory corruption. This vulnerability is reported as CVE-2017-10971. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in X.org X Server. Impacted is an unknown function of the component XEvent Handler. This manipulation causes improper access controls. This vulnerability appears as CVE-2017-10972. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

A vulnerability identified as critical has been detected in X.Org Server up to 1.19.3. This affects an unknown function of the component Shared Memory Segments. This manipulation causes improper access controls. The identification of this vulnerability is CVE-2017-13721. The attack can only be executed locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability labeled as critical has been found in X.Org Server up to 1.19.3. This impacts an unknown function of the component Global Buffer Handler. Such manipulation leads to memory corruption. This vulnerability is referenced as CVE-2017-13723. The attack can only be performed from a local environment. No exploit is available. Applying a patch is advised to resolve this issue.

A vulnerability has been found in X.org X11 Server up to 1.19.4 and classified as critical. Impacted is the function ProcEstablishConnection. This manipulation causes unchecked error condition. This vulnerability is handled as CVE-2017-12176. It is possible to launch the attack on the local host. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in X.org X11 Server up to 1.19.4 and classified as critical. The affected element is the function ProcDbeGetVisualInfo. Such manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2017-12177. Local access is required to approach this attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in X.org X11 Server up to 1.19.4. It has been classified as critical. The impacted element is the function ProcXIChangeHierarchy. Performing manipulation results in unchecked error condition. This vulnerability was named CVE-2017-12178. The attack needs to be approached locally. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in X.org X11 Server up to 1.19.4. It has been declared as critical. This affects the function ProcXIBarrierReleasePointer. Executing manipulation can lead to integer overflow. The identification of this vulnerability is CVE-2017-12179. The attack can only be executed locally. There is no exploit available. It is recommended to upgrade the affected component.