Aggregator

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0. This affects the function packet_set_ring/packet_notifier. This manipulation causes race condition. This vulnerability appears as CVE-2025-38617. The attacker needs to be present on the local network. There is no available exploit. You should upgrade the affected component.

A sophisticated new ransomware strain named BQTLOCK has emerged in the cyberthreat landscape since mid-July 2025, operating under a comprehensive Ransomware-as-a-Service (RaaS) model that democratizes access to advanced encryption capabilities for cybercriminals. The malware, associated with ‘ZerodayX’, the alleged leader of the pro-Palestinian hacktivist group Liwaa Mohammed, represents a concerning evolution in ransomware distribution and […]

The post BQTLOCK Ransomware Operates as RaaS With Advanced Evasion Techniques appeared first on Cyber Security News.

A vulnerability labeled as problematic has been found in go-acme lego up to 4.25.1. This affects an unknown part of the file github.com/go-acme/lego/v4/acme/api of the component ACME Protocol Handler. Such manipulation leads to cleartext transmission of sensitive information. This vulnerability is uniquely identified as CVE-2025-54799. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability classified as critical has been found in Squid Web Proxy up to 6.3. Affected by this vulnerability is an unknown functionality of the component URN Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-54574. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in Red Hat Ceph Storage RadosGW up to 14.2.20 and classified as critical. This affects an unknown part of the component CORS ExposeHeader Tag Handler. Such manipulation leads to injection. This vulnerability is listed as CVE-2021-3524. The attack must be carried out from within the local network. There is no available exploit. It is suggested to upgrade the affected component.

本文提出了MedRef，一个集成了知识精炼和动态提示调整的新型医疗对话系统。

It’s like some sort of digital age version of To Tell the Truth, the ancient TV show where three challengers claim to be the same person and the contestants have to guess which one is the real deal—typically with dismal results.  So it goes with deepfakes, like in the recent spate of cyberattacks related to..

The post Will the Real Executive Please Stand Up? appeared first on Security Boulevard.

July’s Application Detection and Response data revealed two standout events: a concentrated malicious campaign using multiple attack types against one organization, and an unprecedented spike that hit another organization with more than 2 million attacks in a single month. In both cases, ADR blocked every attempt in real time.

The post 2M+ Application Attacks Blocked in Real Time | July ADR Report | Contrast Security appeared first on Security Boulevard.

Microsoft Threat Intelligence has spotlighted the escalating adoption of the ClickFix social engineering technique, a sophisticated method that manipulates users into executing malicious commands on their devices, bypassing traditional automated security defenses. Observed since early 2024, this tactic has targeted thousands of enterprise and end-user systems daily, delivering payloads such as Lumma Stealer infostealers, remote […]

The post ClickFix Exploit Emerges: Microsoft Flags Cross-Platform Attacks Targeting Windows and macOS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Совместимость достигла того уровня, о котором мечтали долгие годы.

Some insurers look to limit payouts to companies that don't remediate serious vulnerabilities in a timely manner. Unsurprisingly, most companies don't like those restrictions.

A vulnerability labeled as critical has been found in Espressif ESP-IDF up to 5.0.8/5.1.5/5.3.2/5.4.0. Affected is an unknown function. The manipulation results in buffer overflow. This vulnerability is identified as CVE-2025-55297. The attack can only be performed from the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Uniong WebITR up to 2_1_0_32. It has been declared as problematic. This affects an unknown part. Such manipulation leads to absolute path traversal. This vulnerability is documented as CVE-2025-9257. The attack can be executed remotely. There is not any exploit available.

A vulnerability has been found in Uniong WebITR up to 2_1_0_32 and classified as problematic. Affected is an unknown function. The manipulation leads to absolute path traversal. This vulnerability is listed as CVE-2025-9256. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in Uniong WebITR up to 2_1_0_32. It has been classified as critical. Affected by this issue is some unknown functionality. This manipulation causes missing authentication. This vulnerability is registered as CVE-2025-9254. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Uniong WebITR up to 2_1_0_32. It has been rated as problematic. This vulnerability affects unknown code. Performing manipulation results in absolute path traversal. This vulnerability is reported as CVE-2025-9258. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability identified as critical has been detected in Uniong WebITR up to 2_1_0_32. Impacted is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2025-9255. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Uniong WebITR up to 2_1_0_32. It has been rated as problematic. The affected element is an unknown function. The manipulation leads to absolute path traversal. This vulnerability is documented as CVE-2025-9259. The attack can be initiated remotely. There is not any exploit available.

A sophisticated supply chain attack has emerged targeting developers through a malicious Go module package that masquerades as a legitimate SSH brute forcing tool while covertly stealing credentials for cybercriminal operations. The package, named “golang-random-ip-ssh-bruteforce,” presents itself as a fast SSH brute forcer but contains hidden functionality that exfiltrates successful login credentials to a Telegram […]

The post Malicious Go Module Package as Fast SSH Brute Forcer Exfiltrates Passwords via Telegram appeared first on Cyber Security News.