Aggregator

A former National Crime Agency investigator who worked on the Silk Road case was sentenced to more than five years in prison for stealing 50 bitcoins seized in that operation.

The Higher School of Economics (HSE), a leading Russian institution, said the two-year course will focus on international corporate compliance and business ethics, and will be taught in both Russian and English.

A vulnerability was found in Bluebird kr.co.bluebird.android.bbsettings up to 1.3.2. It has been classified as problematic. Affected is an unknown function of the component kr.co.bluebird.android.bbsettings.BootReceiver. The manipulation leads to improper export of android application components. This vulnerability is traded as CVE-2025-5346. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Bluebird com.bluebird.filemanagers up to 1.3.5/1.4.4 and classified as problematic. This issue affects some unknown processing of the component com.bluebird.system.koreanpost.IsdcardRemoteService. The manipulation leads to improper export of android application components. The identification of this vulnerability is CVE-2025-5345. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Bluebird com.bluebird.kiosk.launcher up to 1.1.1 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper export of android application components. This vulnerability was named CVE-2025-5344. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in TOTOLINK N300RB 8.54. This affects an unknown part. The manipulation leads to backdoor. This vulnerability is uniquely identified as CVE-2025-52089. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Researchers discovered a security flaw in Google's Gemini AI chatbot that could put the 2 billion Gmail users in danger of being victims of an indirect prompt injection attack, which could lead to credentials being stolen or phishing attacks.

The post Google Gemini AI Flaw Could Lead to Gmail Compromise, Phishing appeared first on Security Boulevard.

Архитектура корпоративных брандмауэров оказалась идеальной для незаметного взлома.

美国乔治梅森大学(GMU)｜张亦成老师招生：系统与硬件安全方向博士生（2026春/秋入学）

The Federal Communications Commission said Wednesday that the ban will be part of a broader package of policies to encourage an expansion of submarine telecommunications infrastructure while protecting it from “foreign adversary threats.”

Security researchers have discovered over 4 million vulnerable Internet hosts that can be weaponized for devastating new denial-of-service attacks, marking one of the largest infrastructure vulnerabilities uncovered in recent years. The groundbreaking research, conducted by Angelos Beitis and Mathy Vanhoef from DistriNet at KU Leuven, reveals that millions of devices worldwide accept unauthenticated tunneling traffic […]

The post Over 4 Million Exposed Devices Used in Two New DoS Attack Campaigns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Тысяча экспериментов, тонны формул, и всё зря — пока не включили инфракрасную камеру.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.92/6.12.30/6.14.8. Affected by this vulnerability is the function vhost_scsi_complete_cmd_work. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-38074. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.182/6.1.138/6.6.90/6.12.28/6.14.6. This affects the function ucsi_displayport_work of the component UCSI Driver. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-37994. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.14.7. This vulnerability affects the function udma_start of the file k3-udma.c of the component dmaengine. The manipulation leads to state issue. This vulnerability was named CVE-2025-38005. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.14.7. Affected is the function mt76_dma_cleanup of the file net/core/dev.c of the component mt76. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2025-38009. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in vim up to 9.1.1551. This vulnerability affects unknown code of the component Tar Handler. The manipulation leads to path traversal. This vulnerability was named CVE-2025-53905. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in vim up to 9.1.1550. This issue affects some unknown processing of the component ZIP Handler. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2025-53906. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.