Aggregator

德国联邦数据保护与信息自由专员 Meike Kamp 周五表示，她已正式要求苹果和 Google 将中国 AI 公司 DeepSeek APP 从德国地区的 App Store 和 Google Play 下架。原因是该公司未能证明其数据处理符合欧盟标准，涉嫌将德国用户的个人数据非法转移至中国。根据 DeepSeek 的隐私政策，该应用会将用户的 AI 请求、上传文件等多种个人信息储存在中国境内的服务器上。德国监管机构今年早些时候要求 DeepSeek 满足欧盟关于数据跨境传输的合规要求，或主动下架应用。但 DeepSeek 并未作出回应，因此 Kamp 启动了正式下架程序。

Kai West, a 25-year-old British citizen, is accused of being the notorious "IntelBroker" hacker, who with co-conspirators attached dozens of major companies, stealing data and offering it for sale on the underground BreachForums site. The attacks cost victims as much as $25 million in damages, prosecutors say.

The post ‘IntelBroker’ Hacker Arrested for Wave of High-Profile Data Breaches appeared first on Security Boulevard.

Over 1,000 SOHO devices were hacked in a China-linked spying campaign called LapDogs, forming a covert network to support cyber espionage. Security researchers at SecurityScorecard’s STRIKE team have uncovered a cyber espionage campaign, dubbed LapDogs, involving over 1,000 hacked SOHO (small office/home office) devices. These compromised devices formed a hidden network, called an Operational Relay […]

Каждая клетка — как GPS-метка в биологической навигации.

Nederland bedankte vandaag de ruim 100.000 Nederlanders die zich in dienst van vrede en veiligheid, waar dan ook ter wereld, hebben ingezet. Dat gebeurde tijdens Veteranendag in Den Haag. Het was de 21e editie van het evenement.

A vulnerability was found in IBM Informix Dynamic Server 12.10/14.10/15.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to integer underflow. This vulnerability is known as CVE-2025-1991. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Currently trending CVE - Hype Score: 3 - AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

Introduction Let’s be real — no one wakes up thinking about identity security. It’s one of those things that quietly works in the background… until it doesn’t. And when it fails, it’s usually a total disaster. Think about it. Every time you log into your bank, your company’s dashboard, or even your social media, your...

The post Identity Security Best Practices & Compliance — What Smart Teams Should Be Doing Now appeared first on Security Boulevard.

ESET researchers have uncovered a sophisticated attack vector exploiting Near Field Communication (NFC) data, initially targeting Czech banking customers but now spreading worldwide. According to the ESET Threat Report H1 2025, the incidence of NFC-related attacks has skyrocketed, with telemetry data showing a staggering 35-fold increase in the first half of 2025 compared to the […]

The post ESET Warns Cybercriminals Are Targeting NFC Data for Contactless Payments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

США наконец-то объявили войну C и C++...

За одну ночь найдено больше астероидов, чем за всю историю астрономии до 2024 года.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.87/6.12.24/6.14.3/6.15-rc2. Affected by this vulnerability is the function dsa_tree_setup. The manipulation leads to use after free. This vulnerability is known as CVE-2025-37786. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc3/2714ffdbb79b48dda03334a01af90fb024f39047. This affects an unknown part of the component tty. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2025-37814. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.23/6.13.11/6.14.2/6.15-rc1. It has been rated as critical. This issue affects the function ivpu_ms_cleanup. The manipulation leads to deadlock. The identification of this vulnerability is CVE-2025-37848. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.14.1 and classified as problematic. This vulnerability affects the function graph_util_parse_dai of the component ASoC. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-39930. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.23/6.13.11/6.14.2/6.15-rc1. Affected is the function ivpu_ms_cleanup. The manipulation leads to deadlock. This vulnerability is traded as CVE-2025-37847. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.87/6.12.24/6.14.3/6.15-rc2 and classified as problematic. This issue affects some unknown processing of the component ovl. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2025-37863. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.2. It has been classified as critical. Affected is an unknown function. The manipulation leads to memory leak. This vulnerability is traded as CVE-2025-37743. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. It has been declared as problematic. This vulnerability affects the function veml6075_it_ms. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-40114. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Khaled Mardam-Bey mIRC 6.0/6.0.1/6.0.2 and classified as critical. This issue affects some unknown processing. The manipulation of the argument $asctime leads to memory corruption. The identification of this vulnerability is CVE-2002-1456. The attack may be initiated remotely. Furthermore, there is an exploit available.