Aggregator

Оказывается, чем проще файл, тем сложнее атака.

Submit #648516 / VDB-323913

In mid-July 2025, a novel campaign emerged in which cybercriminals weaponized generative AI to fabricate deepfake images of government IDs, embedding them within spear-phishing messages that bypassed traditional antivirus safeguards. These emails impersonated military and security institutions, complete with convincing visual assets generated by ChatGPT. Recipients were urged to review “draft” ID cards, triggering the […]

The post Hackers Using Generative AI ‘ChatGPT’ to Evade Anti-virus Defenses appeared first on Cyber Security News.

Submit #648484 / VDB-323906

Microsoft has removed a safeguard hold that prevented some users from upgrading their systems to Windows 11 24H2 due to compatibility issues that were causing Bluetooth headsets and speakers to malfunction. [...]

A vulnerability classified as problematic was found in Linux Kernel up to 6.17-rc1. The impacted element is an unknown function of the component ACPI. Such manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-39799. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in Linux Kernel up to 6.16.1. The affected element is an unknown function of the component NFS. This manipulation causes privilege escalation. This vulnerability is handled as CVE-2025-39798. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.16.1 and classified as critical. Affected is an unknown function of the component ARM. The manipulation leads to denial of service. This vulnerability is referenced as CVE-2025-39794. The attack needs to be initiated within the local network. No exploit is available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.16.1 and classified as critical. Affected by this vulnerability is the function blk_stack_limits of the component block. The manipulation results in buffer overflow. This vulnerability is identified as CVE-2025-39795. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.12.42/6.15.10/6.16.1. Impacted is the function dm_accept_partial_bio. The manipulation results in deadlock. This vulnerability is known as CVE-2025-39792. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability identified as problematic has been detected in Liferay Portal and DXP. This issue affects some unknown processing. This manipulation causes cross site scripting. The identification of this vulnerability is CVE-2025-43794. It is possible to initiate the attack remotely. There is no exploit available.

Checkmarx today published a technique it has uncovered that poisons artificial intelligence (AI) agents models in a way that convinces them to tell end users that certain activities and behaviors are safe when in fact they are high risk. Darren Meyer, security research advocate at Checkmarx Zero, a research arm of the company, said this..

The post Checkmarx Surfaces Lies-in-the-Middle Attack to Compromise AI Tools appeared first on Security Boulevard.

A vulnerability categorized as critical has been discovered in Mitel 6800, 6900, 6900w and 6970 up to 6.4 SP4. The affected element is an unknown function. Executing manipulation can lead to command injection. This vulnerability appears as CVE-2025-47188. The attacker needs to be present on the local network. There is no available exploit.

Sidewinder, a well-known advanced persistent threat (APT) group, has adapted its tactics to exploit the ongoing protests in Nepal, deploying a coordinated campaign of mobile and Windows malware alongside credential phishing. By masquerading as respected national institutions and figures, the group seeks to harvest sensitive data from users tracking the nation’s political turmoil. The protests, […]

The post Sidewinder Hackers Weaponize Nepal Protests to Spread Cross-Platform Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

本文提出一种多阶段属性指纹的流量识别方法，将加密流量通信过程分为域名阶段、握手元数据阶段和消息序列阶段三个阶段。

ModStealer оставляет после себя пустые счета и потерянные системы.

Commentary that downplays the compromise’s impact misses the point, the co-founder of Sonatype argues.

The post When ‘minimal impact’ isn’t reassuring: lessons from the largest npm supply chain compromise appeared first on CyberScoop.

The BlackNevas ransomware group has emerged as a significant threat since November 2024, continuously launching devastating attacks against businesses and critical infrastructure organizations across Asia, North America, and Europe. This sophisticated malware operation combines file encryption with data theft tactics, threatening to leak stolen information if ransom demands are not met within seven days. The […]

The post BlackNevas Ransomware Encrypts Files and Steals Sensitive Data From Affected Companies appeared first on Cyber Security News.