Aggregator

A vulnerability, which was classified as critical, was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the argument ethConv leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-8816. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #626684 / VDB-319354

Submit #626683 / VDB-319353

Submit #626682 / VDB-319352

Submit #626681 / VDB-319351

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Hat USA 2025 Black Hat USA 2025 took place at the Mandalay Bay Convention Center in Las Vegas. Explore related news, photos, product releases, and more. AIBOMs are the new SBOMs: The missing link in AI risk management In this Help Net Security interview, Marc Frankel, CEO at Manifest Cyber, discusses how overlooked AI-specific risks, like poisoned training data … More →

The post Week in review: SonicWall firewalls targeted in ransomware attacks, Black Hat USA 2025 appeared first on Help Net Security.

文章探讨了软件安全中的两个关键漏洞：不安全的反序列化和竞态条件。通过Python的`pickle`模块示例，说明了如何通过改用JSON来消除反序列化漏洞，并通过原子操作（如`tempfile.mkstemp`和`os.rename`）解决竞态条件问题，从而提升系统安全性。

Submit #626680 / VDB-319350

Submit #626688 / VDB-166836

A vulnerability, which was classified as problematic, has been found in EMQX up to 5.8.5. This issue affects some unknown processing of the component Novel Plugin Handler. The manipulation leads to improper check for unusual conditions. The identification of this vulnerability is CVE-2025-52136. The attack may be initiated remotely. There is no exploit available. The real existence of this vulnerability is still doubted at the moment. It is recommended to upgrade the affected component.

Submit #626679 / VDB-166834

DFIR services enable organizations to pre-arrange external expert assistance that accelerates containment and minimizes the impact of a major cyber-attack. This marks the fourth consecutive year Sygnia has been recognized by Gartner in this category.

The post Sygnia Recognized for the Fourth Consecutive Year in the Gartner 2025 Market Guide for Digital Forensics and Incident Response Retainer Services appeared first on Sygnia.

文章描述了一次因泥石流导致行程变更的川西之旅。游客们在阴雨天气和高原反应中游览了康定、木格措、墨石公园等地，并体验了当地自然风光与文化。尽管面临挑战，提前准备和旅行社的支持使旅程顺利完成。

Tailwind CSS 创始人因五年前将 Tailwind UI 按钮设为靛蓝色而致歉，称这导致 AI 生成的 UI 也多为该颜色。

Lenovo webcam flaws, dubbed BadCam, let attackers turn them into BadUSB devices to inject keystrokes and launch OS-independent attacks. Eclypsium researchers found vulnerabilities in some Lenovo webcams, collectively dubbed BadCam, that could let attackers turn them into BadUSB devices to inject keystrokes and launch OS-independent attacks. Principal security researchers Jesse Michael and Mickey Shkatov demonstrated […]

Lenovo部分型号摄像头存在漏洞（BadCam），运行Linux且未验证固件。研究人员发现这些设备可被转化为BadUSB装置，用于注入按键记录或发起操作系统无关的攻击。攻击者可远程劫持摄像头并重新刷写固件，使其模拟恶意HID或注入恶意负载。Lenovo已发布更新工具修复此漏洞。

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN  The State of Ransomware – Q2 2025  Malware 101: a comprehensive guide  Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed […]

网站使用cookies记录用户偏好和访问记录以优化体验。用户可选择接受所有cookies或通过设置进行个性化管理。

5 причин обновиться до Debian 13 прямо сейчас.

Join our live webinar to explore a real-world APT case with Sygnia’s IR experts.
See how attackers turned Zoom into a RAT, used ARP for covert command delivery, and executed stealthy HID-based actions.

The post On-Demand Webinar – Inside a Malware Ecosystem: How North Korean IT Workers Operate Undetected appeared first on Sygnia.