Aggregator

AI守护，安全加持，全国工商联“优会益企”服务行动进行中

A vulnerability described as problematic has been identified in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipulation results in improper export of android application components. This vulnerability was named CVE-2025-10718. The attack needs to be approached locally. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

In recent months, security teams have observed the emergence of a sophisticated malware loader, dubbed CountLoader, which leverages weaponized PDF files to deliver ransomware payloads. First detected in late August 2025, CountLoader is linked to multiple Russian-speaking cybercriminal groups, including affiliates of LockBit, BlackBasta, and Qilin. By masquerading as legitimate documents—often impersonating Ukrainian law enforcement—this […]

The post New Malware Loader ‘CountLoader’ Weaponized PDF File to Deliver Ransomware appeared first on Cyber Security News.

A vulnerability marked as problematic has been reported in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.intsig.camscanner. The manipulation leads to improper export of android application components. This vulnerability is uniquely identified as CVE-2025-10717. Local access is required to approach this attack. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #645012 / VDB-325009

A vulnerability was found in Embed PDF for WPForms Plugin up to 1.1.5 on WordPress. It has been rated as critical. Impacted is the function ajax_handler_download_pdf_media. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2025-10647. It is possible to initiate the attack remotely. There is no exploit available.

Submit #645010 / VDB-325008

Valve 通过支持文档宣布，Steam 将从 2026 年起不再支持 32 位 Windows 操作系统。文档称，自 2026 年 1 月 1 日起 Steam 将停止支持 32 位 Windows。32 位 Windows 10 是目前 Steam 唯一支持的 32 位版本，在 Steam 硬件调查报告该操作系统所占比例仅为 0.01%。64 位 Windows 10 仍然会得到支持，而 32 位游戏仍可运行。现有的 Steam 客户端短期内仍可在 32 位 Windows 10 上运行，但将不再接收任何更新，Steam 也无法保证未来能继续正常运行。Valve 督促用户升级到 64 位版本，未来 Steam 将只支持 64 位操作系统。

A vulnerability was found in Linux Kernel up to 6.1.42/6.4.7. It has been declared as critical. The impacted element is the function ublk_ctrl_end_recovery of the component ublk. The manipulation results in denial of service. This vulnerability was named CVE-2023-53207. The attack needs to be approached within the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.3.3. Impacted is the function del_timer of the component media. Performing manipulation results in use after free. This vulnerability is reported as CVE-2023-53219. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.4.4. Impacted is the function dbFree of the file jfs_dmap.c of the component jfs. Such manipulation leads to out-of-bounds read. This vulnerability is listed as CVE-2023-53222. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.0.15/6.1.1 and classified as problematic. This issue affects the function f2fs_direct_IO_enter of the component f2fs. Such manipulation leads to privilege escalation. This vulnerability is referenced as CVE-2022-50270. The attack needs to be initiated within the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.2.2. This affects the function lbs_init_adapter of the component wifi. Such manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-50294. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

Новое ядро, свежие инструменты и память о Lunar…

WatchGuard has issued a critical security alert for its Firebox firewalls due to a serious vulnerability, CVE-2025-9242. Learn what this 'out-of-bounds write' flaw means, which Fireware OS versions are affected, and the urgent steps to take to protect your network from remote attacks.

国立阳明交通大学的研究人员在《Advanced Functional Materials》期刊上报告，他们研发出一种新型材料，拉伸率能达到原始长度的 46 倍。即使断开了，只要在室温下将断裂的部分轻压在一起，10 分钟内能完全恢复形状和拉伸性。这种具有粘性和弹性的聚氨酯有机凝胶材料由 covalently linked cellulose nanocrystals (CNCs) 和 modified mechanically interlocked molecules (MIMs）组合而成。凝胶对拉伸或加热等外力敏感，颜色会根据材料是处于静止状态还是受到刺激而从橙色变为蓝色。其独特的特性让这种凝胶具有广泛的应用前景，包括柔性电子皮肤、软体机器人以及防伪方案等。

Currently trending CVE - Hype Score: 8 - The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service.

Cyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities—CVE-2025-4427 and CVE-2025-4428—to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-install.jar, ReflectUtil.class, SecurityHandlerWanListener.class) and Loader 2 (web-install.jar, WebAndroidAppInstaller.class), both designed to inject arbitrary code and maintain persistence on Apache Tomcat deployments. […]

The post CISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

在英国网络效应网络（Cyber Effects Network）的语境中，进攻性网络行动被定义为通过添加、删除或操纵系统或网络数据，以实现影响个人和群体、干扰在线及通信系统、或削弱物理系统运行的目标。

The ransomware threat landscape witnessed a dramatic shift in August 2025 as the Qilin group claimed responsibility for 104 separate attacks worldwide. Emerging earlier this year, Qilin quickly cemented its position through aggressive double-extortion tactics and a broad affiliate recruitment strategy. Initial compromises have predominantly leveraged exposed Remote Desktop Protocol (RDP) servers and publicly facing […]

The post Qilin Led Ransomware Attack Claimed to Compromised 104 Organizations in August appeared first on Cyber Security News.