Qilin
You must login to view this content
Aggregator
Qilin
15 hours 48 minutes ago
You must login to view this content
cohenido
Qilin
15 hours 48 minutes ago
You must login to view this content
cohenido
Qilin
15 hours 48 minutes ago
You must login to view this content
cohenido
CVE-2025-39975 | Linux Kernel up to 6.6.108/6.12.49/6.16.9 SMB Client smb2_compound_op out-of-bounds (Nessus ID 271546)
15 hours 48 minutes ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.108/6.12.49/6.16.9. This affects the function smb2_compound_op of the component SMB Client. The manipulation results in out-of-bounds read.
This vulnerability was named CVE-2025-39975. The attack needs to be approached within the local network. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2025-39967 | Linux Kernel up to 6.16.9 fbcon fbcon_do_set_font controlled integer overflow (Nessus ID 271548)
15 hours 48 minutes ago
A vulnerability has been found in Linux Kernel up to 6.16.9 and classified as critical. This vulnerability affects the function fbcon_do_set_font of the component fbcon. This manipulation of the argument controlled causes integer overflow.
The identification of this vulnerability is CVE-2025-39967. The attack needs to be done within the local network. There is no exploit available.
The affected component should be upgraded.
vuldb.com
CVE-2025-39983 | Linux Kernel up to 6.16.9 Bluetooth hci_event use after free (Nessus ID 271547)
15 hours 48 minutes ago
A vulnerability was found in Linux Kernel up to 6.16.9 and classified as critical. This issue affects the function hci_event of the component Bluetooth. Such manipulation leads to use after free.
This vulnerability is referenced as CVE-2025-39983. The attack needs to be initiated within the local network. No exploit is available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2025-40000 | Linux Kernel up to 6.12.51/6.16.11/6.17.0 wifi core.c rtw89_core_tx_kick_off_and_wait use after free (Nessus ID 271551)
15 hours 48 minutes ago
A vulnerability has been found in Linux Kernel up to 6.12.51/6.16.11/6.17.0 and classified as critical. The affected element is the function rtw89_core_tx_kick_off_and_wait of the file drivers/net/wireless/realtek/rtw89/core.c of the component wifi. Performing manipulation results in use after free.
This vulnerability was named CVE-2025-40000. The attack needs to be approached within the local network. There is no available exploit.
The affected component should be upgraded.
vuldb.com
CVE-2025-39968 | Linux Kernel up to 6.16.9 i40e privilege escalation (Nessus ID 271550)
15 hours 48 minutes ago
A vulnerability was found in Linux Kernel up to 6.16.9. It has been classified as critical. This affects an unknown function of the component i40e. The manipulation leads to privilege escalation.
This vulnerability is referenced as CVE-2025-39968. The attack needs to be initiated within the local network. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2025-39995 | Linux Kernel up to 6.6.110/6.12.51/6.16.10/6.17.0 tc358743 timer_delete initialization (EUVD-2025-34578 / Nessus ID 271549)
15 hours 48 minutes ago
A vulnerability has been found in Linux Kernel up to 6.6.110/6.12.51/6.16.10/6.17.0 and classified as critical. Affected by this vulnerability is the function timer_delete of the component tc358743. The manipulation leads to improper initialization.
This vulnerability is referenced as CVE-2025-39995. The attack needs to be initiated within the local network. No exploit is available.
The affected component should be upgraded.
vuldb.com
CVE-2025-39994 | Linux Kernel up to 6.6.110/6.12.50/6.16.10/6.17.0 cancel_delayed_work use after free (EUVD-2025-34579 / Nessus ID 271554)
15 hours 49 minutes ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.6.110/6.12.50/6.16.10/6.17.0. This impacts the function cancel_delayed_work. This manipulation causes use after free.
This vulnerability is registered as CVE-2025-39994. The attack requires access to the local network. No exploit is available.
You should upgrade the affected component.
vuldb.com
The State of Exposure Management in 2025: Insights From 3,000+ Organizations
15 hours 49 minutes ago
Attackers are using AI to weaponize old vulnerabilities while security teams face expanding attack surfaces and limited resources. Intruder's 2025 Exposure Management Index reveals how 3,000+ organizations are adapting and fixing critical flaws faster than ever. [...]
Sponsored by Intruder
eBook: A quarter century of Active Directory
15 hours 49 minutes ago
Active Directory (AD) remains the backbone of enterprise identity and a prime target for attackers. Explore its 25-year history, evolving risks, and how organizations can modernize password security. This eBook shows why AD defenses must evolve and how to stop credential-based attacks before they succeed: Why passwords, MFA, and backups fail against modern threats How infostealers and dark web exposures fuel AD compromise Key compliance mandates requiring credential screening Six practical steps to harden AD … More →
The post eBook: A quarter century of Active Directory appeared first on Help Net Security.
Help Net Security
1inch partners with Innerworks to strengthen DeFi security through AI-Powered threat detection
15 hours 50 minutes ago
London, United Kingdom, 27th October 2025, CyberNewsWire
CyberNewswire
Adventures in EM Side-channel Attacks
15 hours 50 minutes ago
Submit #674532: yonyon U8 Cloud V2.0/V2.1/V2.3/V2.5/V2.6/V2.7/V2.65/V3.0/V3.1/V3.2/V3.5/V3.6/V3.6sp/V5.0/V5.0sp/V5.1/V5.1sp File upload [Accepted]
15 hours 52 minutes ago
Submit #674532 / VDB-330129
IceSc0rpion
Critical Chrome 0-Day Under Attack: Mem3nt0 Mori Hackers Actively Exploiting Vulnerability
15 hours 56 minutes ago
In March 2025, security researchers at Kaspersky detected a sophisticated campaign exploiting a previously unknown Chrome vulnerability to deliver advanced spyware to high-profile targets. The attack, dubbed Operation ForumTroll, leveraged personalized phishing links to compromise organizations across Russia, including media outlets, universities, research centers, government agencies, and financial institutions. A single click on a malicious […]
The post Critical Chrome 0-Day Under Attack: Mem3nt0 Mori Hackers Actively Exploiting Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Mayura Kathir
Microsoft Investigation Teams text-to-speech Functionality Issue Impacting Users – Update
15 hours 56 minutes ago
Microsoft is actively probing a glitch in its Teams platform that’s disrupting text-to-speech features, leaving users frustrated during critical auto-attendant calls. The company confirmed the problem via its official Microsoft 365 Status account on X (formerly Twitter) on October 27, 2025, urging administrators to check incident TM1180557 in the admin center for updates. This outage […]
The post Microsoft Investigation Teams text-to-speech Functionality Issue Impacting Users – Update appeared first on Cyber Security News.
Abi
Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information
16 hours 1 minute ago
Qilin ransomware has emerged as one of the most devastating threats in the second half of 2025, operating at an alarming pace with over 40 victim disclosures per month on its public leak site. Originally tracked under the name Agenda before rebranding to Qilin around July 2022, this ransomware-as-a-service platform has evolved into a global […]
The post Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information appeared first on Cyber Security News.
Tushar Subhra Dutta
"Тёмные паттерны" в действии. Meta превратила систему жалоб в непроходимый квест, чтобы скрыть незаконный контент. Брюссель начал проверку
16 hours 8 minutes ago
Брюссель начал официальную атаку на Meta и TikTok за саботаж Закона о цифровых услугах.