Aggregator

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 7.0-rc2. The impacted element is the function set_new_password. Such manipulation leads to missing encryption of sensitive data. This vulnerability is documented as CVE-2026-23370. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 7.0-rc1 and classified as critical. This affects the function _next_ns_data of the component wifi. Performing a manipulation results in uninitialized pointer. This vulnerability is reported as CVE-2026-23367. The attacker must have access to the local network to execute the attack. No exploit exists. The affected component should be upgraded.

近日，国家安全部发布一起典型案件。某无人机航拍“发烧友”利用软件非法破解无人机飞行高度和禁飞区限制系统，多次操控无人机在民航航路航线范围内“黑飞”，严重威胁民航安全。

2026年开春，以鲜明“龙虾”形象为标识的开源AI 智能体Open-Claw，从极客与开发者圈层快速破圈走向大众，迅速在数字生态中广泛传播。该智能体突破传统问答式大模型交互范式……

“数据二十条”发布以来，我国数据要素市场蓬勃发展，出现了大量新场景和新实践，需要进一步细化落实数据产权结构性分置制度，更好反映数据要素市场发展的新进展和新特点，及时回应数据要素市场的制度需求。

广大人民群众如发现涉及危害国家安全的可疑线索，可通过12339国家安全机关举报受理电话、网络举报受理平台（www.12339.gov.cn）、国家安全部微信公众号举报受理渠道或者直接向当地国家安全机关进行举报。

在总体国家安全观与构建网络空间命运共同体理念的指引下，中国逐步形成了兼具法律制度、技术体系、产业动能与国际合作的网络安全治理体系，在关键信息基础设施保护、数据安全治理、网络犯罪打击等方面取得一定成效……

Microsoft has pulled a buggy Windows 11 non-security preview update to investigate a known issue that triggers 0x80073712 errors during installation. [...]

Вот почему корпорации все чаще выбирают компьютеры Apple.

A critical SQL injection vulnerability in Fortinet’s FortiClient Endpoint Management Server (EMS), tracked as CVE-2026-21643, is actively being exploited in the wild. Threat actors have been leveraging this flaw in attacks starting four days ago, despite it not yet appearing on the CISA Known Exploited Vulnerabilities catalog. The security flaw affects FortiClient EMS version 7.4.4, […]

The post Critical Fortinet Forticlient EMS Vulnerability Exploited in Attacks appeared first on Cyber Security News.

Как «синтетическое поле» меняет поведение фотонов.

非人类身份激增、无密码认证、监管收紧及市场并购潮，正重新定义CISO的IAM战略。

A vulnerability was found in F5 BIG-IP Next CNF, BIG-IP Next for Kubernetes and BIG-IP PEM and classified as problematic. Affected is an unknown function of the component Traffic Management Microkernel. The manipulation results in denial of service. This vulnerability was named CVE-2025-54479. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in F5 BIG-IP up to 15.1.10/16.1.6/17.1.2/17.5.1. This affects an unknown part of the component Appliance Mode. This manipulation causes os command injection. This vulnerability appears as CVE-2025-53868. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability labeled as problematic has been found in F5 BIG-IP APM up to 15.1.10/16.1.6/17.1.2/17.5.1. This affects an unknown part of the component iRules. Executing a manipulation can lead to denial of service. This vulnerability is registered as CVE-2025-53474. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability described as problematic has been identified in F5 BIG-IP APM up to 15.1.10/16.1.6/17.1.2/17.5.1. The impacted element is an unknown function of the component Traffic Management Microkernel. Such manipulation leads to allocation of resources. This vulnerability is documented as CVE-2025-53521. The attack can be executed remotely. Additionally, an exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in F5 F5OS-A up to 1.5.2/1.8.0. It has been classified as problematic. This vulnerability affects unknown code of the component FIPS Hardware Security Module. Performing a manipulation results in information disclosure. This vulnerability was named CVE-2025-53860. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability identified as critical has been detected in F5 BIG-IP up to 15.1.10/16.1.6/17.1.2/17.5.1. The impacted element is an unknown function of the component PVA Feature. This manipulation causes incorrect control flow scoping. This vulnerability is tracked as CVE-2025-53856. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A vulnerability marked as critical has been reported in F5 F5OS-A and F5OS-C. This vulnerability affects unknown code of the component SNMP. The manipulation leads to resource consumption. This vulnerability is documented as CVE-2025-47150. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in F5 BIG-IP Next SPK and BIG-IP Next CNF. Impacted is the function HTTP::respond of the component iRule Handler. The manipulation results in resource consumption. This vulnerability is cataloged as CVE-2025-46706. The attack may be launched remotely. There is no exploit available. The affected component should be upgraded.