Aggregator

A vulnerability classified as critical was found in Microsoft Windows. The impacted element is an unknown function of the component WLAN Service. Executing manipulation can lead to file inclusion. The identification of this vulnerability is CVE-2025-59511. The attack can only be executed locally. There is no exploit available. A patch should be applied to remediate this issue.

A vulnerability classified as problematic has been found in Microsoft Windows. The affected element is an unknown function of the component RRAS. Performing manipulation results in link following. This vulnerability was named CVE-2025-59510. The attack needs to be approached locally. There is no available exploit. It is suggested to install a patch to address this issue.

A vulnerability described as problematic has been identified in Microsoft Windows. Impacted is an unknown function of the component Speech Recognition. Such manipulation leads to insertion of sensitive information into sent data. This vulnerability is uniquely identified as CVE-2025-59509. Local access is required to approach this attack. No exploit exists. Applying a patch is advised to resolve this issue.

To grow a successful MSP business, you need the right technology stack, but the real question is: how do you choose the right tools? While some solutions are well-known and widely used, others are less obvious yet equally important.  Read this blog post for an overview of what makes up an MSP’s technology stack, the […]

The post Best MSP Software: The Essential Tech Stack  appeared first on Cyber Security News.

Orbital Frontier Is the Next Ungoverned Internet, and We Have Left It Open to Attack
The orbital frontier is the next ungoverned internet - a vast, vulnerable network of over 11,000 satellites without a cybersecurity framework. As nations race to commercialize space, we've left the orbit open to attack. Who will govern space cybersecurity?

Перенос POLYVAL в lib crypto снимает избыточные расходы на обращение к алгоритму.

钓鱼样本分析、免杀思路分享

Manassas City Public Schools in Virginia USA shut down Monday after a cyber incident

Китай побил рекорд по запускам, но Galactic Energy напомнила: космос ошибок не прощает.

A vulnerability identified as critical has been detected in projectworlds Visitor Management System. Affected by this issue is some unknown functionality. This manipulation causes sql injection. This vulnerability is handled as CVE-2020-25760. The attack can be initiated remotely. There is not any exploit available.

A vulnerability labeled as problematic has been found in projectworlds Visitor Management System. This affects an unknown part. Such manipulation leads to basic cross site scripting (Stored). This vulnerability is uniquely identified as CVE-2020-25761. The attack can be launched remotely. No exploit exists.

A vulnerability, which was classified as problematic, has been found in LibTIFF. This issue affects the function TIFFRasterScanlineSize64. This manipulation causes resource consumption. The identification of this vulnerability is CVE-2023-52355. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Vim and Neovim and classified as critical. Affected by this issue is some unknown functionality of the file getchar.c of the component Modeline. This manipulation causes os command injection. This vulnerability is tracked as CVE-2019-12735. The attack is possible to be carried out remotely. Moreover, an exploit is present. The affected component should be upgraded.

De Braziliaanse fabrikant Embraer is gisteren begonnen met de bouw van het eerste C-390 militaire transportvliegtuig voor Nederland. Dit markeert een volgende stap in een internationaal samenwerkingsproject.  

A Chinese woman known as the "Bitcoin Queen" was sentenced in London to 11 years and eight months in jail for laundering Bitcoin from a £5.5 billion ($7.3 billion) cryptocurrency investment scheme. [...]

Внутри проекта Neom творится совсем не то, о чём говорят публично — и это признают сами участники.

Mozilla has rolled out Firefox 145, addressing a series of high-severity vulnerabilities that could allow attackers to execute arbitrary code on users’ systems. Announced on November 11, 2025, the release patches flaws primarily in the browser’s graphics, JavaScript, and DOM components, urging immediate upgrades to mitigate risks from potential exploits. The update tackles 15 CVEs, […]

The post Firefox Releases Security Update to Fix Multiple Vulnerabilities Allowing Arbitrary Code Execution appeared first on Cyber Security News.

A new cyber-attack has been observed exploiting Google Find Hub to remotely wipe Android devices, linked to North Korean APTs

A vulnerability, which was classified as critical, has been found in Rockwell Automation Studio 5000 Simulation Interface. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure. This vulnerability is documented as CVE-2025-11697. The attack needs to be performed locally. There is not any exploit available.