Posts of last 24 hours
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.6.129/6.12.77/6.18.19/6.19.9/7.0-rc4. Affected by this vulnerability is the function cdc_ncm_rx_verify_ndp32 of the component net. The manipulation results in out-of-bounds read.
This vulnerability is identified as CVE-2026-23447. The attack can only be performed from the local network. There is not any exploit available.
It is advisable to upgrade the affected component.
https://vuldb.com/vuln/355147
A vulnerability described as critical has been identified in Linux Kernel up to 6.1.167/6.6.133/6.12.80/6.18.21/6.19.11. Affected is an unknown function of the component IP Protocol Handler. Such manipulation leads to privilege escalation.
This vulnerability is uniquely identified as CVE-2026-43057. The attack can only be initiated within the local network. No exploit exists.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/360723
A vulnerability was found in Linux Kernel up to 6.19.5. It has been classified as critical. Affected by this issue is the function pegasus_probe of the component net. The manipulation leads to allocation of resources.
This vulnerability is listed as CVE-2026-43156. The attack must be carried out from within the local network. There is no available exploit.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/361374
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.19.12. Affected by this vulnerability is the function nft_ct_timeout_obj_destroy of the file nfnetlink_cttimeout.c of the component netfilter. Such manipulation leads to use after free.
This vulnerability is referenced as CVE-2026-31665. The attack needs to be initiated within the local network. No exploit is available.
You should upgrade the affected component.
https://vuldb.com/vuln/359481
Microsoft’s patch for the RoguePlanet Windows Defender zero-day may have introduced new security and reliability concerns, according to researcher Chaotic Eclipse. The researcher claims that recent defense-in-depth changes in Microsoft Malware Protection Engine’s mpengine.dll can leak eight bytes of data in certain file-handling scenarios and can be abused to exhaust local disk space. RoguePlanet, tracked […]
The post Researcher ‘Chaotic Eclipse’ Claims RoguePlanet Defender Patch May Leak Data and Exhaust Disk Space appeared first on Cyber Security News.
https://cybersecuritynews.com/rogueplanet-defender-patch-claim/
伊朗黑客组织亮出"秘密武器":Cavern C2框架如何绕过所有安全检测
关键词漏洞如果你是网络工程师、安全分析师或IT运维,Wireshark大概率是你每天都在用的工具。
https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077782&idx=3&sn=8ba580758eb9dc0be407188a7cb4f6e4
关键词漏洞你以为从官网下的7-Zip,可能根本不是官网。安全研究人员近日披露了一个代号为 "潜伏蜥蜴"(Lurking Lizard) 的新型威胁组织。
https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077782&idx=2&sn=b5b54e177a56d9aded1ea3397b19d1f1
关键词漏洞你的杀毒软件,可能正在成为攻击者的"最佳帮凶"。
https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077782&idx=1&sn=7618468fc5072e3fefd2e8f69fe0eefa
Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic private and secure.
The apps flagged with at least one problem have been installed more than 2.4 billion times.
The problems are basic, not sophisticated. 29 apps let user traffic leak outside
https://thehackernews.com/2026/07/study-of-281-free-android-vpn-apps.html