Aggregator

Cybersecurity is no longer a technical afterthought, thanks to today’s interconnected world. It’s a boardroom imperative. As online…

Security researchers have discovered a sophisticated Linux backdoor dubbed “Plague” that has remained undetected by all major antivirus engines despite multiple samples being uploaded to VirusTotal over the past year. The malicious software operates as a Pluggable Authentication Module (PAM), allowing attackers to silently bypass system authentication and maintain persistent SSH access to compromised Linux […]

The post New Undetectable Plague Malware Targeting Linux Servers for Persistent SSH Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated Linux backdoor dubbed Plague has emerged as an unprecedented threat to enterprise security, evading detection across all major antivirus engines while establishing persistent SSH access through manipulation of core authentication mechanisms. Discovered by cybersecurity researchers at Nextron Systems, this malware represents a paradigm shift in Linux-targeted attacks, exploiting Pluggable Authentication Modules (PAM) to […]

The post New Undectable Plague Malware Attacking Linux Servers to Gain Persistent SSH Access appeared first on Cyber Security News.

8月1日，InForSec & DataCon 2025年网络空间安全夏令营在西安电子科技大学（南校区）正式拉开帷幕。

A vulnerability was found in Apple tvOS. It has been classified as critical. This affects an unknown part of the component Audio File Handler. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-43277. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple visionOS. It has been declared as critical. This vulnerability affects unknown code of the component Audio File Handler. The manipulation leads to memory corruption. This vulnerability was named CVE-2025-43277. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS and classified as critical. Affected by this issue is some unknown functionality of the component Audio File Handler. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-43277. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Apple macOS up to 15.5. Affected is an unknown function of the component iCloud Private Relay Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2025-43276. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Anthropic says it has revoked OpenAI's access to the Claude API after ChatGPT's engineers were found using Claude's coding tools. [...]

Cybersecurity firm Arctic Wolf has identified a significant increase in ransomware attacks targeting SonicWall firewall devices in late July 2025, with evidence pointing to the exploitation of a previously unknown zero-day vulnerability. The company’s investigation revealed multiple coordinated attacks using SonicWall SSL VPNs as the initial access point, raising serious concerns about the security of […]

The post Akira Ransomware Exploits 0-Day Vulnerability in SonicWall Firewall Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Apple macOS up to 13.6/14.6/15.5. It has been declared as problematic. This vulnerability affects unknown code of the component App. The manipulation leads to race condition. This vulnerability was named CVE-2025-43275. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS up to 15.5. It has been rated as critical. Affected by this issue is some unknown functionality of the component Restrictions Handler. The manipulation leads to sandbox issue. This vulnerability is handled as CVE-2025-43274. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Apple macOS up to 13.6/14.6/15.5. Affected is an unknown function of the component App. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2025-43270. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in open-policy-agent opa up to 1.3.x. It has been classified as very critical. This affects an unknown part. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-46569. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

PT запустила инструмент анализа.

A vulnerability was found in Linux Kernel up to 6.4. It has been declared as problematic. This vulnerability affects unknown code of the component Netfilter. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-26643. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.17.2. Affected is an unknown function of the component hci_event. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2022-49138. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in HashiCorp Vault and Vault Enterprise up to 1.20.0. It has been classified as critical. This affects an unknown part. The manipulation leads to improper certificate validation. This vulnerability is uniquely identified as CVE-2025-6037. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Harmistechnology Com Jeajaxeventcalendar 1.0.5 and classified as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument view leads to sql injection. This vulnerability is handled as CVE-2010-2513. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Harmistechnology Com Jeajaxeventcalendar. This affects an unknown part of the file index.php. The manipulation of the argument event_id leads to sql injection. This vulnerability is uniquely identified as CVE-2010-4365. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.