Aggregator

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.19.3. Affected by this vulnerability is the function aie_destroy_context. The manipulation results in null pointer dereference. This vulnerability is reported as CVE-2025-71308. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.

The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026. "Kimsuky employed a range of tailored social engineering tactics, such as spoofing security software installation pages and crafting a fake Webex meeting page that leveraged

The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been att

Попытки доказать системе, что кредит уже закрыт, превращается в настоящий тест на терпение.

微软被控向美国众议院泄漏了荷兰监管机构公务员的信息。这一指控再次加剧了欧洲对依赖美国技术的担忧，有助于进一步推动欧洲数据主权运动。荷兰媒体 NL Times 报道，被泄漏信息的公务员任职于监管机构荷兰消费者与市场管理局（Authority for Consumers and Markets）和荷兰数据保护局（Dutch Data Protection Authority），负责执行欧盟的消费者保护法律 Digital Services Act。微软提供了公务员发送的电子邮件、会议记录和邀请函，而且没有删除他们的名字。荷兰政府官员已就此事会见了美国驻荷兰大使 Joe Popolo。

微软被控向美国众议院泄漏了荷兰监管机构公务员的信息。这一指控再次加剧了欧洲对依赖美国技术的担忧，有助于进一步推动欧洲数据主权运动。荷兰媒体 NL Times 报道，被泄漏信息的公务员任职于

Malware analysts spend a lot of time deciding which signals from a sandbox run are worth keeping. A sample executed in a controlled environment can generate hundreds of measurable attributes covering file structure, registry edits, process behavior, and network traffic. Most of those attributes add noise. A recent study works through this problem in detail, and the part that earns attention from working defenders is the feature selection, not the deep learning model attached to … More →

The post The behavioral signals that sharpen Trojan malware detection appeared first on Help Net Security.

2026年5月29日 13:30软件资讯00.76K

A Google software engineer has been charged in the United States for allegedly using confidential internal data to generate more than $1.2 million in profits through prediction market trading. The case highlights growing concerns around insider threats and misuse of privileged access in large technology organizations. According to the U.S. Attorney’s Office for the Southern […]

The post Google Employee Charged for Making $1.2 Million With Confidential Information appeared first on Cyber Security News.

Именно так выглядит подготовка к атаке, которой ещё не существует.

2026年5月，弗吉尼亚州阿什本FBI特工在翻开那扇普通民宅大门的那一刻，清点到了303根黄金砖。每根一公斤

2001年2月18日，美国弗吉尼亚州一个公园里，FBI探员罗伯特·汉森把一个装有机密材料的垃圾袋放进预设“死信

A vulnerability labeled as problematic has been found in Linux Kernel 5.2.14. The impacted element is an unknown function of the file drivers/gpu/drm/radeon/radeon_display.c. Executing a manipulation of the argument alloc_workqueue as part of Return Value can lead to null pointer dereference. This vulnerability is handled as CVE-2019-16230. The attack can be executed remotely. There is not any exploit available. The presence of this vulnerability remains uncertain at this time.

A vulnerability marked as critical has been reported in libxslt 1.1.33. This affects the function xsltCopyText of the file transform.c. This manipulation as part of Variable causes use after free. The identification of this vulnerability is CVE-2019-18197. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability marked as problematic has been reported in Microsoft Windows. This affects an unknown part of the component Kernel. This manipulation causes information disclosure. This vulnerability is registered as CVE-2019-11135. Remote exploitation of the attack is possible. No exploit is available. It is suggested to install a patch to address this issue.

A vulnerability, which was classified as critical, was found in Schneider Electric Modicon M340 CPU, Modicon M340 Communication Module, Modicon Premium CPU, Modicon Premium Communication Module, Modicon Quantum CPU and Modicon Quantum Communication Module. Impacted is an unknown function of the component Web Server. Executing a manipulation can lead to information disclosure. This vulnerability appears as CVE-2019-6852. The attack may be performed from remote. There is no available exploit.

A vulnerability labeled as critical has been found in Google Chrome. This impacts an unknown function of the component PDFium. Executing a manipulation as part of HTML Page can lead to use after free. The identification of this vulnerability is CVE-2019-13721. The attack may be launched remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability categorized as critical has been discovered in Linux Kernel 5.0.21. This issue affects the function index_rbio_pages of the file fs/btrfs/raid56.c of the component btrfs Filesystem Handler. Such manipulation leads to out-of-bounds write. This vulnerability is documented as CVE-2019-19378. The attack needs to be performed locally. There is not any exploit available.

A vulnerability was found in Log4j and classified as critical. This affects the function SocketServer of the component Deserialization. Such manipulation leads to deserialization. This vulnerability is listed as CVE-2019-17571. The attack may be performed from remote. There is no available exploit.

A vulnerability classified as critical was found in Oracle MySQL Workbench up to 8.0.18. This affects an unknown function of the component MySQL Workbench. Such manipulation leads to divide by zero. This vulnerability is traded as CVE-2019-16168. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.