Aggregator

The Higher School of Economics (HSE), a leading Russian institution, said the two-year course will focus on international corporate compliance and business ethics, and will be taught in both Russian and English.

A vulnerability was found in Bluebird kr.co.bluebird.android.bbsettings up to 1.3.2. It has been classified as problematic. Affected is an unknown function of the component kr.co.bluebird.android.bbsettings.BootReceiver. The manipulation leads to improper export of android application components. This vulnerability is traded as CVE-2025-5346. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Bluebird com.bluebird.filemanagers up to 1.3.5/1.4.4 and classified as problematic. This issue affects some unknown processing of the component com.bluebird.system.koreanpost.IsdcardRemoteService. The manipulation leads to improper export of android application components. The identification of this vulnerability is CVE-2025-5345. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Bluebird com.bluebird.kiosk.launcher up to 1.1.1 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper export of android application components. This vulnerability was named CVE-2025-5344. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in TOTOLINK N300RB 8.54. This affects an unknown part. The manipulation leads to backdoor. This vulnerability is uniquely identified as CVE-2025-52089. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Researchers discovered a security flaw in Google's Gemini AI chatbot that could put the 2 billion Gmail users in danger of being victims of an indirect prompt injection attack, which could lead to credentials being stolen or phishing attacks.

The post Google Gemini AI Flaw Could Lead to Gmail Compromise, Phishing appeared first on Security Boulevard.

Архитектура корпоративных брандмауэров оказалась идеальной для незаметного взлома.

美国乔治梅森大学(GMU)｜张亦成老师招生：系统与硬件安全方向博士生（2026春/秋入学）

The Federal Communications Commission said Wednesday that the ban will be part of a broader package of policies to encourage an expansion of submarine telecommunications infrastructure while protecting it from “foreign adversary threats.”

Security researchers have discovered over 4 million vulnerable Internet hosts that can be weaponized for devastating new denial-of-service attacks, marking one of the largest infrastructure vulnerabilities uncovered in recent years. The groundbreaking research, conducted by Angelos Beitis and Mathy Vanhoef from DistriNet at KU Leuven, reveals that millions of devices worldwide accept unauthenticated tunneling traffic […]

The post Over 4 Million Exposed Devices Used in Two New DoS Attack Campaigns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Тысяча экспериментов, тонны формул, и всё зря — пока не включили инфракрасную камеру.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.92/6.12.30/6.14.8. Affected by this vulnerability is the function vhost_scsi_complete_cmd_work. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-38074. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A stealthy MaaS infostealer exfiltrating browser, crypto, and system data, Katz Stealer is enabling full campaign control for threat actors.

Palo Alto, California, 17th July 2025, CyberNewsWire

The post SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Manual at Black Hat appeared first on Security Boulevard.

Cybercriminals are using AI cloaking tools to evade detection, disguising phishing and malware sites

This is part two of a story about how we overcame the challenges of making a complex system more scalable.

Between March and December of last year, infamous Chinese state-sponsored APT Salt Typhoon gained access to sensitive US National Guard data.

Auriga Space придумала, как сэкономить на запуске спутников и не только.