Aggregator

In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities

新型Linux后门病毒Auto-color利用隐身技术，针对北美和亚洲教育及政府机构进行攻击，操纵系统功能并隐藏网络活动，构成重大威胁。

攻击源自 Safe{Wallet} 的 AWS 基础设施，Bybit 自身基础设施未被攻击。

Authorities arrested a prolific hacker responsible for over 90 data breaches across 65 organizations in the Asia-Pacific region and 25 additional global targets.  The cybercriminal, operating under aliases ALTDOS, DESORDEN, GHOSTR, and 0mid16B, exfiltrated 13 terabytes of sensitive data between 2020 and February 2025, targeting industries ranging from healthcare to finance.  The operation marks a […]

The post Authorities Arrested Hackers Behind 90 Data Leaks Worldwide appeared first on Cyber Security News.

A vulnerability, which was classified as problematic, has been found in procps. This issue affects some unknown processing of the component ps Utility Handler. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2023-4016. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in Socat up to 1.7.2/2.0.0-b7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Signal Handler. The manipulation leads to improper input validation. This vulnerability is known as CVE-2015-1379. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in OpenAnolis Anolis OS 2.73;0. This affects an unknown part of the file pam_cap.so of the component Group Name Handler. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-1390. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Red Hat Enterprise Linux 6/7/8/9. It has been rated as critical. This issue affects the function compCheckRedirect of the component X.org X11 Server/TigerVNC. The manipulation leads to uninitialized pointer. The identification of this vulnerability is CVE-2025-26599. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability was found in HP OpenView Storage Data Protector up to 6.10. It has been classified as very critical. Affected is an unknown function of the file omniinet.exe of the component HP OpenView. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2011-1866. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Red Hat Enterprise Linux 6/7/8/9 and classified as critical. Affected by this issue is the function XkbSizeKeySyms of the component X.org X11 Server/TigerVNC. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2025-26596. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Red Hat Enterprise Linux 6/7/8/9. This issue affects some unknown processing of the component X.org X11 Server/TigerVNC. The manipulation leads to use after free. The identification of this vulnerability is CVE-2025-26594. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in Adobe InDesign Desktop up to 18.5.3/19.5. It has been classified as critical. Affected is an unknown function. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2024-49507. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.