Aggregator

CVE-2025-8866 | YugabyteDB prior 2025.x API Endpoint /metamaster/universe information disclosure

VulDB Recent Entries
3 weeks ago
A vulnerability classified as problematic was found in YugabyteDB. This vulnerability affects unknown code of the file /metamaster/universe of the component API Endpoint. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-8866. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-54063 | CherryHQ cherry-studio up to 1.5.0 URL code injection

VulDB Recent Entries
3 weeks ago
A vulnerability classified as critical has been found in CherryHQ cherry-studio up to 1.5.0. This affects an unknown part of the component URL Handler. The manipulation leads to code injection. This vulnerability is uniquely identified as CVE-2025-54063. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-38499 | Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.2 clone_private_mnt privilege escalation

VulDB Recent Entries
3 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.2. It has been declared as problematic. Affected by this vulnerability is the function clone_private_mnt. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2025-38499. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Endpoint Security Policy: Why It Matters and How to Get It Right

Netwrix Blog | Insights for Cybersecurity and IT Pros
3 weeks ago
This post first appeared on blog.netwrix.com and was written by Jeremy Moskowitz.
A strong endpoint security policy protects devices like laptops, phones, and servers from cyber threats. It enforces least privilege, device control, encryption, and access management to prevent breaches and ensure compliance. With tools like Netwrix, organizations can automate enforcement, monitor compliance, and adapt to evolving risks across all endpoints. Your biggest security risk isn’t your … Continued
Jeremy Moskowitz

Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 weeks ago

Security researchers have uncovered a “zero-click” denial-of-service chain that can silently turn thousands of Microsoft Windows Domain Controllers (DCs) into a globe-spanning botnet, raising fresh alarms in a year already defined by record-breaking distributed-denial-of-service (DDoS) activity. DDoS attacks climbed 56% year-over-year in late-2024 according to Gcore’s latest Radar report, and Cloudflare’s network has already blocked […]

The post Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Gurubaran

Hackers Extradited to US Over $100 Million Romance Scams and Other Frauds

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
3 weeks ago

United States Attorney for the Southern District of New York, Jay Clayton, alongside FBI Assistant Director in Charge Christopher G. Raia, announced the unsealing of a federal indictment against four Ghanaian nationals implicated in a sophisticated international fraud network. The defendants, identified as Isaac Oduro Boateng (alias “Kofi Boat”), Inusah Ahmed (alias “Pascal”), Derrick Van […]

The post Hackers Extradited to US Over $100 Million Romance Scams and Other Frauds appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Managed ad