Aggregator

A vulnerability classified as critical was found in Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.7. This issue affects the function cifs_oplock_break of the component smb. Such manipulation leads to use after free. This vulnerability is referenced as CVE-2025-38527. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 6.1.147/6.6.100/6.12.38/6.15.6 and classified as critical. The impacted element is the function exit_mmap of the component amdkfd. The manipulation leads to deadlock. This vulnerability is listed as CVE-2025-38520. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.38/6.15.6. The affected element is the function alloc_tag_top_users. Executing manipulation can lead to improper initialization. This vulnerability is tracked as CVE-2025-38517. The attack is only possible within the local network. No exploit exists. You should upgrade the affected component.

Researchers at Cymulate Research Labs have disclosed a new vulnerability in Windows that allows attackers to bypass Microsoft’s recent patch and once again exfiltrate NTLM hashes without any user interaction. The flaw, tracked as...

The post The Patch Isn’t a Fix: New Flaw Lets Attackers Steal NTLM Hashes from Windows appeared first on Penetration Testing Tools.

Microsoft has introduced a new mechanism known as Nested App Authentication (NAA), which is steadily becoming a key component of the company’s cloud ecosystem. The concept is straightforward: if a user has already signed...

The post Nested App Authentication: Microsoft’s New Feature Is a Double-Edged Sword for Azure Security appeared first on Penetration Testing Tools.

天文学家利用 ALMA 观测 12P/Pons-Brooks 彗星，发现其中的水具有与地球海洋几乎相同的同位素组成比例。这一发现进一步支持了「彗星可能在年轻地球上带来水与部分生命所需分子原料」的假说。一般认为，地球上的水在数十亿年前由彗星、小行星及陨石撞击带来。然而，过去观测多数彗星的水同位素比例与地球差异明显。本次结果则提供了迄今最有力的证据，显示至少部分彗星携带的水与地球水有相同的化学「指纹」。在这项研究中，科学家首次绘制出 12P 彗星的彗发（包围彗核的气体）中普通水（H₂O）与重水（HDO，即水分子里的一个氢被带有额外中子的氘取代）的空间分布。观测时间点为 12P 彗星接近太阳之际，结合毫米／次毫米波与红外线数据，精确测定了氘氢比（D/H）。透过绘制 H₂O 与 HDO 的分布，研究团队判断这些气体确实来自彗核内的冰冻物质，而非在彗发中由化学作用或其他过程生成。测得的 D/H 比值为 (1.71 ± 0.44) × 10⁻⁴，这个数值在所有已观测的彗星中偏低，并与地球海洋完全一致。

上海长征医院骨科医生历经 3 小时成功为一例遭遇罕见严重颈椎骨折脱位、跨度之大几乎可以被称为“身首离断”的患者实施了复位固定手术。这名患者因此前颈部遭受机械臂重击，当场高位截瘫、心跳骤停，经紧急心肺复苏才勉强恢复微弱生命体征。影像学检查结果几乎为患者宣判了“死刑”——其颈椎发生了极其罕见的大跨度离断式脱位，脊髓严重挫伤、关键神经血管结构撕裂。患者于 6 月 18 日进行的手术，目前生命体征稳定，已脱离呼吸机大概半个月。患者双下肢功能永久损伤无法挽回，上肢功能在逐渐锻炼康复中。

Hackers exploited Windows flaw CVE-2025-29824 to deploy PipeMagic malware in RansomExx attacks, Kaspersky revealed. A joint report from Kaspersky and BI.ZONE analyzed the evolution of PipeMagic malware from its first detection in 2022 to new infections observed in 2025. The researchers identified key changes in its operators’ tactics. BI.ZONE experts focused on a technical analysis of the CVE-2025-29824 vulnerability […]

TikTok Shop массово продаёт GPS-трекеры для слежки за партнёрами — ролики с инструкциями набирают миллионы просмотров

7月全球数据泄露态势月度报告，欢迎查看

A vulnerability classified as critical has been found in LiuYuYang01 ThriveX-Blog up to 3.1.7. Affected by this vulnerability is the function updateJsonValueByName of the file /web_config/json/name/web. Performing manipulation results in improper authorization. This vulnerability is cataloged as CVE-2025-9151. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

为了知识，为了永不消逝的黑客精神

A vulnerability described as critical has been identified in Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317. Affected is an unknown function of the file /admin/violation_add.php?id=2. Such manipulation of the argument ID leads to sql injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is listed as CVE-2025-9150. The attack may be performed from a remote location. In addition, an exploit is available. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed.

Submit #629873 / VDB-320530

A vulnerability marked as critical has been reported in Wavlink WL-NU516U1 M16U1_V240425. This impacts the function sub_4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guest_ssid causes command injection. This vulnerability is tracked as CVE-2025-9149. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Submit #629618 / VDB-320529

Submit #629181 / VDB-320528

A vulnerability labeled as critical has been found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component JDBC Connection Handler. The manipulation results in sql injection. This vulnerability is identified as CVE-2025-9148. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A sophisticated malware campaign has been identified, utilizing PipeMagic, a highly modular backdoor deployed by the financially motivated threat actor Storm-2460.  This advanced malware masquerades as a legitimate open-source ChatGPT Desktop Application while exploiting the zero-day vulnerability CVE-2025-29824 in Windows Common Log File System (CLFS) to deploy ransomware across multiple sectors globally. Key Takeaways1. PipeMagic […]

The post PipeMagic Malware Mimic as ChatGPT App Exploits Windows Vulnerability to Deploy Ransomware appeared first on Cyber Security News.

Submit #628912 / VDB-320527