Aggregator
Know Your Enemy: Understanding Dark Market Dynamics
SparkKitty Malware Steals Photos from iOS and Android Devices
A sophisticated Trojan malware campaign has been targeting mobile device users across iOS and Android platforms since February 2024, with cybersecurity researchers identifying a significant escalation in photo theft capabilities that poses particular risks to cryptocurrency users and individuals storing sensitive information in their device galleries. SparkKitty represents a concerning evolution in mobile malware distribution, […]
The post SparkKitty Malware Steals Photos from iOS and Android Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Вы просто хотели выбрать цвет на сайте. Но случайно выбрали себе шпиона в браузер
Microsoft Patches Wormable RCE Vulnerability in Windows Client and Server
Microsoft has released critical security updates to address CVE-2025-47981, a severe heap-based buffer overflow vulnerability in the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism that affects multiple Windows and Windows Server versions. This vulnerability carries a CVSS score of 9.8 out of 10, indicating maximum severity with the potential for remote code execution without user interaction. […]
The post Microsoft Patches Wormable RCE Vulnerability in Windows Client and Server appeared first on Cyber Security News.
一文搞懂 | 大模型为什么出现幻觉?从成因到缓解方案
AlertMedia Incident Response improves coordination and visibility into resolving incidents
AlertMedia launched Incident Response, an addition to its AI-enabled platform designed to help organizations mitigate risks and resolve incidents faster. When impacted by critical events like natural disasters, workplace or public safety emergencies, cybersecurity incidents, and system failures, organizations often struggle to coordinate an effective response due to disparate tools and manual, error-prone processes. AlertMedia’s Incident Response addresses these gaps by delivering a suite of tools that enables security and business continuity teams to activate … More →
The post AlertMedia Incident Response improves coordination and visibility into resolving incidents appeared first on Help Net Security.
Red Hat introduces Enterprise Linux for Business Developers
Red Hat announced Red Hat Enterprise Linux for Business Developers to simplify access to the world’s leading enterprise Linux platform for business-focused development and testing scenarios. A new self-service offering through the Red Hat Developer Program, Red Hat Enterprise Linux for Business Developers helps business development teams build, test and iterate on applications more quickly and on the same platform that underpins production systems across the hybrid cloud at no cost. IT complexity continues to … More →
The post Red Hat introduces Enterprise Linux for Business Developers appeared first on Help Net Security.
Fake CNN and BBC sites used to push investment scams
CVE-2025-27027 | Radiflow iSAP Smart Collector up to 3.02-0 rbash improper isolation or compartmentalization (EUVD-2025-20791)
CVE-2025-38245 | Linux Kernel up to 6.1.142/6.6.95/6.12.35/6.15.4/6.16-rc3 atm_dev_deregister information disclosure (EUVD-2025-20816)
CVE-2025-38243 | Linux Kernel up to 6.15.4/6.16-rc3 btrfs read_one_inode null pointer dereference (EUVD-2025-20818)
CVE-2025-38247 | Linux Kernel up to 6.15.4/6.16-rc3 want_mount_setattr privilege escalation (EUVD-2025-20814)
CVE-2025-38248 | Linux Kernel up to 6.15.4/6.16-rc3 bridge br_multicast_port_ctx_deinit use after free (EUVD-2025-20813)
CVE-2025-38251 | Linux Kernel up to 6.1.142/6.6.95/6.12.35/6.15.4/6.16-rc3 atm clip_push null pointer dereference (EUVD-2025-20810)
CVE-2025-38253 | Linux Kernel up to 6.12.35/6.15.4/6.16-rc3 HID wacom_aes_battery_handler denial of service (EUVD-2025-20808)
CVE-2025-38254 | Linux Kernel up to 6.15.4/6.16-rc3 AMD Display drm_edid_raw memory corruption (EUVD-2025-20807)
CVE-2025-38255 | Linux Kernel up to 6.6.95/6.12.35/6.15.4/6.16-rc3 group_cpus_evenly null pointer dereference (EUVD-2025-20806)
CVE-2025-38259 | Linux Kernel up to 6.1.142/6.6.95/6.12.35/6.15.4 ASoC wcd9335_parse_dt privilege escalation (EUVD-2025-20802)
VS Code Extension Weaponized With Two Lines of Code Leads to Supply Chain Attack
A sophisticated supply chain attack has compromised ETHcode, a popular Visual Studio Code extension for Ethereum development, through a malicious GitHub pull request that required just two lines of code to weaponize the trusted software. The attack, discovered by ReversingLabs researchers, demonstrates how threat actors can infiltrate legitimate development tools with minimal code changes, potentially […]
The post VS Code Extension Weaponized With Two Lines of Code Leads to Supply Chain Attack appeared first on Cyber Security News.