Aggregator

CVE-2025-38511 | Linux Kernel up to 6.12.38/6.15.6 LMTT Page allocation of resources (EUVD-2025-25087)

VulDB Recent Entries
4 weeks 1 day ago
A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.38/6.15.6. Affected by this vulnerability is an unknown functionality of the component LMTT Page Handler. The manipulation results in allocation of resources. This vulnerability is cataloged as CVE-2025-38511. The attack must originate from the local network. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-38505 | Linux Kernel up to 6.12.38/6.15.6 STA Interface state issue (EUVD-2025-25093)

VulDB Recent Entries
4 weeks 1 day ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.38/6.15.6. Affected is an unknown function of the component STA Interface. The manipulation leads to state issue. This vulnerability is listed as CVE-2025-38505. The attack must be carried out from within the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-38509 | Linux Kernel up to 6.15.6 wifi ieee80211_chan_width_to_rx_bw privilege escalation (EUVD-2025-25089)

VulDB Recent Entries
4 weeks 1 day ago
A vulnerability classified as problematic was found in Linux Kernel up to 6.15.6. This impacts the function ieee80211_chan_width_to_rx_bw of the component wifi. Executing manipulation can lead to privilege escalation. This vulnerability is tracked as CVE-2025-38509. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2025-38506 | Linux Kernel up to 6.12.38/6.15.6 kvm_vm_set_mem_attributes denial of service (EUVD-2025-25092)

VulDB Recent Entries
4 weeks 1 day ago
A vulnerability classified as problematic has been found in Linux Kernel up to 6.12.38/6.15.6. This affects the function kvm_vm_set_mem_attributes. Performing manipulation results in denial of service. This vulnerability is identified as CVE-2025-38506. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

AI Pentesting Tool Detects 95% of the Vulnerabilities Faster Than Before

Security Boulevard
4 weeks 1 day ago

An AI pentesting tool leverages automation and advanced algorithms to uncover security flaws at machine speed. Unlike traditional penetration tests conducted periodically by human experts, it delivers continuous scanning across applications, networks, and code to detect threats the moment they emerge. This approach can simulate attacks and spot weak spots much more quickly. In fact, […]

The post AI Pentesting Tool Detects 95% of the Vulnerabilities Faster Than Before appeared first on Kratikal Blogs.

The post AI Pentesting Tool Detects 95% of the Vulnerabilities Faster Than Before appeared first on Security Boulevard.

Shikha Dhingra

PuTTY 有了新官网

Solidot
4 weeks 1 day ago
知名开源虚拟终端 PuTTY 官网网址非常长——www.chiark.greenend.org.uk/~sgtatham/putty。开发者曾经在官网 FAQ 中自信的表示,用户不会找错 PuTTY 官方地址,因为用户在 Google 中搜索 PuTTY 第一个结果就是它。然而今天第一个结果是 www.putty.org——由一位反疫苗者运营的第三方网站,他因为疫情而开始热衷传播虚假信息。此事在开源社区引发了激烈的讨论,最终开发团队于 8 月 14 日宣布注册了一个更简单易记的域名——putty.software。

Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 weeks 1 day ago

A sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in malicious code being distributed to thousands of developer projects worldwide. The incident, discovered on July 18 by ReversingLabs’ automated threat detection system, highlights critical vulnerabilities in modern software development practices, particularly the risks associated with […]

The post Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Kaaviya

CVE-2025-8113 | Ebook Store Plugin prior 5.8015 on WordPress $_SERVER['REQUEST_URI'] cross site scripting

VulDB Recent Entries
4 weeks 1 day ago
A vulnerability described as problematic has been identified in Ebook Store Plugin on WordPress. The impacted element is an unknown function. Such manipulation of the argument $_SERVER['REQUEST_URI'] leads to cross site scripting. This vulnerability is referenced as CVE-2025-8113. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-38502 | Linux Kernel up to 6.16.0 bpf_get_local_storage different out-of-bounds (EUVD-2025-25076)

VulDB Recent Entries
4 weeks 1 day ago
A vulnerability marked as problematic has been reported in Linux Kernel up to 6.16.0. The affected element is the function bpf_get_local_storage. This manipulation of the argument different causes out-of-bounds read. The identification of this vulnerability is CVE-2025-38502. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

The Hackers News
4 weeks 1 day ago
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications," Hunt.io
The Hacker News

Our 20,000 Eyes and Hands

不安全
4 weeks 1 day ago
人工智能正在改变劳动力结构和经济模式。它使每个人都能成为创造者和资源协调者,在全球范围内协作实现个人目标。这种转变打破了传统的企业层级体系,构建了一个以个人为中心、注重资源共享与协作的社会。

Managed ad