Aggregator

日本禁止苹果 iOS 限制第三方浏览器引擎

Solidot
1 month 1 week ago
日本最近通过了被称为《Bill on the Promotion of Competition for Specified Software Used in Smartphones》的智能手机法案,其中之一是禁止苹果在其 iOS 平台上限制第三方浏览器引擎的做法。第三方浏览器登陆苹果的平台必须使用它的浏览器引擎——即 WebKit,Firefox、Chrome、Edge、Opera、Brave 和 Vivaldi 的 iOS 版本都是 WebKit 的换皮,此举导致 iOS 上的浏览器缺乏竞争。上周日本发布了指南 Mobile Software Competition Act (MSCA) Guidelines,明确禁止苹果的这项政策。MSCA 将于 2025 年 12 月生效,执行该法律将是它面临的一大挑战,欧盟和英国都制定了类似的法律。

UAC-0099 Hackers Weaponize HTA Files to Deploy MATCHBOIL Loader Malware

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 month 1 week ago

UAC-0099 is a threat actor organization that has been targeting state officials, defense forces, and defense-industrial firms in a series of sophisticated cyberattacks that Ukraine’s CERT-UA has been investigating. The attacks typically initiate with phishing emails from UKR.NET addresses, featuring subjects like “court summons” and links to legitimate file-sharing services, often shortened via URL shorteners. […]

The post UAC-0099 Hackers Weaponize HTA Files to Deploy MATCHBOIL Loader Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2025-27835 | Artifex Ghostscript up to 10.04.0 Glyphs Converter psi/zbfont.c buffer overflow (Nessus ID 233372 / WID-SEC-2025-0556)

Vuldb Updates
1 month 1 week ago
A vulnerability was found in Artifex Ghostscript. It has been classified as critical. Affected is an unknown function of the file psi/zbfont.c of the component Glyphs Converter. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2025-27835. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-27836 | Artifex Ghostscript up to 10.04.0 BJ10V Device gdev10v.c buffer overflow (Nessus ID 233372 / WID-SEC-2025-0556)

Vuldb Updates
1 month 1 week ago
A vulnerability was found in Artifex Ghostscript. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file contrib/japanese/gdev10v.c of the component BJ10V Device. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2025-27836. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-27830 | Artifex Ghostscript up to 10.04.0 base/write_t1.c buffer overflow (Nessus ID 233372 / WID-SEC-2025-0556)

Vuldb Updates
1 month 1 week ago
A vulnerability, which was classified as critical, has been found in Artifex Ghostscript. Affected by this issue is some unknown functionality of the file base/write_t1.c. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2025-27830. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-27832 | Artifex Ghostscript up to 10.04.0 NPDL Device gdevnpdl.c buffer overflow (Nessus ID 233372 / WID-SEC-2025-0556)

Vuldb Updates
1 month 1 week ago
A vulnerability, which was classified as critical, was found in Artifex Ghostscript. This affects an unknown part of the file contrib/japanese/gdevnpdl.c of the component NPDL Device. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-27832. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-27831 | Artifex Ghostscript up to 10.04.0 DOCXWRITE TXTWRITE Device doc_common.c buffer overflow (Nessus ID 233372 / WID-SEC-2025-0556)

Vuldb Updates
1 month 1 week ago
A vulnerability classified as critical was found in Artifex Ghostscript. This vulnerability affects unknown code of the file devices/vector/doc_common.c of the component DOCXWRITE TXTWRITE Device. The manipulation leads to buffer overflow. This vulnerability was named CVE-2025-27831. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-27833 | Artifex Ghostscript up to 10.04.0 TTF Font Name pdf/pdf_fmap.c buffer overflow (Nessus ID 233372 / WID-SEC-2025-0556)

Vuldb Updates
1 month 1 week ago
A vulnerability has been found in Artifex Ghostscript and classified as critical. This vulnerability affects unknown code of the file pdf/pdf_fmap.c of the component TTF Font Name Handler. The manipulation leads to buffer overflow. This vulnerability was named CVE-2025-27833. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-27834 | Artifex Ghostscript up to 10.04.0 PDF Document pdf/pdf_func.c buffer overflow (Nessus ID 233372 / WID-SEC-2025-0556)

Vuldb Updates
1 month 1 week ago
A vulnerability, which was classified as critical, has been found in Artifex Ghostscript. This issue affects some unknown processing of the file pdf/pdf_func.c of the component PDF Document Handler. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2025-27834. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Threat Actors Weaponize Smart Contracts to Drain User Crypto Wallets of More Than $900k

Cyber Security News
1 month 1 week ago

In a sophisticated campaign uncovered in early 2024, cybercriminals have begun distributing malicious Ethereum smart contracts masquerading as lucrative trading bots. These weaponized contracts leverage Web3 development platforms such as Remix to entice victims into deploying code that appears to execute arbitrage strategies, only to siphon deposited funds into attacker-controlled wallets. Instead of conducting legitimate […]

The post Threat Actors Weaponize Smart Contracts to Drain User Crypto Wallets of More Than $900k appeared first on Cyber Security News.

Tushar Subhra Dutta

Managed ad