Aggregator

Two of the 48 Cisco vulnerabilities, affecting Secure Firewall Management Center, are maximum-severity flaws

Магнитное поле мертвой звезды бурлит по законам обычной земной воды.

February brought another round of major detection improvements across ANY.RUN’s threat intelligence and sandbox coverage. Alongside new Threat Intelligence reports, our analysts expanded behavioral visibility across dozens of malware families, strengthened detection logic for modern phishing and data-stealing campaigns, and added thousands of new network detection rules.  Let’s take a closer look at the updates delivered this month.  Threat Intelligence Reports  […]

The post Threat Coverage Digest: New Malware Reports and 2,400+ Detection Rules   appeared first on ANY.RUN's Cybersecurity Blog.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.93/6.12.33/6.15.2. Affected is the function ath12k_service_ready_ext_event of the component wifi. The manipulation results in memory leak. This vulnerability was named CVE-2025-39890. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.4.219/5.10.149/5.15.74/5.19.16/6.0.2. The affected element is the function fsl_lpuart of the component tty. Executing a manipulation can lead to denial of service. The identification of this vulnerability is CVE-2022-50375. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 5.10.162/5.15.86/6.0.17/6.1.3 and classified as critical. This impacts the function ext4_evict_inode of the component ext4. This manipulation causes use after free. This vulnerability is tracked as CVE-2022-50377. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 5.4.228/5.10.162/5.15.85/6.0.15/6.1.1. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the component Orangefs Module. Performing a manipulation results in memory leak. This vulnerability is cataloged as CVE-2022-50376. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical was found in Linux Kernel up to 6.11.5. This affects an unknown function of the component Bluetooth. Executing a manipulation can lead to privilege escalation. This vulnerability is handled as CVE-2024-58241. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.180/6.1.134/6.6.87/6.12.24/6.14.3. This impacts an unknown function of the component Bluetooth. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-39889. The attack can only be initiated within the local network. No exploit exists. It is advisable to upgrade the affected component.

党的十八大以来，以习近平同志为核心的党中央高度重视平台经济发展，作出一系列重大决策部署。党的二十届四中全会审议通过的《中共中央关于制定国民经济和社会发展第十五个五年规划的建议》提出，“推动平台经济创新和健康发展”。

越南《人工智能法》于3月1日正式生效，越南成为东南亚首个以专门立法方式建立较完整人工智能监管框架的国家。该法以风险导向治理为主线，强调对高风险系统的合规评估、透明披露与事故处置，并在概念体系与治理逻辑上明显向欧盟《人工智能法》靠拢。

随着新一轮科技革命和产业变革深入发展，数据这一新型生产要素已成为驱动经济社会发展的重要引擎。

中华人民共和国国民经济和社会发展第十五个五年（2026－2030年）规划纲要，根据《中共中央关于制定国民经济和社会发展第十五个五年规划的建议》编制，主要阐明国家战略意图，明确政府工作重点，引导规范社会主体行为……

Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow. "The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning border crossing appeals

Разработчики FreeScout выпустили экстренное обновление после обнаружения способа обхода защиты.

致力于为每一场CTF赛事提供安全、稳定、高效的保障。

廉价设备即可捕获汽车传感器信号，精准追踪行踪轨迹。

看雪论坛作者ID：DannysMask

A vulnerability was found in Biosig libbiosig 3.9.2. It has been classified as critical. This vulnerability affects unknown code of the component Nicolet WFT Parser. Performing a manipulation results in heap-based buffer overflow. This vulnerability is cataloged as CVE-2026-20777. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as problematic has been found in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2026-3408. The attack can be launched remotely. Moreover, an exploit is present. It is best practice to apply a patch to resolve this issue.