Aggregator

За знакомым логотипом прячется схема редиректов, push-ловушек и фейков, замешанная в информационной войне.

The Fog ransomware group has evolved beyond conventional attack methods, deploying an unprecedented arsenal of legitimate pentesting tools in a sophisticated May 2025 campaign targeting a financial institution in Asia. This latest operation marks a significant departure from typical ransomware tactics, incorporating employee monitoring software and open-source penetration testing frameworks previously unseen in the ransomware […]

The post Fog Ransomware Actors Exploits Pentesting Tools to Exfiltrate Data and Deploy Ransomware appeared first on Cyber Security News.

On June 12, 2025, concurrent infrastructure failures at Cloudflare and Google caused widespread service disruptions, highlighting vulnerabilities in modern cloud dependencies. The outages impacted critical services ranging from authentication systems to AI platforms, underscoring the fragility of interconnected internet ecosystems. Cloudflare Outage: Cloudflare’s outage began at 17:52 UTC when internal monitoring detected failures in device […]

The post Major Outage Hits Google Cloud and Linked Cloudflare Services, Thousands Affected appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

悬镜再次领衔安全牛报告代表性创新能力表现、最佳实践、代表厂商推荐。

对于停止在 X 平台上投放广告的企业，马斯克（Elon Musk）采取了起诉或威胁起诉的策略。根据 WSJ 的报告， 这一策略取得了部分成效。2022 年起不再投放广告的 Verizon 公司在去年底被通知，如果再不投广告就要被起诉。Verizon 随后承诺今年将至少投入 1000 万美元（这一数额仍然远远低于 2020 年的 8000 万美元）。时尚公司拉夫·劳伦 (Ralph Lauren)在收到起诉威胁之后也同意恢复投放广告。至少有六家企业因为面临起诉威胁或施压策略而与 X 达成了广告交易。X 是亚马逊云服务 AWS 的客户，但它拖欠了应付款项，并以此为筹码要求 亚马逊投放广告。在 CEO Andy Jassy 的参与下，亚马逊最后同意扩大对 X 的广告支出。X 今年 2 月将乐高公司以及和 Pinterest 加入到起诉名单中，但两家公司拒绝屈服。

A vulnerability, which was classified as critical, has been found in VMware SALT. This issue affects the function find_file. The manipulation leads to permission issues. The identification of this vulnerability is CVE-2025-22240. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in VMware SALT. This vulnerability affects unknown code. The manipulation leads to use of a one-way hash with a predictable salt. This vulnerability was named CVE-2024-38822. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in VMware SALT. This affects an unknown part. The manipulation leads to authentication bypass by capture-replay. This vulnerability is uniquely identified as CVE-2024-38823. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Palo Alto GlobalProtect App up to 6.0.0/6.1.0/6.2.8-h1/6.3.2-565/11.2.6. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Endpoint Traffic Policy Enforcement. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is handled as CVE-2025-4227. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in VMware SALT. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component salt.auth.pki. The manipulation of the argument Password leads to improper certificate validation. This vulnerability is known as CVE-2024-38825. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

HiddenLayer’s security research team has uncovered TokenBreak, a novel attack technique that bypasses AI text classification models by exploiting tokenization strategies. This vulnerability affects models designed to detect malicious inputs like prompt injection, spam, and toxic content, leaving protected systems exposed to attacks they were meant to prevent. Technical Breakdown of TokenBreak According to the […]

The post TokenBreak Exploit Tricks AI Models Using Minimal Input Changes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical zero-day vulnerability in Microsoft’s Web Distributed Authoring and Versioning (WebDAV) protocol, tracked as CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group Stealth Falcon since March 2025. The flaw, patched in June’s Patch Tuesday, enables remote code execution (RCE) via manipulated .url shortcut files and has been linked to attacks […]

The post WebDAV Remote Code Execution 0-Day Actively Exploited — PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. Trend Micro address remote code execution and authentication bypass vulnerabilities impacting its Endpoint Encryption (TMEE) PolicyServer and Apex Central solutions. Trend Micro Endpoint Encryption PolicyServer is a centralized management server used in Trend Micro’s Endpoint Encryption solution. It acts […]

Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1,

Copilot научился видеть, думать и подсказывать.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. This affects the function asix_read_cmd. The manipulation leads to unchecked return value. This vulnerability is uniquely identified as CVE-2022-49226. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.121/5.15.46/5.17.14/5.18.3. It has been classified as critical. Affected is the function arm_smmu_device_probe. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-49323. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.15.55/5.18.12. This affects the function READ_ONCE. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2022-49630. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.17.1. It has been declared as critical. This vulnerability affects unknown code of the file /drivers/char/hw_random/cavium-rng-vf.c. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2022-49177. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.10.109/5.15.32/5.16.18/5.17.1. This affects the function __io_sqe_files_scm. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-49144. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.