Aggregator

A vulnerability was found in Dell iDRAC Service Module up to 6.0.3.0. It has been declared as problematic. Affected by this issue is some unknown functionality. The manipulation results in incorrect permission assignment. This vulnerability is known as CVE-2025-38742. Attacking locally is a requirement. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability has been found in Commvault CommCell up to 11.32.101/11.36.59 and classified as problematic. The impacted element is an unknown function of the component Administrator Login Handler. This manipulation causes storing passwords in a recoverable format. This vulnerability is handled as CVE-2025-57789. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Commvault CommCell up to 11.32.101/11.36.59 and classified as very critical. This affects an unknown function. Such manipulation leads to absolute path traversal. This vulnerability is uniquely identified as CVE-2025-57790. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Commvault CommCell up to 11.32.101/11.36.59. It has been classified as critical. This impacts an unknown function. Performing manipulation results in argument injection. This vulnerability was named CVE-2025-57791. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

Bitdefender uncovers EggStreme, a fileless malware by a China-based APT targeting the Philippine military and APAC organisations. Cybersecurity…

Платформа приостановила работу после кибератаки.

A remote code execution vulnerability has been discovered in the Cursor AI Code Editor, enabling a malicious code repository to run code on a user’s machine upon opening automatically. The research team at Oasis Security uncovered the flaw, which bypasses typical user consent prompts by exploiting a default configuration setting in the popular editor. According […]

The post Cursor AI Code Editor RCE Vulnerability Enables “autorun” of Malicious on your Machine appeared first on Cyber Security News.

Secure your data with the 15 best IAM software solutions. Find practical tools to manage user access and prevent identity attacks effectively.

The post Best Identity and Access Management (IAM) Software appeared first on Security Boulevard.

IOC Alert: NetSupport Manager RAT Payload Delivery

FlexiSPY, which is commercially available, can be more easily detected than far more expensive mercenary spyware available to nation states but has similar capabilities once installed, said John Scott-Railton, a forensic researcher at The Citizen Lab who helped confirm the infection.

via the geologic humor & dry-as-the-taiga wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Coastline Similarity’ appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, has been found in Baicells NOVA430e, 430i, NOVA436Q, NEUTRINO430 and NOVA846. Affected by this issue is some unknown functionality. This manipulation causes use of weak hash. This vulnerability is handled as CVE-2025-55053. The attack can be initiated remotely. There is not any exploit available.