Aggregator

A vulnerability marked as problematic has been reported in IVT Bluetooth Application BlueSoleilCS 5.4.277. This issue affects some unknown processing of the file Corporation\BlueSoleil\BlueSoleilCS.exe. Performing a manipulation results in unquoted search path. This vulnerability is reported as CVE-2022-50928. The attack requires a local approach. Moreover, an exploit is present.

A vulnerability was found in Ametys CMS 4.4.1. It has been classified as problematic. Affected by this issue is some unknown functionality of the component External Link Handler. The manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2022-50937. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability, which was classified as critical, was found in ggml-org llama.cpp up to 55d4206c8. This issue affects some unknown processing of the component Completion Endpoint. Such manipulation of the argument n_discard leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2026-21869. The attack can be launched remotely. No exploit exists.

A vulnerability, which was classified as problematic, has been found in Microsoft Edge on Android. This vulnerability affects unknown code. This manipulation causes clickjacking. This vulnerability is handled as CVE-2025-62224. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Commvault WebConsole up to 11.32.0/11.36.0/11.40.0/11.42.0. The affected element is an unknown function of the component Report Builder. This manipulation causes cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is tracked as CVE-2025-12776. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

Over 400 malicious OpenClaw packages were uploaded in days, using MoltBot skills to spread password-stealing malware. Researchers uncovered a large malware campaign abusing AI skills for Claude Code and Moltbot users. Between late January and early February 2026, more than 400 malicious skills were published on ClawHub and GitHub, posing as crypto trading tools. OpenClaw […]

本文分析YiFangCMS分片上传文件机制，复现RCE

Former Massachusetts Police Officer Sentenced to Four Years for Child Sexual Abuse Material Possession

Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. [...]

The Chinese APT group Lotus Blossom intruded the tool’s internal systems to snoop on a limited set of users’ activities, according to researchers.

The post China-based espionage group compromised Notepad++ for six months appeared first on CyberScoop.

XPeng обещала «человекоподобную походку». Получилось человекоподобное падение.

Have I Been Pwned says Panera Bread ’s breach affected 5.1 million accounts, far fewer than the 14 million customers first reported. Have I Been Pwned followed claims by the ShinyHunters gang, which said it stole data from over 14 million Panera Bread accounts. After Panera refused to pay, the group leaked a 760MB archive […]

The influence of Chinese money laundering networks has skyrocketed since 2020, with the operations now moving almost 20% of all illicit cryptocurrency being laundered last year, according to Chainalysis researchers. In 2025, they processed more than $16 billion, or about $44 million a day.

The post Fast-Growing Chinese Crime Networks Launder 20% of Illicit Crypto: Chainalysis appeared first on Security Boulevard.

Exposure monitoring has become a core function for security and risk teams but many programs still struggle to deliver clear, actionable outcomes. Alerts pile up, dashboards expand, and yet teams are often left with the same unanswered question: Which exposures actually matter right now? The difference between noise and signal in exposure monitoring often comes …

The post What Verified Breach Data Changes About Exposure Monitoring appeared first on Security Boulevard.

Session 11B: Binary Analysis

Authors, Creators & Presenters: Hongwei Wu (Purdue University), Jianliang Wu (Simon Fraser University), Ruoyu Wu (Purdue University), Ayushi Sharma (Purdue University), Aravind Machiry (Purdue University), Antonio Bianchi (Purdue University)

PAPER
VeriBin: Adaptive Verification of Patches at the Binary Level

Vendors are often provided with updated versions of a piece of software, fixing known security issues. However, the inability to have any guarantee that the provided patched software does not break the functionality of its original version often hinders patch deployment. This issue is particularly severe when the patched software is only provided in its compiled binary form. In this case, manual analysis of the patch's source code is impossible, and existing automated patch analysis techniques, which rely on source code, are not applicable. Even when the source code is accessible, the necessity of binary-level patch verification is still crucial, as highlighted by the recent XZ Utils backdoor. To tackle this issue, we propose VeriBin, a system able to compare a binary with its patched version and determine whether the patch is ''Safe to Apply'', meaning it does not introduce any modification that could potentially break the functionality of the original binary. To achieve this goal, VeriBin checks functional equivalence between the original and patched binaries. In particular, VeriBin first uses symbolic execution to systematically identify patch-introduced modifications. Then, it checks if the detected patch-introduced modifications respect specific properties that guarantee they will not break the original binary's functionality. To work without source code, VeriBin's design solves several challenges related to the absence of semantic information (removed during the compilation process) about the analyzed code and the complexity of symbolically executing large functions precisely. Our evaluation of VeriBin on a dataset of 86 samples shows that it achieves an accuracy of 93.0% with no false positives, requiring only minimal analyst input. Additionally, we showcase how VeriBin can be used to detect the recently discovered XZ Utils backdoor.

ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.

Permalink

The post NDSS 2025 – VeriBin: Adaptive Verification Of Patches At The Binary Level appeared first on Security Boulevard.

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious downloads.

The rise of artificial intelligence has rendered portions of your current cybersecurity playbook obsolete. Unless Chief Information Security Officers (CISOs) act quickly to reorient their thinking, they may be unaware of and unprepared to face emerging AI-related threats. Learn how to secure your organization’s AI usage and ensure implementation won’t have negative consequences. The Serious..

The post Reorient Your Thinking to Tackle AI Security Risks appeared first on Security Boulevard.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.121/6.12.66/6.18.6/6.19-rc5. The affected element is the function dma_pool_create of the component dmaengine. The manipulation results in allocation of resources. This vulnerability is reported as CVE-2026-23033. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 6.18.6/6.19-rc5 and classified as critical. This impacts the function dma_fence_put. Performing a manipulation results in allocation of resources. This vulnerability is known as CVE-2026-23034. Access to the local network is required for this attack. No exploit is available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.12.66/6.18.6/6.19-rc5. It has been classified as critical. Affected by this vulnerability is the function mlx5e_destroy_netdev. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2026-23035. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.