Aggregator

A vulnerability classified as critical has been found in Sauter Modulo 6 Devices modu680-AS, Modulo 6 Devices modu660-AS, Modulo 6 Devices modu612-LC, EY-modulo 5 modu 5 modu524, EY-modulo 5 modu 5 modu525, EY-modulo 5 ecos 5 ecos504 and EY-modulo 5 ecos 5 ecos505 up to 3.1.x. This affects the function importFile of the component SOAP. This manipulation causes path traversal: '.../...//'. This vulnerability appears as CVE-2025-41723. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in Sauter Modulo 6 Devices modu680-AS, Modulo 6 Devices modu660-AS, Modulo 6 Devices modu612-LC, EY-modulo 5 modu 5 modu524, EY-modulo 5 modu 5 modu525, EY-modulo 5 ecos 5 ecos504 and EY-modulo 5 ecos 5 ecos505 up to 3.1.x and classified as critical. This affects an unknown part of the component Webserver. The manipulation results in improper validation of syntactic correctness of input. This vulnerability was named CVE-2025-41719. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability was found in Google Vertex AI 2025-09-27. It has been rated as critical. Impacted is an unknown function. Performing manipulation results in http request smuggling. This vulnerability is identified as CVE-2025-11915. The attack can be initiated remotely. There is not any exploit available. This product is a managed service, which means users themselves cannot handle vulnerability countermeasures. Upgrading the affected component is advised.

Следствие проверяет данные семи журналистов и медиа-деятелей, пострадавших от кибератаки.

Proposed Acquisition Would Create Unified View of AI-Ready Data Environments
Veeam's proposed acquisition of Securiti AI for $1.725 billion addresses a long-standing disconnect between where data runs and where it's protected. The move enhances AI governance and posture management while supporting Veeam's vision for end-to-end data control.

Pen Tests Find States Thwart Basic Attacks But Are Vulnerable to Sophisticated Ones
Pen testing of 10 Medicaid management and enrollment systems found that while the nine states and one territory implemented "generally effective" security controls to prevent limited cyberattacks, improvements are needed to protect against more sophisticated attacks, said a watchdog agency report.

Russian Intel Hackers Flexible in Face of Detection
Russia-linked threat group COLDRIVER rapidly replaced its exposed malware with a stealthier PowerShell variant, using fake CAPTCHA prompts and cryptographic key-splitting to evade detection and escalate surveillance on NGOs, dissidents and policy experts, according to new research.

NTLM Reflection Attack Strikes Again
A three-month old flaw in a network protocol for file sharing used by Microsoft is under active exploitation, warns the U.S. Cybersecurity and Infrastructure Security Agency. The flaw's exploitation bypasses mitigations Microsoft has built over the years to prevent NTLM reflection attacks.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2025-61932 Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Cybercriminals are increasingly exploiting a legitimate Microsoft 365 feature designed for enterprise convenience, turning Exchange Online’s Direct Send into a dangerous vector for phishing campaigns and business email compromise attacks. Security researchers across the industry are sounding the alarm as malicious actors leverage this trusted pathway to bypass authentication checks and deliver convincing internal-looking messages […]

The post Hackers Exploit Microsoft 365 Direct Send to Evade Filters and Steal Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in their own way, with different severity levels, metadata, and context. What’s missing is a system of action. How do you transition from the

​解构神迹：下一代体育科技的核心逻辑。

The Cyber Monitoring Centre has classified the cyber-attack against Jaguar Land Rover as a “systemic cyber event”

Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal victims' cryptocurrency wallet keys. The package, Netherеum.All, has been found to harbor functionality to decode a command-and-control (C2) endpoint and exfiltrate mnemonic phrases, private keys, and

Дыру добавили в список активно эксплуатируемых. Через неё уже взламывают Windows 10, 11 и серверы.

The annual implementation report recommends reversing Trump administration budget cuts, empowering the national cyber director and other steps.

The post US ‘slipping’ on cybersecurity, annual Cyberspace Solarium Commission report concludes appeared first on CyberScoop.

In September 2025, Texas A&M University System (TAMUS) Cybersecurity, a managed detection and response provider, in collaboration with Elastic Security Labs, uncovered a sophisticated post-exploitation campaign by a Chinese-speaking threat actor. Using this method, the attackers installed a malicious IIS module named TOLLBOOTH, deployed a Godzilla-forked webshell framework, leveraged the GotoHTTP remote monitoring and management […]

The post Hackers Use ASP.NET Machine Keys to Break Into IIS, Push Malicious Extensions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

 A SOC is where every second counts. Amidst a flood of alerts, false positives, and ever-short time, analysts face the daily challenge of identifying what truly matters — before attackers gain ground.  That’s where alert triage comes in: the essential first step in detecting, prioritizing, and responding to threats efficiently. Done right, it defines the […]

The post No Threats Left Behind: SOC Analyst’s Guide to Expert Triage  appeared first on ANY.RUN's Cybersecurity Blog.

美方网攻我国授时中心事件再敲警钟，国家关键基础设施防护刻不容缓