Aggregator

Users of the Veeam Backup Server have encountered a significant issue following the Windows 11 24H2 update. Specifically, the update has disrupted the connection between Veeam Recovery Media and the Veeam Backup Server. This problem affects users who have created recovery media from Windows 11 version 24H2 (build 26100.3194) or higher. When attempting to restore […]

The post Windows 11 24H2 Update Disrupts Connection to Veeam Backup Server appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Currently trending CVE - Hype Score: 26 - A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious ...

A vulnerability was found in DBIx::Class::EncodedColumn up to 0.00032 and classified as problematic. This issue affects the function rand of the file Crypt/Eksblowfish/Bcrypt.pm. The manipulation leads to cryptographically weak prng. The identification of this vulnerability is CVE-2025-27552. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in DBIx::Class::EncodedColumn up to 0.00032 and classified as problematic. This vulnerability affects the function rand in the library lib/DBIx/Class/EncodedColumn/Digest.pm. The manipulation leads to cryptographically weak prng. This vulnerability was named CVE-2025-27551. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Infonet Projekt SA OXARI ServiceDesk. This affects an unknown part. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-1542. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Microsoft says that some customers might experience Remote Desktop and RDS connection issues after installing recent Windows updates released since January 2025. [...]

Cloudflare experienced a significant service outage that affected several of its key offerings, including R2 object storage, Cache Reserve, Images, Log Delivery, Stream, and Vectorize. The incident, which lasted 1 hour and 7 minutes, was traced back to a faulty credential rotation process for the R2 Gateway service. Incident Overview The outage began at 21:38 […]

The post Cloudflare Attributes Service Outage to Faulty Password Rotation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

В новой статье рассказали, как команда СайберОК в рамках Кибериспытаний на Standoff365 нашла открытую Grafana у заказчика и добилась недопустимого события — всё на этапе начального рекона и без особых сложностей.

SplxAI has closed $7 million in seed funding led by LAUNCHub Ventures with participation from Rain Capital, Inovo, Runtime Ventures, DNV Ventures and South Central Ventures. LAUNCHub General Partner Stan Sirakov is also joining the SplxAI Board of Directors and former Brand Engagement Network CISO Sandy Dunn is joining the company as CISO to spearhead development of SplxAI’s GRC offering. The funding will accelerate the development and adoption of the SplxAI Platform, enabling organizations to … More →

The post SplxAI raises $7 million to provide security for agentic AI appeared first on Help Net Security.

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2019-9874 Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability
• CVE-2019-9875 Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply chain attacks targeting the open-source ecosystem. The packages in question are ethers-provider2 and ethers-providerz, with the former downloaded 73 times to date since it was published on