Aggregator

A vulnerability classified as critical has been found in radare2 5.8.8. Affected is an unknown function. The manipulation of the argument name/type/group leads to buffer overflow. This vulnerability is traded as CVE-2024-29646. The attack can only be done within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in Adobe InDesign Desktop up to 19.5.3/20.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2025-47104. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Adobe InDesign Desktop up to 19.5.3/20.2. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2025-47105. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe InDesign Desktop up to 19.5.3/20.2 and classified as critical. This issue affects some unknown processing. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2025-43558. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe InDesign Desktop up to 19.5.3/20.2. It has been classified as critical. Affected is an unknown function. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-43589. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe InDesign Desktop up to 19.5.3/20.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2025-43590. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe InDesign Desktop up to 19.5.3/20.2. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2025-43593. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Adobe InDesign Desktop up to 19.5.3/20.2. Affected is an unknown function. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-47106. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe InDesign Desktop up to 19.5.3/20.2 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-30321. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe InDesign Desktop up to 19.5.3/20.2 and classified as critical. This vulnerability affects unknown code. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2025-30317. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Microsoft experienced a significant service disruption affecting multiple Microsoft 365 services, including Teams and Exchange Online, impacting users globally whose requests were routed through the affected infrastructure. The company has confirmed that all services have now recovered following swift mitigative actions. The disruption primarily affected three core Microsoft services, causing widespread inconvenience for business users […]

The post Microsoft Investigating Teams and Exchange Online Services Disruption Impacting Users appeared first on Cyber Security News.

HackerNews 编译，转载请注明出处： 网络安全公司Insikt Group的最新分析显示，尽管自2023年7月起遭受美国制裁，Predator间谍软件仍持续吸引新用户。 该间谍软件活动在经历早期因制裁和公开曝光导致的衰退后近期再度活跃。研究团队发现其更新了基础设施网络，并首次确认莫桑比克成为新客户，凸显监控工具仍在持续扩散，尤其在非洲地区——Predator已识别的客户中超半数位于非洲大陆。此外，与捷克实体FoxITech s.r.o.的关联表明，幕后运营方Intellexa联盟仍在秘密运作。 2024年3月，美国财政部外国资产控制办公室（OFAC）宣布对Intellexa联盟的两名个人及五家实体采取行动，因其参与开发并分发用于攻击美国公民的Predator间谍软件。该监控软件还被用于监视美国政府官员、记者和政策专家。财政部警告称，商业间谍软件的扩散给美国带来日益增长的风险。该软件已被外国行为体滥用，针对全球范围内的异见人士和记者发动攻击。 Intellexa联盟成立于2019年，充当多家提供商业间谍软件及监控工具的进攻性网络公司的统一营销平台，这些工具专为定向和大规模监控活动设计。Predator间谍软件指一套可通过零点击攻击入侵受害者设备的监控工具组合，以其大规模数据窃取与监控能力著称。 Insikt Group揭露了Predator的新基础设施网络，包括规避性更新与高层级组件。研究人员在多个国家发现活动复苏证据，其中莫桑比克为新关联国家。分析还指出，第五层基础设施（Tier 5）与捷克实体FoxITech存在技术连接，而后者与Intellexa联盟相关。新版基础设施包含可能用于投送有效载荷和攻击受害者的域名。早期域名常伪装成新闻媒体等合法站点，而近期域名改用随机英文或葡萄牙语词汇组合（部分暗示特定目标区域，如伊拉克库尔德斯坦的Badinan地区）。这些域名多通过PublicDomainRegistry注册，且托管网络范围更广，反映出逃避检测的意图。 Predator基础设施已升级为更复杂的五层架构。前四层通过多重路由隐藏间谍软件源头，其中第四层常指向客户所在国家的IP地址。仍具神秘色彩的第五层（Tier 5）则关联捷克公司FoxITech——该公司与Intellexa联盟存在联系。运营方还启用虚假网站（如伪造的404错误页面、登录界面或模拟活动网站）作为欺骗策略。这些调整表明Predator仍是网络领域中持续存在且适应性极强的威胁。 “尽管仅前四层基础设施直接关联Predator客户的操作网络，但Insikt Group持续监测被称为第五层的附加层级——该层级在Predator相关操作中似乎扮演核心角色（具体机制尚不明确）”，报告指出，“第五层服务器已关联捷克实体FoxITech s.r.o.，该公司此前公开资料显示与Intellexa存在关联。” 自2024年3月起，Insikt Group追踪到Predator在十余个国家的活动。部分区域（如刚果民主共和国和安哥拉）在公开曝光后活动曾暂停，但安哥拉于2025年初重启操作。莫桑比克作为新用户出现，其关联域名和IP地址指向一个仍在使用虚假新闻及生活类网站的活动运营方。另一短暂出现的集群（可能关联东欧）暗示其正在进行技术测试或应对新制裁。 “Insikt Group发现的证据表明，尽管媒体广泛报道且针对Intellexa及相关实体的制裁持续实施，Predator仍在包括莫桑比克在内的地区被使用”，报告总结称，“尽管观察到近期活动，但疑似运营商数量较早期报告减少，表明公开曝光、制裁及相关措施可能已对Intellexa造成运营成本压力。此外，Predator运营商历史上长期保持稳定操作手法，但最新发现揭示其已采用新策略以规避检测。”       消息来源： securityaffairs； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as critical, has been found in Oracle Siebel Core up to 21.5. This issue affects some unknown processing of the component Zookeeper. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2017-5637. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Choosing the right DCIM software is crucial for effective data center management. This comparison of Hyperview and Nlyte evaluates them across five key factors: cost, user experience, features, scalability, and customer support, helping you decide which is the better fit for your needs.

The post Hyperview DCIM vs. Nlyte DCIM: Which Software is Right for You? appeared first on Hyperview.

The post Hyperview DCIM vs. Nlyte DCIM: Which Software is Right for You? appeared first on Security Boulevard.

Security researchers have uncovered an active cyberattack campaign targeting Langflow servers through CVE-2025-3248, a critical remote code execution vulnerability that allows threat actors to deploy the sophisticated Flodrix botnet malware. The attacks demonstrate how cybercriminals are rapidly weaponizing newly disclosed vulnerabilities to compromise cloud infrastructure and expand their botnet operations. CVE-2025-3248, rated with a CVSS […]

The post Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet appeared first on Cyber Security News.

HackerNews 编译，转载请注明出处： 英国知名俄罗斯问题研究专家基尔·贾尔斯（Keir Giles）上周末宣布，其多个电子邮箱账户遭黑客以“复杂账户接管”手段攻击，攻击者伪装成美国国务院人员。贾尔斯在领英发布的警告中提醒联系人谨慎处理任何看似由其发送的异常邮件。贾尔斯是《俄罗斯对所有人的战争》一书作者，同时担任智库查塔姆研究所（Chatham House）顾问研究员。 贾尔斯写道：“根据我们应对复杂账户接管攻击的长期经验，攻击者在被锁定前获取的信息（包括您或他人发送给我的消息）很可能被用于未来污染性数据泄露。”此前在去年，贾尔斯已成为为俄罗斯情报部门服务的黑客目标，这些黑客持续冒充研究人员与学者，试图侵入其同事邮箱账户，但当时贾尔斯的账户未被攻破。 网络安全公司Secureworks与Mandiant对针对贾尔斯的钓鱼邮件、附件及凭证窃取基础设施进行了独立分析。两家公司均认为，此次攻击由国家支持的黑客组织实施，该组织被追踪命名为Iron Frontier、Calisto、Coldriver或Star Blizzard。英国政府评估其隶属于俄罗斯情报机构，并于2013年将其归因于俄联邦安全局（FSB）第18中心（Center 18） ——英国政府曾为此召见俄罗斯大使，指控克里姆林宫幕后主导一系列“持续但未遂”的黑客泄密行动，意图破坏民主制度。 与此同时，美国司法部起诉了参与第18中心钓鱼活动的两名俄罗斯公民：FSB官员鲁斯兰·亚历山德罗维奇·佩列季亚特科（Ruslan Aleksandrovich Peretyatko） 及欺诈域名创建者安德烈·斯坦尼斯拉沃维奇·科里涅茨（Andrey Stanislavovich Korinets） ，相关行动可追溯至2016年。英国政府披露，该组织在英国的既往目标包括英国秘密情报局（MI6）前局长理查德·迪尔洛夫爵士（Sir Richard Dearlove） ，以及致力于反制俄罗斯信息战的智库“治国方略研究所”（Institute for Statecraft）。       消息来源： therecord； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability classified as problematic has been found in weblate up to 5.11. This affects an unknown part of the component OTP. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is uniquely identified as CVE-2025-47951. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in weblate up to 5.11. This vulnerability affects unknown code of the component Audit Log Notification Handler. The manipulation leads to exposure of private personal information to an unauthorized actor. This vulnerability was named CVE-2025-49134. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Pure Storage FlashArray up to 6.8.5. This issue affects some unknown processing of the component KEK Encryption Key Handler. The manipulation leads to sensitive information in log files. The identification of this vulnerability is CVE-2025-2327. The attack may be initiated remotely. There is no exploit available.

Justice Officials Will Reportedly Probe the Google-Wiz Deal on Antitrust Grounds
Antitrust enforcers are reportedly pumping the brakes on Google's proposed $32 billion buy of Wiz, but it's unclear if it'll be a single speedbump or an unmovable roadblock. Officials in the Justice Department's antitrust division are assessing if the megadeal would illegally limit competition.