Aggregator

A vulnerability classified as critical has been found in TeamViewer Remote Full Client and Remote Host up to 11.0.259317/12.0.259318/13.2.36225/14.7.48798/15.61 on Windows. Affected is an unknown function of the file TeamViewer_service.exe. The manipulation leads to argument injection. This vulnerability is traded as CVE-2025-0065. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

Что ждет соцсети с приходом нового президента?

绕过正则表达模式匹配器

A vulnerability has been found in Red Hat OpenShift Service Mesh 2.5.6/2.6.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Envoy Header Hander. The manipulation leads to injection. This vulnerability is known as CVE-2025-0754. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in Red Hat OpenShift Service Mesh and classified as critical. Affected by this issue is some unknown functionality of the component proxyv2-rhel9. The manipulation leads to http request smuggling. This vulnerability is handled as CVE-2025-0752. The attack may be launched remotely. There is no exploit available.

A new method of exploiting the “Bring Your Own Vulnerable Driver” (BYOVD)

Triaging and investigating alerts is central to security operations. As SOC teams strive to keep up

Triaging and investigating alerts is central to security operations. As SOC teams strive to keep up with ever-increasing alert volumes and complexity, modernizing SOC automation strategies with AI has emerged as a critical solution. This blog explores how an AI SOC Analyst transforms alert management, addressing key SOC challenges while enabling faster investigations and responses. Security

Ransomware attacks hav

Новая схема обмана заставила Google пересмотреть свою защиту.

Ransomware attacks have become a relentless threat to the healthcare sector, exposing sensitive patient data, disrupting life-saving treatments, and placing lives at risk. With healthcare systems underfunded and critical infrastructure vulnerable, cybercriminals find this sector an easy and lucrative target.  In recent years, ransomware attacks have not only caused financial losses but have also shaken […]

The post Interlock Ransomware: Analysis of Attacks on US Healthcare Providers appeared first on ANY.RUN's Cybersecurity Blog.

Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use after free bug in CoreMedia, a framework used by Apple devices for the processing of media data. The vulnerability can be triggered by a malicious application and may allow attackers to elevate privileges on targeted devices. “Apple is aware of a report that this issue may have been actively exploited … More →

The post Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) appeared first on Help Net Security.

Ransomware / Threat IntelligenceCybersecurity researchers have found that ransomware attacks targe