Aggregator

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.12/6.13.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to insufficient verification of data authenticity. This vulnerability is known as CVE-2024-57999. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Submit #631664 / VDB-319890

Submit #631663 / VDB-319889

Submit #631662 / VDB-319888

Submit #631661 / VDB-319887

Человек, который обещал «стабильность», сам лишился опоры.

Submit #631654 / VDB-319886

Submit #631612 / VDB-214715

As we highlighted in our article on building threat resilience in enterprises, one of the key challenges that stand before CISOs is ensuring proactive security. Reacting to incidents is no longer enough; you need to anticipate upcoming threats.  To achieve this, your team needs powerful solutions that meet your criteria and deliver fast results. Explore […]

The post Bridging the Threat Intelligence Gap in Your SOC: A Guide for Security Leaders  appeared first on ANY.RUN's Cybersecurity Blog.

Submit #631603 / VDB-319885

Submit #631551 / VDB-319884

Submit #631543 / VDB-319883

A vulnerability was found in binutils. It has been classified as critical. Affected is the function _bfd_elf_slurp_version_tables of the file bfd/elf.c of the component Table Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2023-1972. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to apply a patch to fix this issue.

A sophisticated new ransomware family called Charon has emerged in the cybersecurity landscape, targeting organizations in the Middle East’s public sector and aviation industry with advanced persistent threat (APT) techniques typically reserved for nation-state actors. The ransomware campaign represents a concerning evolution in cybercriminal operations, combining stealth, precision, and destructive capabilities to maximize impact on […]

The post New Charon Ransomware Employs DLL Sideloading, and Anti-EDR Capabilities to Attack Organizations appeared first on Cyber Security News.

A vulnerability was found in WellChoose Organization Portal System up to IFTOP_P3_2_1_196 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is handled as CVE-2025-8913. The attack may be launched remotely. There is no exploit available.

Submit #631296 / VDB-319882

Submit #631295 / VDB-319881

Submit #631294 / VDB-319880

学到这个 trick 的时候只能说，php 是最好的语言，还没有落幕，每次看到 php 的新 trick 都不得不为之震惊，如何没有 php 代码做到代码执行，实战价值很大，看下面分析 Deadsec 团队这次每一道题是真有东西

Gogs最新RCE分析与利用详情