Aggregator

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.17-rc2. This vulnerability affects the function set_ftrace_filter of the component Function Call Handler. This manipulation causes allocation of resources. This vulnerability is tracked as CVE-2025-39689. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.17-rc2. Affected by this issue is the function insn_rw_emulate_bits of the component comedi. The manipulation leads to information disclosure. This vulnerability is referenced as CVE-2025-39686. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.17-rc2. Affected by this vulnerability is the function request_irq. Executing a manipulation can lead to out-of-bounds read. The identification of this vulnerability is CVE-2025-39685. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is recommended.

Военная медицина получила прототип «умного» порошка.

LayerX researchers say that a security in Anthropic's Claude Desktop Extensions can be exploited to allow threat actors to place a RCE vulnerability into Google Calendar, the latest report to highlight the risks that come with giving AI models with full system privileges unfettered access to sensitive data.

The post Flaw in Anthropic Claude Extensions Can Lead to RCE in Google Calendar: LayerX appeared first on Security Boulevard.

A vulnerability classified as critical was found in Atos Unify OpenScape Common Management Portal V10 up to 4.16.x/5.0.x. This issue affects some unknown processing of the component Common Management Portal Web Interface. The manipulation results in unrestricted upload. This vulnerability is reported as CVE-2023-45353. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Atos Unify OpenScape Common Management Portal V10 up to 4.16.x/5.0.x. Impacted is an unknown function of the component Common Management Portal Web Interface. This manipulation causes privilege escalation. This vulnerability appears as CVE-2023-45354. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Atos Unify OpenScape Common Management Portal V10 up to 4.16.x/5.0.x. The affected element is an unknown function of the component Common Management Portal Web Interface. Such manipulation leads to path traversal. This vulnerability is traded as CVE-2023-45352. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Atos Unify OpenScape 4000 Manager V10 R1 up to 1.42.0. It has been rated as problematic. Affected by this vulnerability is an unknown functionality. This manipulation causes privilege escalation. The identification of this vulnerability is CVE-2023-45350. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Atos Unify OpenScape 4000 Assistant V10 R1 up to 1.42.0. This affects an unknown part of the component AShbr. Performing a manipulation results in command injection. This vulnerability is identified as CVE-2023-45351. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

2026 年欧洲开源开发者大会现场，随着各国对数字主权的关注度持续提升，同时希望将数据从企业云平台迁移至机构自

VoidLink, a Linux-based C2 framework, facilitates credential theft, data exfiltration across clouds

SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution. How did the SmarterTools breach happen? Derek Curtis, the firm’s Chief Operating Officer, said that the breach happened on January 29, 2026. “Prior to the breach, we had approximately 30 servers/VMs with SmarterMail installed throughout our network. Unfortunately, we were unaware of one VM, set up by an employee, … More →

The post Ransomware group breached SmarterTools via flaw in its SmarterMail deployment appeared first on Help Net Security.

Discord announced it will begin globally rolling out “teen-by-default” safety controls and an expanded “age assurance” system in early March, introducing clearer boundaries around age-restricted experiences while leaving most everyday use unchanged. The company says the goal is to make age-appropriate defaults the baseline for everyone, then allow adults to unlock additional capabilities by confirming […]

The post Discord to Age-Restrict User Access to Key Features Starting Next Month appeared first on Cyber Security News.

根据发表在《Drug and Alcohol Dependence》期刊上的一项研究，单次饮酒就能显著改变大脑内部通信。研究人员招募了 107 名年龄在 21-45 岁之间的健康成年人。参与者都是社交饮酒者，没有酒精使用障碍史。参与者参与了两次实验，一次是饮酒一次是安慰剂（酒杯表面散了酒精模拟酒），参与者不知道他们饮用的是酒还是安慰剂。在饮用之后参与者在眼睛睁开的情况下接受核磁共振扫描，记录了指示神经活动的血氧水平。研究人员随后分析了 106 个不同脑区之间的功能连接。分析发现，饮酒后大脑拓扑结构发生了显著变化。多个大脑区域的全局效率略有下降，其中负责处理视觉信息的枕叶尤为显著，显示酒精会使视觉信息更难与大脑其它部分整合运作。额叶和颞叶皮层与其邻近区域更频繁通信，大脑看起来分成更小更独立的区域。维持这种结构所需的能量更少，但阻碍了复杂信息的快速整合能力。全局效率下降最大、局部效率上升最高的参与者报告的醉酒感最强。

Пентагон планирует перевооружить союзников в ближайшие семь лет.

A vulnerability categorized as problematic has been discovered in Atos Unify OpenScape 4000 Assistant V10. Affected by this issue is some unknown functionality of the component AShbr. Such manipulation leads to information disclosure. This vulnerability is referenced as CVE-2023-45349. The attack needs to be initiated within the local network. No exploit is available. It is best practice to apply a patch to resolve this issue.

A vulnerability, which was classified as problematic, was found in Yamcs 5.8.6. Affected by this issue is some unknown functionality of the component HTML File Handler. The manipulation results in unrestricted upload. This vulnerability was named CVE-2023-45281. The attack may be performed from remote. There is no available exploit.

A vulnerability classified as problematic was found in Huddly HuddlyCameraService. The affected element is the function RollingFileAppender.DeleteFile of the component log4net. The manipulation results in improper privilege management. This vulnerability is reported as CVE-2023-45253. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.