Aggregator

A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a "full spectrum" of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices. The malware embeds a hard-coded list comprising over 400 applications spanning banking, financial technology, payment processors, cryptocurrency

SmartTube 开发者上周宣布数字签名泄漏，他发布了使用新签名的新版本应用，督促用户切换到新版本。SmartTube 是 Android TV 和 Fire TV 设备上 YouTube 应用的流行替代。开发者透露，他用于构建官方 APK 文件的计算机遭到入侵，导致部分 APK 版本植入了恶意程序。暂时不清楚哪个版本的 APK 最早包含了恶意程序。APKMirror 上的 SmartTube v30.43 和 30.47 都被标记为感染恶意程序。开发者表示，所有旧版本 SmartTube 都已经从项目的 GitHub 库中移除，感染恶意程序的计算机也进行了处理，旧数字签名被弃用。SmartTube v30.56 是使用新签名在干净计算机上构建的首个版本。

Nederland beschermt met 2 Patriot-luchtafweersystemen, Nasams, counter-drone systemen en 300 militairen het logistiek knooppunt voor steun aan Oekraïne. Dit is onderdeel van NATO Security Assistance and Training for Ukraine (NSATU). Vanuit dit knooppunt in Polen gaat militair materieel van NAVO-landen naar Oekraïne. Nederland beveiligt dit tot en met 1 juni 2026. 

报告时间：2025年12月8号10:00～11:00

Команда впервые составила полный молекулярный портрет кровяных везикул и приблизила медицину к предсказанию инфарктов по капле крови.

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 5.18.17/5.19.1. Affected by this issue is the function fuse_release. Such manipulation leads to privilege escalation. This vulnerability is referenced as CVE-2022-50217. The attack needs to be initiated within the local network. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.4.210/5.10.136/5.15.60/5.18.17/5.19.1. This vulnerability affects the function coresight_release_platform_data in the library lib/refcount.c. The manipulation leads to use after free. This vulnerability is documented as CVE-2022-50214. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1. It has been rated as critical. Affected by this vulnerability is the function write_page of the file shell/integrity-blocksize-3.sh. This manipulation causes use after free. The identification of this vulnerability is CVE-2022-50216. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical was found in Linux Kernel up to 5.19.1. This issue affects the function SG_FLAG_DIRECT_IO of the component iSCSI Driver. The manipulation results in buffer overflow. This vulnerability is reported as CVE-2022-50215. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been rated as problematic. This impacts the function raid10_remove_disk of the file lvconvert-raid-reshape.sh. This manipulation causes out-of-bounds read. This vulnerability is handled as CVE-2022-50211. It is feasible to perform the attack on the physical device. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.19.1. The impacted element is the function nf_tables of the component netfilter. Executing manipulation can lead to use after free. This vulnerability is registered as CVE-2022-50213. The attack requires access to the local network. No exploit is available. You should upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1 and classified as critical. Impacted is the function nf_tables of the component netfilter. Performing manipulation results in use after free. This vulnerability is reported as CVE-2022-50212. The attacker must have access to the local network to execute the attack. No exploit exists. The affected component should be upgraded.

A vulnerability marked as critical has been reported in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1. Affected is the function meson_secure_pwrc_probe of the file meson-secure-pwrc.c of the component soc. Performing manipulation results in improper update of reference count. This vulnerability is identified as CVE-2022-50208. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1 and classified as critical. This issue affects the function cpu_max_bits_warn of the file /proc/cpuinfo of the component MIPS. The manipulation results in stack-based buffer overflow. This vulnerability is identified as CVE-2022-50210. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.19.1. This issue affects the function of_find_matching_node. Such manipulation leads to improper update of reference count. This vulnerability is documented as CVE-2022-50209. The attack requires being on the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been declared as critical. Impacted is the function of_find_matching_node of the component ARM. Executing manipulation can lead to improper update of reference count. This vulnerability is handled as CVE-2022-50207. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.