Aggregator

CVE-2025-14714 | LibreOffice up to 25.2.3 on macOS authentication bypass (EUVD-2025-203361 / WID-SEC-2025-2845)

VulDB Recent Entries
1 week 2 days ago
A vulnerability was found in LibreOffice up to 25.2.3 on macOS. It has been rated as critical. This impacts an unknown function. The manipulation leads to authentication bypass using alternate channel. This vulnerability is referenced as CVE-2025-14714. The attack can only be performed from a local environment. No exploit is available. Upgrading the affected component is advised. VulDB is the best source for vulnerability data and more expert information about this specific topic.
vuldb.com

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

Security Affairs
1 week 2 days ago
A data breach at 700Credit exposed the names, addresses, dates of birth, and Social Security numbers of at least 5.6 million people. 700Credit is a U.S. fintech and data services company that provides credit reports, “soft pull” prequalification, identity verification, fraud detection, and compliance tools to auto, RV, powersports, and marine dealerships across the country.​ […]
Pierluigi Paganini

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)

Help Net Security
1 week 2 days ago

Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days. Several days before the release of these updates, Google fixed CVE-2025-14174 in the desktop version of Chrome, though at the time the issue did not have a CVE number nor a description. In the meantime, CVE-2025-14174 was revealed to be an “out of bounds memory access [flaw] in ANGLE in Google Chrome on Mac prior to … More →

The post Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529) appeared first on Help Net Security.

Zeljka Zorz

LW ROUNDTABLE: Part 3, Cyber resilience faltered in 2025 — recalibration now under way

Security Boulevard
1 week 2 days ago

This is the third installment in our four-part 2025 Year-End Roundtable. In Part One, we explored how accountability got personal. In Part Two, we examined how regulatory mandates clashed with operational complexity.

Part three of a four-part series.

Now … (more…)

The post LW ROUNDTABLE: Part 3, Cyber resilience faltered in 2025 — recalibration now under way first appeared on The Last Watchdog.

The post LW ROUNDTABLE: Part 3, Cyber resilience faltered in 2025 — recalibration now under way appeared first on Security Boulevard.

bacohido

Pear

Dark Feed IO
1 week 2 days ago

You must login to view this content

cohenido

Shannon – AI Pentesting Tool that Autonomously Checks for Code Vulnerabilities and Executes Real Exploits

Cyber Security News
1 week 2 days ago

Shannon is a fully autonomous AI pentesting tool for web applications that identifies attack vectors via code analysis and validates them with live browser exploits. Unlike traditional static analysis tools that merely flag potential issues, Shannon operates as a fully autonomous penetration tester that identifies attack vectors and actively executes real-world exploits to validate them. […]

The post Shannon – AI Pentesting Tool that Autonomously Checks for Code Vulnerabilities and Executes Real Exploits appeared first on Cyber Security News.

Guru Baran

CVE-2025-37732 | Elastic Kibana up to 7.17.29/8.19.7/9.1.7/9.2.1 cross site scripting (EUVD-2025-203357)

VulDB Recent Entries
1 week 2 days ago
A vulnerability was found in Elastic Kibana up to 7.17.29/8.19.7/9.1.7/9.2.1. It has been declared as problematic. This affects an unknown function. Executing manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2025-37732. The attack may be launched remotely. There is no exploit available. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
vuldb.com

Compliance-Ready Cybersecurity for Finance and Healthcare: The Seceon Advantage

Security Boulevard
1 week 2 days ago

Navigating the Most Complex Regulatory Landscapes in Cybersecurity Financial services and healthcare organizations operate under the most stringent regulatory frameworks in existence. From HIPAA and PCI-DSS to GLBA, SOX, and emerging regulations like DORA, these industries face a constant barrage of compliance requirements that demand not just checkboxes, but comprehensive, continuously monitored security programs. The

The post Compliance-Ready Cybersecurity for Finance and Healthcare: The Seceon Advantage appeared first on Seceon Inc.

The post Compliance-Ready Cybersecurity for Finance and Healthcare: The Seceon Advantage appeared first on Security Boulevard.

Anamika Pandey

Managed ad