Aggregator

A vulnerability, which was classified as problematic, was found in netty up to 4.1.118. This affects an unknown part. The manipulation leads to resource consumption. This vulnerability is uniquely identified as CVE-2025-25193. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in MicroDicom DICOM Viewer 2024.03. Affected by this issue is some unknown functionality. The manipulation leads to improper certificate validation. This vulnerability is handled as CVE-2025-1002. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Apple released iOS and iPadOS updates to address a zero-day likely exploited in extremely sophisticated attacks targeting specific individuals. Apple released emergency security updates to address a zero-day vulnerability, tracked as CVE-2025-24200, that the company believes was exploited in “extremely sophisticated” targeted attacks. An attacker could have exploited the vulnerability to disable the USB Restricted […]

A vulnerability, which was classified as critical, was found in Samsung Devices. Affected is an unknown function of the component CustomFrequencyManagerService. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2024-20835. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Samsung Devices and classified as problematic. Affected by this vulnerability is the function ssmis_get_frm in the library libsubextractor.so. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-20836. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Devices. It has been declared as critical. This vulnerability affects the function IpcTxSndSetLoopbackCtrl of the component libsec-ril. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2023-52432. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

The likely Vietnam-based threat actor has been using two zero-days in VeraCore's warehouse management software in some of its latest cyberattacks.

After claiming responsibility for the ransomware attack in 2024, the "Embargo" ransomware group posted 1.15 terabytes of stolen data to its public Tor site.

LazaGrad Hack Defaced the Website of Wish Future Paths

A proven framework for merging human intuition with AI precision to enhance innovation, reduce bias, and scale operations. Explores real-world case studies, ethical considerations, and hybrid workflows that outperform pure automation models. Essential reading for forward-thinking business leaders.

The post The Art of Human-AI Synergy: A Framework for Smart Collaboration appeared first on Security Boulevard.

Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors. Hewlett Packard Enterprise has started notifying individuals whose personal information was exposed in a December 2023 cyber attack. In January 2024, Hewlett Packard Enterprise (HPE) revealed that alleged Russia-linked cyber espionage group Midnight Blizzard gained access to […]

Apple has rolled out iOS 18.3.1 and iPadOS 18.3.1, addressing a Zero-day vulnerability exploited in targeted extremely sophisticated attacks by taking advantage of disabling the USB-restricted mode. Apple’s USB Restricted Mode is a security feature that prevents unauthorized access to data on an iOS device. It prevents USB accessories from connecting to a locked device after a […]

The post Apple 0-Day Vulnerability Exploited in “Extremely Sophisticated” Attacks in the Wild appeared first on Cyber Security News.