Он говорит: “Я — VPN”, “Я — Roblox”, “Я — Discord”. А сам превращает ваш роутер в прокси для DDoS
Давно не обновляли свои устройства? Теперь они — часть армейского ботнета RondoDox.
Aggregator
Android malware Anatsa infiltrates Google Play to target US banks
2 days 14 hours ago
The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads. [...]
Bill Toulas
Researchers Reveal 18 Malicious Chrome and Edge Extensions Disguised as Everyday Tools
2 days 14 hours ago
Researchers from Koi Security have detected 18 malicious Chrome and Edge extensions masquerading as benign productivity and entertainment tools
[Control systems] Schneider Electric security advisory (AV25-403)
2 days 14 hours ago
Canadian Centre for Cyber Security
Alleged Sale of Unauthorized Access to Euskal Herria Bildu
2 days 14 hours ago
Alleged Sale of Unauthorized Access to Euskal Herria Bildu
Dark Web Informer - Cyber Threat Intelligence
IBM Power11 debuts with uptime, security, and energy efficiency upgrades
2 days 14 hours ago
IBM unveiled Power11 today, a new generation of Power servers built to improve performance across processing, hardware, and virtualization. It’s designed to run reliably both on-site and in IBM’s hybrid cloud. Enterprises in banking, healthcare, retail and government depend on Power systems for mission-critical workloads. As AI becomes central, these firms face pressure to deploy more applications. IDC projects one billion new “logical apps” by 2028. IBM Power11 aims to handle that growth with uptime, … More →
The post IBM Power11 debuts with uptime, security, and energy efficiency upgrades appeared first on Help Net Security.
Sinisa Markovic
SAP security advisory – July 2025 monthly rollup (AV25-402)
2 days 14 hours ago
Canadian Centre for Cyber Security
Sarcoma
2 days 14 hours ago
You must login to view this content
cohenido
CitrixBleed 2 exploitation started mid-June — how to spot it
2 days 14 hours ago
Kevin Beaumont
CVE-2025-32878 | COROS PACE 3 up to 3.0808.0 TLS Handshake certificate validation
2 days 14 hours ago
A vulnerability has been found in COROS PACE 3 up to 3.0808.0 and classified as critical. This vulnerability affects unknown code of the component TLS Handshake Handler. The manipulation leads to improper certificate validation.
This vulnerability was named CVE-2025-32878. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-48705 | COROS up to 3.0808.0 BLE Message null pointer dereference
2 days 14 hours ago
A vulnerability was found in COROS up to 3.0808.0 and classified as problematic. This issue affects some unknown processing of the component BLE Message Handler. The manipulation leads to null pointer dereference.
The identification of this vulnerability is CVE-2025-48705. The attack needs to be done within the local network. There is no exploit available.
vuldb.com
CVE-2025-48706 | COROS PACE 3 up to 3.0808.0 BLE Message out-of-bounds (EUVD-2025-18751)
2 days 14 hours ago
A vulnerability was found in COROS PACE 3 up to 3.0808.0. It has been classified as problematic. Affected is an unknown function of the component BLE Message Handler. The manipulation leads to out-of-bounds read.
This vulnerability is traded as CVE-2025-48706. The attack needs to be initiated within the local network. There is no exploit available.
vuldb.com
CVE-2025-3227 | Mattermost up to 9.11.15/10.5.5/10.6.5/10.7.2/10.8.0 Playbook Run authorization (EUVD-2025-18758)
2 days 14 hours ago
A vulnerability has been found in Mattermost up to 9.11.15/10.5.5/10.6.5/10.7.2/10.8.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Playbook Run Handler. The manipulation leads to incorrect authorization.
This vulnerability is known as CVE-2025-3227. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-3228 | Mattermost up to 9.11.15/10.5.5/10.6.5/10.7.2/10.8.0 Playbook authorization (EUVD-2025-18757)
2 days 14 hours ago
A vulnerability was found in Mattermost up to 9.11.15/10.5.5/10.6.5/10.7.2/10.8.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Playbook Handler. The manipulation leads to incorrect authorization.
This vulnerability is handled as CVE-2025-3228. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-5479 | Sony XAV-AX8500 Bluetooth AVCTP Protocol heap-based overflow (EUVD-2025-18882)
2 days 14 hours ago
A vulnerability classified as critical was found in Sony XAV-AX8500. Affected by this vulnerability is an unknown functionality of the component Bluetooth AVCTP Protocol Handler. The manipulation leads to heap-based buffer overflow.
This vulnerability is known as CVE-2025-5479. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-5478 | Sony XAV-AX8500 Bluetooth SDP Protocol integer overflow (EUVD-2025-18883)
2 days 14 hours ago
A vulnerability, which was classified as very critical, has been found in Sony XAV-AX8500. Affected by this issue is some unknown functionality of the component Bluetooth SDP Protocol Handler. The manipulation leads to integer overflow.
This vulnerability is handled as CVE-2025-5478. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-5477 | Sony XAV-AX8500 Bluetooth L2CAP Protocol heap-based overflow (EUVD-2025-18884)
2 days 14 hours ago
A vulnerability, which was classified as critical, was found in Sony XAV-AX8500. This affects an unknown part of the component Bluetooth L2CAP Protocol Handler. The manipulation leads to heap-based buffer overflow.
This vulnerability is uniquely identified as CVE-2025-5477. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-5475 | Sony XAV-AX8500 Bluetooth Packet integer overflow (EUVD-2025-18885)
2 days 14 hours ago
A vulnerability has been found in Sony XAV-AX8500 and classified as critical. This vulnerability affects unknown code of the component Bluetooth Packet Handler. The manipulation leads to integer overflow.
This vulnerability was named CVE-2025-5475. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-5820 | Sony XAV-AX8500 Bluetooth ERTM Channel improper authentication (EUVD-2025-18880)
2 days 14 hours ago
A vulnerability, which was classified as critical, has been found in Sony XAV-AX8500. Affected by this issue is some unknown functionality of the component Bluetooth ERTM Channel Handler. The manipulation leads to improper authentication.
This vulnerability is handled as CVE-2025-5820. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-5476 | Sony XAV-AX8500 Bluetooth improper authentication (EUVD-2025-18881)
2 days 14 hours ago
A vulnerability, which was classified as critical, was found in Sony XAV-AX8500. This affects an unknown part of the component Bluetooth. The manipulation leads to improper authentication.
This vulnerability is uniquely identified as CVE-2025-5476. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com