Aggregator

A vulnerability was found in Linux Kernel up to 5.15.79/6.0.9 and classified as critical. Affected by this issue is the function prepare_func_exit of the component bpf. The manipulation leads to memory leak. This vulnerability is handled as CVE-2022-49837. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.0.8 on Shigeru. Affected by this vulnerability is the function ns_writer of the component nilfs2. The manipulation leads to use after free. This vulnerability is known as CVE-2022-49834. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Google Go 1.23/1.24. Affected is an unknown function of the component net-http. The manipulation leads to http request smuggling. This vulnerability is traded as CVE-2025-22871. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

Arizona woman jailed 8.5 years for aiding North Korea's $17 million IT job scam, defrauding over 300 US companies. Learn how to protect your business from such sophisticated cybersecurity threats.

A vulnerability was found in Hola CMS 1.4.9-1. It has been rated as problematic. This issue affects some unknown processing of the file holadb/votes. The manipulation of the argument vote_filename leads to path traversal. The identification of this vulnerability is CVE-2005-0796. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in GNU C Library up to 2.41. It has been classified as problematic. This affects the function regcomp. The manipulation leads to double free. This vulnerability is uniquely identified as CVE-2025-8058. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

Когда джуниор с плохим промтом мощнее бомбы замедленного действия.

A vulnerability was found in Mozilla Firefox up to 140 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-8034. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 140. It has been classified as critical. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-8034. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 140. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Javascript Engine. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-8033. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 140. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2025-8035. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 140. It has been classified as problematic. Affected is an unknown function of the component Javascript Engine. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-8033. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Allianz Life data breach exposed data of most of 1.4M customers via third-party CRM hack using social engineering. Allianz Life confirmed a data breach exposing personal information of most of its 1.4 million customers. On July 16, 2025, a threat actor accessed a third-party CRM system using social engineering, compromising the data of customers, financial […]

今日暂未更新资讯~
更多最新文章，请访问SecWiki

Welcome to this week’s Cybersecurity Recap. We’re looking at important updates from July 21-27, 2025, in the world of digital threats and defenses. This week has seen significant developments that highlight the ongoing risks of cyber attacks and the need for constant awareness. There is a serious SharePoint vulnerability that puts organizations at risk. We’ve […]

The post Weekly Cybersecurity News Recap : Sharepoint 0-day, Vmware Exploitation, Threats and Cyber Attacks appeared first on Cyber Security News.

Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors. [...]

Name: BelkaCTF #7 (an BelkaCTF event.)
Date: July 25, 2025, 1 p.m. — 27 July 2025, 13:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://belkasoft.com/belkactf7/
Rating weight: 0
Event organizers: TODO: security