Aggregator

A vulnerability classified as problematic was found in JetBrains IntelliJ IDEA up to 2025.1. Affected is an unknown function. Such manipulation leads to cleartext transmission of sensitive information. This vulnerability is documented as CVE-2025-57727. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

Mozilla has released Firefox 142 to address multiple critical security vulnerabilities that could enable remote attackers to execute arbitrary code on affected systems. The Mozilla Foundation Security Advisory 2025-64, announced on August 19, 2025, details nine distinct vulnerabilities ranging from high-severity remote code execution flaws to spoofing and denial-of-service issues. Critical Remote Code Execution Vulnerabilities […]

The post High-Severity Mozilla Flaws Allow Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SharePoint стал трещиной в фундаменте цифровой инфраструктуры.

A critical pre-handshake vulnerability in the LSQUIC QUIC implementation that allows remote attackers to crash servers through memory exhaustion attacks.  The vulnerability, designated CVE-2025-54939 and dubbed “QUIC-LEAK,” affects the second most widely used QUIC implementation globally, potentially impacting over 34% of HTTP/3-enabled websites that rely on LiteSpeed technologies. Key Takeaways1. CVE-2025-54939 allows remote DoS via […]

The post New QUIC-LEAK Vulnerability Let Attackers Exhaust Server Memory and Trigger DoS Attack appeared first on Cyber Security News.

DARPA's Kathleen Fisher discusses the AI Cyber Challenge at DEF CON 33, and the results that proved how automation can help patch vulnerabilities at scale.

AI security is a business problem. Protect your LLM application investment and ROI by connecting your security team with business stakeholders.

A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire Botnet

A Florida judge ignored prosecutors’ request for an eight-year sentence and gave Noah Michael Urban 10 years in prison with three years of supervised release, and ordered him to pay $13 million in restitution to more than 30 victims.

Microsoft announced on August 20, 2025, a significant enhancement to its Microsoft 365 administrative capabilities with the introduction of new tenant-level controls for managing org-wide sharing links for user-built Copilot agents. This feature, scheduled for general availability in mid-September 2025, represents a critical step forward in enterprise governance for AI-powered collaboration tools. Enhanced Administrative Control […]

The post Microsoft 365 Adds New Feature for Admins to Manage Link Creation Policies appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

This video shows how to define a protocol in CapLoader just by providing examples of what the protocol looks like. CapLoader can then identify that protocol in other traffic, regardless of IP address and port number, simply by looking for traffic that behaves similar to what it was trained on. We ca[...]

Static Tundra, a Russian state-sponsored threat actor connected to the FSB’s Center 16 unit, has been responsible for a sustained cyber espionage effort, according to information released by Cisco Talos. Operating for over a decade, this group specializes in compromising network devices to facilitate long-term intelligence gathering, with a focus on extracting configuration data from […]

The post Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial System Configs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

中国有两个卫星星座计划，其一是上海垣信卫星科技有限公司的千帆星座，其二是中国卫星网络集团有限公司的国网星座。千帆星座得到了上海市政府的支持，2024 年 8 月发射了首批卫星，计划总共发射 1.5 万颗卫星。千帆星座被认为更接近于美国 SpaceX 的 Starlink 星座。国网星座要神秘得多，而中国卫星网络集团有限公司成立于 2021 年，属于国资委央企，它计划发射 12992 颗宽带卫星。美国军方认为国网可能不只是 Starlink 的中国版。国网星座的发射频率接近 Starlink，自 7 月 27 日以来中国发射了五组国网卫星，每次发射 5-10 颗，目前在轨卫星共 72 颗；而 SpaceX 在同一时期执行了六次 Starlink 卫星发射，每次最多 28 颗。国网卫星的轨道高度是 Starlink 的三到四倍。美国认为，国网卫星更接近于 SpaceX 为国家侦察办公室（NRO）发射的军用卫星 Starshield，该卫星用于情报、监视和侦察任务，至今已发射近 200 颗。

Поддельные магазины, автозаполнение карт и ни одного подозрения.

Cybersecurity researchers have uncovered a sophisticated new threat campaign that leverages a seemingly legitimate PDF editor application to transform infected devices into residential proxies. The malicious software, distributed under the guise of productivity tools, represents an evolving approach by threat actors who are increasingly exploiting trusted software categories to establish persistent network access and monetize […]

The post Threat Actors Weaponize PDF Editor With New Torjan to Turn Device Into Proxy appeared first on Cyber Security News.

The Kali Linux team has announced a significant enhancement of its Vagrant image build process, streamlining development and simplifying deployment for users. In a move to unify its infrastructure, the team has transitioned from HashiCorp’s Packer to DebOS for generating its pre-configured Vagrant virtual machines. The release also includes a handy cheat sheet to get […]

The post Kali Vagrant Rebuilt Released – Pre-configured DebOS VMs via Command Line appeared first on Cyber Security News.

Миллиард токенов потратили на эксперимент, который перевернул представления о возможностях машин.

Cybercriminals commonly target K-12 schools. To trick staff, students, and even parents into disclosing sensitive information, malicious attackers deploy phishing attacks. Training individuals on how to spot phishing emails is a key guardrail and can prevent significant financial, operational, and regulatory repercussions.  Read on as we unpack seven common phishing email examples and the steps ...

The post 7 Phishing Email Examples (And How To Spot Them) appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post 7 Phishing Email Examples (And How To Spot Them) appeared first on Security Boulevard.

The Federal Bureau of Investigation (FBI) has warned that hackers linked to Russia's Federal Security Service (FSB) are targeting critical infrastructure organizations in attacks exploiting a 7-year-old vulnerability in Cisco devices. [...]