Aggregator

A vulnerability was found in Node.js and classified as problematic. This issue affects some unknown processing of the component Socket Close Handler. The manipulation results in memory leak. This vulnerability is known as CVE-2025-23085. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability marked as problematic has been reported in Node.js up to 20.19.1/22.15.0. This affects the function ReadFileUtf8 of the file uv_fs_s.file of the component UTF-16 Path Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2025-23165. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

Полиция превратила смартфоны режиссёров в круглосуточную прослушку.

Four Kenyan filmmakers became victims of sophisticated surveillance when FlexiSPY spyware was covertly installed on their devices while in police custody, according to forensic analysis conducted by the University of Toronto’s Citizen Lab. The incident occurred on or around May 21, 2025, after authorities seized the devices during arrests connected to allegations surrounding the BBC […]

The post Kenyan Filmmakers Installed With FlexiSPY Spyware That Monitors Messages and Social Media appeared first on Cyber Security News.

NASA 禁止持有有效签证的中国公民进入其设施，参与其太空项目。此前以合同工或学生身份参与 NASA 项目的中国公民在 9 月 5 日发现无法访问所有 NASA 系统和设施，NASA 随后证实它以国家安全理由禁止中国公民，“NASA 已针对中国公民采取了内部措施，包括限制其进入我们的设施、接触材料和网络，以确保我们工作的安全。”中美两国目前都在竞争重返月球，而美国的登月计划 Artemis 正面临成本超支和延误等问题。

A previously unknown advanced persistent threat (APT) group has unleashed a new fileless malware framework, dubbed EggStreme, in a highly targeted espionage campaign against strategic organizations. Emerging in early 2024, EggStreme exploits the legitimate Windows Mail executable (WinMail[.]exe) to sideload a malicious library, allowing attackers to achieve in-memory code execution without writing decrypted payloads to […]

The post New EggStreme Malware With Fileless Capabilities Leverages DLL Sideloading to Execute Payloads appeared first on Cyber Security News.

Kerberoasting, Microsoft, and a Senator When I came up with Kerberoasting in 2014, I never thought it would live for more than a year or two. I (erroneously) thought that […]

The privacy regulator said it identified “a worrying pattern” in the 215 insider threat breach reports from the education sector between January 2022 and August 2024, with 57% of incidents caused by students who were likely motivated by “dares, notoriety, financial gain, revenge and rivalries.”

Эмодзи в чате дошёл до суда.

Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution. A researcher earned $43000 from Google for reporting a critical Chrome vulnerability, tracked as CVE-2025-10200, in the Serviceworker component. A use-after-free (UAF) occurs when a program accesses memory after it has been freed. This can cause crashes, data […]

Organizations manage sensitive data, operate under complex regulations, and face relentless cyber threats. Yet traditional compliance—point-in-time audits, annual assessments, and static reporting—is no longer enough. Attackers don’t wait until your next audit, and regulators expect security to be proactive, not reactive. That’s why modern organizations are embracing continuous compliance—a model that ensures compliance is maintained

The post Continuous Compliance appeared first on Seceon Inc.

The post Continuous Compliance appeared first on Security Boulevard.

In early May 2025, cybersecurity researchers began tracking a novel Remote Access Trojan (RAT) targeting Chinese-speaking users via phishing sites hosted on GitHub Pages. Masked as legitimate installers for popular applications, the initial ZIP archives contained malicious executables engineered to bypass sandbox and virtual machine defenses. Once executed, the first-stage shellcode performs time stability analysis […]

The post kkRAT Employs Network Communication Protocol to Steal Clipboard Contents appeared first on Cyber Security News.

Grondtroepen moeten op technologiegebied zo veilig mogelijk werken en zo effectief mogelijk opereren. Daarom heeft de Koninklijke Landmacht het 101 Cyber en Elektromagnetische Activiteiten (CEMA)-bataljon opgericht. Dat feit werd vandaag met militair ceremonieel gevierd op de Legerplaats Stroe. 

在网络安全行业中，销售活动的繁盛表象之下，隐藏着一种深刻的贫乏。

A vulnerability classified as critical has been found in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/set_hidessid_cfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. This vulnerability is handled as CVE-2025-9579. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical was found in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/set_blacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. This vulnerability is uniquely identified as CVE-2025-9580. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Scada-LTS 2.7.8.1. It has been declared as problematic. This issue affects some unknown processing of the file view_edit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-9145. The attack can be launched remotely. Moreover, an exploit is present.

Browser extensions boost productivity—but also open the door to hidden risks like data exfiltration and AitM attacks. Keep Aware's Buyer's Guide shows how to gain visibility, enforce policies, and block risky add-ons in real time. [...]

F5 announced its intent to acquire CalypsoAI, whose platform brings real-time threat defense, red teaming at scale, and data security to enterprises racing to deploy generative and agentic AI. These capabilities will be integrated into the F5 Application Delivery and Security Platform (ADSP) to create the most complete solution for securing AI inference. “AI is redefining enterprise architecture—and the attack surface companies must defend,” said François Locoh-Donou, President and CEO of F5. “Traditional firewalls and … More →

The post F5 moves to secure generative AI with CalypsoAI acquisition appeared first on Help Net Security.