Aggregator

A vulnerability was found in Apple macOS. It has been declared as problematic. This vulnerability affects unknown code of the component App. The manipulation leads to state issue. This vulnerability was named CVE-2025-30432. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in lcms2 2.16. Affected by this issue is the function UnrollChunkyBytes of the file cmspack.c. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2025-29069. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic has been found in lcms2 2.16. This affects the function thesmooth2 of the file cmsgamma.c. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-29070. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in HACHI Crypt::Salt 0.01 on Perl and classified as problematic. Affected by this issue is the function rand. The manipulation leads to cryptographically weak prng. This vulnerability is handled as CVE-2025-1805. The attack may be launched remotely. There is no exploit available.

Четыре способа, как AGI может всё испортить. И ни одного — как спасти.

The Health Sector Coordinating Council is urging the Trump administration to drop work on a proposed HIPAA security rule update and instead engage in a collaborative dialogue with healthcare sector leaders to create alternative cyber requirements, said Greg Garcia, executive director of HSCC.

Incentives, Tech Barriers and Fraud Fears Hamper FedNow Growth
Economic hesitation, legacy concerns and escalating fraud fears have hampered the adoption of a payment rail touted as the next big thing in the U.S. payment landscape, with government backing and technological promise of clear benefits to consumers and the financial sector.

Also: Gootloader Malware, GCHQ Intern Pleads Guilty, Check Point Breach Update
This week, a "Fast Flux" warning, Gootloader malware, an GCHQ intern pleaded guilty to stealing top secret data and Check Point undercuts hacking claim. Also, Google rolled out end-to-end encryption for some Gmail users, Apple backported patches and Dutch prosecutors cut internet access.

European Commission Demands Law Enforcement Access to Data
The European Commission’s ProtectEU strategy aims to overhaul internal security, proposing law enforcement access to encrypted data by 2026 and a roadmap to explore lawful encryption backdoors and enhanced intelligence-sharing between EU member states and agencies to combat rising cyber threats.

11 Cyber Stocks Fared Worse Than the Nasdaq Thursday After Trump Announced Tariffs
Cybersecurity vendors took Thursday's sell-off hard, with Cloudflare, Fortinet and SailPoint experiencing big stock price drops after President Trump announced higher-than-expected tariffs. Eleven publicly traded cybersecurity firms fared worse than the Nasdaq while 12 companies fared better.

The Health Sector Coordinating Council is urging the Trump administration to drop work on a proposed HIPAA security rule update and instead engage in a collaborative dialogue with healthcare sector leaders to create alternative cyber requirements, said Greg Garcia, executive director of HSCC.

Incentives, Tech Barriers and Fraud Fears Hamper FedNow Growth
Economic hesitation, legacy concerns and escalating fraud fears have hampered the adoption of a payment rail touted as the next big thing in the U.S. payment landscape, with government backing and technological promise of clear benefits to consumers and the financial sector.

Also: Gootloader Malware, GCHQ Intern Pleads Guilty, Check Point Breach Update
This week, a "Fast Flux" warning, Gootloader malware, an GCHQ intern pleaded guilty to stealing top secret data and Check Point undercuts hacking claim. Also, Google rolled out end-to-end encryption for some Gmail users, Apple backported patches and Dutch prosecutors cut internet access.

European Commission Demands Law Enforcement Access to Data
The European Commission's ProtectEU strategy aims to overhaul internal security, proposing law enforcement access to encrypted data by 2026 and a road map to explore lawful encryption backdoors and enhanced intelligence sharing between EU member states and agencies to combat rising cyberthreats.

11 Cyber Stocks Fared Worse Than the Nasdaq Thursday After Trump Announced Tariffs
Cybersecurity vendors took Thursday's sell-off hard, with Cloudflare, Fortinet and SailPoint experiencing big stock price drops after President Trump announced higher-than-expected tariffs. Eleven publicly traded cybersecurity firms fared worse than the Nasdaq while 12 companies fared better.