Aggregator

Ingram Micro Confirms Ransomware Incident Impacting Internal Infrastructure

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 day 23 hours ago

Ingram Micro Holding Corporation (NYSE: INGM), a global leader in technology distribution and supply chain solutions, has confirmed that it recently experienced a ransomware attack targeting certain internal systems. The company issued a statement today addressing the ongoing system outage and the steps being taken to mitigate the impact. Incident Overview According to Ingram Micro, […]

The post Ingram Micro Confirms Ransomware Incident Impacting Internal Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2025-7209 | 9fans plan9port up to 9da5b44 src/libsec/port/x509.c value_decode null pointer dereference (Issue 711)

VulDB Recent Entries
1 day 23 hours ago
A vulnerability has been found in 9fans plan9port up to 9da5b44 and classified as problematic. Affected by this vulnerability is the function value_decode in the library src/libsec/port/x509.c. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-7209. Local access is required to approach this attack. Furthermore, there is an exploit available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. It is recommended to apply a patch to fix this issue.
vuldb.com

Free certificates for IP addresses: security problem or solution?

不安全
1 day 23 hours ago
Let's Encrypt首次为IP地址颁发证书,既方便了无域名网站的安全访问,也带来了潜在风险。虽然该功能支持远程设备管理等合法需求,但也可能被网络犯罪分子滥用进行钓鱼攻击。用户需警惕包含IP地址的链接,并采取多因素认证等安全措施保护账户安全。

RingReaper – New Linux EDR Evasion Tool Using io_uring Kernel Feature

Cyber Security News
2 days ago

A sophisticated new Linux evasion tool called RingReaper has emerged, leveraging the legitimate io_uring kernel feature to bypass modern Endpoint Detection and Response (EDR) systems.  This advanced red team tool demonstrates how attackers can exploit high-performance asynchronous I/O operations to conduct stealthy operations while remaining undetected by traditional security monitoring mechanisms. We recently discussed a […]

The post RingReaper – New Linux EDR Evasion Tool Using io_uring Kernel Feature appeared first on Cyber Security News.

Guru Baran

CVE-2025-7207 | mruby up to 3.4.0-rc2 nregs codegen.c scope_new heap-based overflow (Issue 6509)

VulDB Recent Entries
2 days ago
A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope_new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2025-7207. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Taiwan flags security risks in popular Chinese apps after official probe

Security Affairs
2 days ago
Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China. Taiwan National Security Bureau (NSB) warns that Chinese apps like TikTok, WeChat, Weibo, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China, following an official inspection with […]
Pierluigi Paganini

Threat Actors Turn Job Offers into Scams, Causing Over $264 Million in Losses in 2024

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
2 days ago

In an era marked by a persistent cost-of-living crisis and economic uncertainty, many individuals are seeking side hustles or better-paying jobs to make ends meet. However, threat actors are exploiting this desperation with sophisticated employment scams, netting over $264 million in losses as reported to the FBI in 2024 alone. These scams, often under-reported, thrive […]

The post Threat Actors Turn Job Offers into Scams, Causing Over $264 Million in Losses in 2024 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2025-7206 | D-Link DIR-825 2.10 httpd switch_language.cgi sub_410DDC Language stack-based overflow

VulDB Recent Entries
2 days ago
A vulnerability, which was classified as critical, has been found in D-Link DIR-825 2.10. This issue affects the function sub_410DDC of the file switch_language.cgi of the component httpd. The manipulation of the argument Language leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2025-7206. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

16 Billion Exposed Records Offer Blueprint for Mass Exploitation

不安全
2 days ago
研究人员发现160亿条登录记录暴露,涉及GitHub、Telegram等平台账户。尽管部分数据为新鲜泄露,但大量为旧数据被重复利用。专家警告称,这些凭证可被用于账户接管和网络钓鱼等攻击。尽管数据年龄存疑,但其规模和结构仍构成严重威胁。建议用户加强密码管理并采用多因素认证等安全措施以应对风险。

Managed ad