Aggregator

'Dark Storm Team" Takes Responsibility for 4 Major Outages on Monday
Repeated outages Monday on social media platform X - formerly Twitter - are the result of a distributed denial of service attack, asserted platform owner Elon Musk in a sporadically available tweet. The social media platform experienced four significant outages.

Mental Health Provider, Kansas Clinics Are Latest Victims of Cybercriminal Gang
A Kansas-based medical practice and a Rhode lsland-based provider of mental health and addiction counseling and related services are the latest victims in a growing list of healthcare organizations reporting major data breaches by cybercriminal gang Rhysida.

Ousted Social Security Official Accuses DOGE of Bypassing Critical Data Protections
A former top official at the Social Security Administration has alleged that members of Elon Musk's controversial task force ignored critical security protocols to gain unauthorized access to sensitive data while disregarding established procedures designed to protect it.

GetVisibility's AI Mesh Integration Bolsters Data Classification, Risk Management
Forcepoint is buying Getvisibility to integrate its AI mesh technology, boosting data classification and risk assessment capabilities. The purchase fortifies Forcepoint’s cybersecurity solutions for highly regulated industries, with full integration expected by year-end pending regulatory approval.

GreyNoise observed 400+ IPs exploiting multiple SSRF vulnerabilities across various platforms, with recent activity concentrated in Israel and the Netherlands.

In this blog entry, we uncovered a campaign that uses fake GitHub repositories to distribute SmartLoader, which is then used to deliver Lumma Stealer and other malicious payloads. The campaign leverages GitHub’s trusted reputation to evade detection, using AI-generated content to make fake repositories appear legitimate.

加强关基设施的安全防护能力，提升主动防御和应急响应水平。

Jaguar Land Rover (JLR) Allegedly Suffers Data Breach, Hundreds of Internal Documents and Employee Data Exposed

本文主要研究WebRTC中DTLS握手过程的流量识别方法，在Docker环境中采集流量，采用基于流量统计特征的提取方法，最终利用多层感知器（MLP）模型判断流量是否为Snowflake流量。

本文主要研究WebRTC中DTLS握手过程的流量识别方法，在Docker环境中采集流量，采用基于流量统计特征的提取方法，最终利用多层感知器（MLP）模型判断流量是否为Snowflake流量。

Nick's Chili Parlor Database Allegedly Leaked Online, Over 2,300 User Records Exposed

A vulnerability has been found in Apple macOS up to 14.x and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known as CVE-2024-54473. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple macOS up to 14.x. Affected is an unknown function of the component Removable Volume Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-54463. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Apple macOS up to 14.x. This issue affects some unknown processing of the component Kernel Memory Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-54546. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Robothy local-s3 up to 1.20. This vulnerability affects unknown code. The manipulation leads to xml external entity reference. This vulnerability was named CVE-2025-27136. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in tianti 2.3. This affects an unknown part of the file /article/ajax/save. The manipulation of the argument coverImageURL leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-25908. It is possible to initiate the attack remotely. There is no exploit available.