Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack

The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available packages, targeting developer environments, continuous integration and continuous delivery CI/CD...

CVE-2025-62468

Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally...

CVE-2025-62468

Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally...

CVE-2025-62468

CVE-2025-62468 is a Windows Defender Firewall Service information-disclosure vulnerability caused by an out-of-bounds read that can disclose information locally to an authorized attacker. The issue is described consistently across sources as a local-privilege/ information-disclosure exposure affe...

CVE-2025-62468 Windows Defender Firewall Service Information Disclosure Vulnerability

...

EUVD-2025-202223

Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally...

CVE-2025-62468 Windows Defender Firewall Service Information Disclosure Vulnerability

...

November 11, 2025—KB5068787 (OS Build 20348.4405)

November 11, 2025—KB5068787 OS Build 20348.4405 This cumulative update for Windows Server 2022 KB5068787, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

Windows Defender Firewall Service Information Disclosure Vulnerability

Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally...

EUVD-2025-201832

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...

PT-2025-50168

Name of the Vulnerable Software and Affected Versions Windows Defender Firewall Service affected versions not specified Description An out-of-bounds read issue exists in Windows Defender Firewall Service, potentially allowing an attacker to disclose information locally. The issue allows attackers...

Microsoft Windows Defender 缓冲区错误漏洞

Microsoft Windows Defender is a suite of antivirus software that comes with Windows systems from Microsoft USA. A buffer error vulnerability exists in Microsoft Windows Defender. An attacker could exploit the vulnerability to obtain sensitive information. The following products and versions are...

CVE-2025-64650

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...

CVE-2025-64650

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...

CVE-2025-64650 IBM Storage Defender - Resiliency Service Information Disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...

CVE-2025-64650 IBM Storage Defender - Resiliency Service Information Disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...

CVE-2025-64650

CVE-2025-64650 affects IBM Storage Defender - Resiliency Service for versions 2.0.0–2.0.18, with a disclosed vulnerability where sensitive user credentials could be exposed in log files. The issue is documented across multiple sources (IBM Security Bulletin and Red Hat/EU ENISA entries) and is ti...

Security Bulletin: Denial-of-service attack, SQL injection, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable to denial-of-service attack, SQL injection, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-64458 DESCRIPTION: An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before...

PT-2025-49604

Name of the Vulnerable Software and Affected Versions IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.18 Description The software may disclose sensitive user credentials in log files. Recommendations Update to a version later than 2.0.18...

IBM Storage Defender - Resiliency Service 日志信息泄露漏洞

IBM Storage Defender - Resiliency Service is a component of International Business Machines IBM that provides data resiliency and network resiliency. A log information disclosure vulnerability exists in IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.18, which originates from...