Security Bulletin: IBM Guardium Data Protection is affected by MySQL Server July 2025 CPU vulnerabilities.

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only se...

PayPal February 2026 Notice of Data Breach

PayPal has released this notice of data breach to its customers following a data exposure issue that spanned from July 1, 2025 to December 13, 2025...

Oracle Java SE Updates (July 2025)

Oracle Java SE Multiple Vulnerabilities July 2025 CVE-2025-50059 CVE-2025-30749 CVE-2025-50106 CVE-2025-23166 CVE-2025-30754...

CVE-2025-12397

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

CVE-2025-12405

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12405

CVE-2025-12405 describes an improper privilege management vulnerability in Looker Studio affecting all JDBC-based connectors. The underlying issue: a user with report view access can copy a report and trigger execution of arbitrary SQL on the data source database because stored credentials attach...

EUVD-2025-44043

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12405 Unauthorized access through stored credentials in Looker Studio

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

CVE-2025-12409 SQL Injection in Looker Studio

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's...

CVE-2025-12397 SQL Injection in Looker Studio

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

CVE-2025-54332

The CVE-2025-54332 entry concerns Samsung Mobile Processor Exynos 1380 NPU. The issue is a NULL pointer dereference in the npu_vertex_profileoff function, specifically involving profiler.node. Documents confirm the affected component as the NPU within Exynos 1380, with a CVSS v3.1 base score of 7...

PT-2025-45021

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos versions through July 2025 Description An out-of-bounds read issue exists in the NPU of Samsung Mobile Processor Exynos. Specifically, the issue resides in the is done for me function, involving a read of q-bufs...

CVE-2025-54333

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Invalid Pointer Dereference of node in the getvs4lprofilernode function...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in July 2025, App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-50106...

Salt Typhoon APT Targets Global Telecom and Energy Sectors, Says Darktrace

The China-linked Salt Typhoon APT group attacked a European telecom via a Citrix NetScaler vulnerability in July 2025, Darktrace reports. This follows past US Army and telecom breaches...

Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network

A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler...

Attackers Actively Exploiting Critical Vulnerability in Service Finder Bookings Plugin

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters!📢 🚀 Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,2...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM Semeru Runtime used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Semeru Runtime Quarterly CPU - Jul 2025 - Includes OpenJDK July 2025 CPU...

EUVD-2025-29550

Malicious code in bioql PyPI...

EUVD-2025-26060

Malicious code in bioql PyPI...