MAL-2025-48534 Malicious code in internallib_v808 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bdc267dc80d71e5150428ae279537b44916538d5b6e8d47b236ee01902ef1516 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ROS-20251021-02

A vulnerability in the btrfs component of the Linux operating system kernel is related to an incorrect lock in the function clearextentuptodate in fs/btrfs/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the KVM component of the...

The Attribution Story of WhisperGate: An Academic Perspective

This paper explores the challenges of cyberattack attribution, specifically APTs, applying the case study approach for the WhisperGate cyber operation of January 2022 executed by the Russian military intelligence service GRU and targeting Ukrainian government entities. The study provides a detail...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987649)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987649 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix panic on out-of-bounds guest IRQ As guestirq is coming from KVMIRQFD API call, it m...

kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALLFLUSHVIRTUALADDRESSLIST and HVCALLFLUSHVIRTUALADDRESSLISTEX allow a guest to request...

New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs

Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP...

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

[BSA-125] Security Update for incus

Mathias Gibbens uploaded new packages for incus which fixed the following security problems: CVE ID : CVE-2025-54286 CVE-2025-54287 CVE-2025-54288 CVE-2025-54289 CVE-2025-54290 CVE-2025-54291 CVE-2025-54293 Multiple security issues were discovered in Incus, a system container and virtual machine...

x86/mce: Work around an erratum on fast string copy instructions

...

Rockwell Automation FactoryTalk View Machine Edition Path Traversal Vulnerability

Rockwell Automation FactoryTalk View Machine Edition is a versatile HMI application from Rockwell Automation. A path traversal vulnerability exists in Rockwell Automation FactoryTalk View Machine Edition, which can be exploited by an attacker to delete any file in the panel's operating system...

Security Bulletin: IBM Technical Suppport Appliance - possible security flaws in memory management leading to information disclosure or denial of service

Summary A flaw in the KASAN Kernel Address Sanitizer code may allow memory to be accessed that is already free and a flaw in Virtual Machine Communication Interface VMCI allowed uninitialized kernel memory to be exposed to userspace. Vulnerability Details CVEID:CVE-2022-49058 DESCRIPTION: In the...

Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to access to the device's file system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

A Hard-Label Black-Box Evasion Attack against ML-Based Malicious Traffic Detection Systems

Machine Learning ML-based malicious traffic detection is a promising security paradigm. It outperforms rule-based traditional detection by identifying various advanced attacks. However, the robustness of these ML models is largely unexplored, thereby allowing attackers to craft adversarial traffi...

CVE-2025-58724

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...

CVE-2025-47989

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...

Qualys ETM Identity — The First True Quantification of the Identity Perimeter

Security has always been about controlling who can do what and where. In 2025, that control is mediated entirely by identity. When an attacker “logs in,” not "breaks in", they inherit legitimate permissions, blend into normal telemetry, and pivot across AD, Entra/Okta, SaaS, and cloud, driving...

Injection, Attack and Erasure: Revocable Backdoor Attacks Via Machine Unlearning

Backdoor attacks pose a persistent security risk to deep neural networks DNNs due to their stealth and durability. While recent research has explored leveraging model unlearning mechanisms to enhance backdoor concealment, existing attack strategies still leave persistent traces that may be detect...

CVE-2025-62376

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...