CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

The U.S. Cybersecurity and Infrastructure Security Agency CISA and National Security Agency NSA, along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. "By restricting administrative...

Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700713 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207. Patch Instructions: To...

Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001044 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...

Trick, treat, repeat

Welcome to this week's edition of the Threat Source newsletter. This one is pretty much an updated, Halloween-themed version of my newsletter from July, including data up through Q3. October 14th has passed, so free support for Windows 10 has come to an end, leaving you with no more fixes unless...

Important: kernel-livepatch-4.14.355-280.695

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid CVE-2023-53530 Affected Packages: kernel-livepatch-4.14.355-280.695 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Important: kernel-livepatch-6.1.147-172.266

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fix DT error handling for num-channels/ees CVE-2025-39923 Affected Packages: kernel-livepatch-6.1.147-172.266 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

CVE-2025-62610

Hono is a Web application framework that provides support for any JavaScript runtime. In versions from 1.1.0 to before 4.10.2, Hono’s JWT Auth Middleware does not provide a built-in aud Audience verification option, which can cause confused-deputy / token-mix-up issues: an API may accept a valid...

Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002350 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055121 fixes one issue. The following security issue was fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055113 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

UBUNTU-CVE-2023-53694

In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixup panic by disabling preemption In RISCV, we must use an AUIPC + JALR pair to encode an immediate, forming a jump that jumps to an address over 4K. This may cause errors if we want to enable kernel preemption a...

PT-2025-43095

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the RISCV architecture related to ftrace and kernel preemption. The issue arises from the use of an AUIPC + JALR instruction pair to encode an...

CVE-2025-56800

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable...

EUVD-2025-35227

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable...

CVE-2025-56800

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable...

Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059185 fixes several issues. The following security issues were fixed: CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794...

Cybersecurity AI: Evaluating Agentic Cybersecurity in Attack/Defense CTFs

We empirically evaluate whether AI systems are more effective at attacking or defending in cybersecurity. Using CAI Cybersecurity AI's parallel execution framework, we deployed autonomous agents in 23 Attack/Defense CTF battlegrounds. Statistical analysis reveals defensive agents achieve 54.3%...

Security update for the Linux Kernel (Live Patch 60 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059215 fixes several issues. The following security issues were fixed: CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794...

Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-15070078 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673...

Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001029 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...