CVE-2025-43422

The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection...

CVE-2025-43422

The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection...

CVE-2025-43395

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access protected user data...

CVE-2025-43405

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sonoma prior to 14.8.2 and Sequoia prior to 15.7.2, which stems from improper handling of symbolic links and could result in an...

PT-2025-44858

The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection...

Malwarebytes aces PCMag Readers’ Choice Awards and AVLab Cybersecurity Foundation tests

Malwarebytes proudly topped three categories in PCMag’s 2025 Readers’ Choice Awards, recognized for exceptional protection and user satisfaction. We also earned the latest badge from AVLab Cybersecurity Foundation’s September “Advanced In-The-Wild Malware Test” by blocking 100% of malware samples...

What Are Attack Surface Intelligence Exposures?

Do you know every single digital asset your organization owns? For most security leaders, the honest answer is no. Between shadow IT, forgotten development servers, and complex cloud environments, your true attack surface is full of blind spots. These unknown and unmanaged assets are where...

kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy

In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if securityinodealloc fails, which causes inode-iprivate uninitialized. Then nilfsismetadatafileinode returns true and nilfsfreeinode...

ALSA-2025:19409 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: sr: Fix MAC comparison to be constant-time CVE-2025-39702 kernel: fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-50367 kernel: crypto: xts - Handle EBUSY correctly CVE-2023-53494 F...

CVE-2025-60711

Protection mechanism failure in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Added conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already protect the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed the transport TOCTOU issue. The transport assignment may race with module unloading. This issue is addressed by protecting newtransport from becoming a stale pointer. This also includes fixing an insecure call in...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed a general protection fault in hfsfindinit The hfsfindinit method can cause a crash if the tree pointer is NULL: 45.746290T9787 Oops: general protection fault, likely due to a non-canonical address 0xdffffc0000000008...

Astra Linux – Vulnerability in edk2

EDK2 contains a vulnerability in the BIOS, where an attacker can cause a “Protection Mechanism Failure” through local access. Successful exploitation of this vulnerability will lead to the execution of arbitrary code, compromising Confidentiality, Integrity, and Availability...

EUVD-2025-37390

Protection mechanism failure in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

CVE-2025-60711

Protection mechanism failure in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

CVE-2025-60711

Protection mechanism failure in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Protection mechanism failure in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

PT-2025-44670

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A protection mechanism failure exists in Microsoft Edge Chromium-based that could allow an unauthorized attacker to execute code over a network. The issue enables remote...