PT-2025-37163

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 through 27.3.4.3 Erlang OTP versions 27.3.4.3 Erlang OTP versions 28.0.3 ssh versions 3.0.1 through 5.3.3 ssh versions 5.1.4.12 ssh versions 5.2.11.3 Description An Allocati...

Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises

Phishing-as-a-Service PhaaS platforms keep evolving, giving attackers faster and cheaper ways to break into corporate accounts. Now, researchers at ANY.RUN has uncovered a new entrant: Salty2FA , a phishing kit designed to bypass multiple two-factor authentication methods and slip past traditiona...

Linux Distros Unpatched Vulnerability : CVE-2016-0847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to spoof the originating telephone number of...

Important: Red Hat Security Advisory: pam security update

An update for pam is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

Google Android Information Disclosure Vulnerability (CNVD-2025-19991)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability due to an obfuscated agent in multiple functions of StatusHint.java and TelecomServiceImpl.java. An attacker could exploit the vulnerability to disclose...

CISA and Partners Release Joint Advisory on Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage Systems

CISA, along with the National Security Agency, Federal Bureau of Investigation, and international partners, released a joint Cybersecurity Advisory on People’s Republic of China PRC state-sponsored Advanced Persistent Threat APT actors targeting critical infrastructure across sectors and continen...

CVE-2025-0082

In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

WarLock Ransomware group Claims Breach at Colt Telecom and Hitachi

WarLock ransomware claims breach at Colt and Hitachi, with Colt investigating and working to restore systems while experts…...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433: Erlang/OTP SSH Unauthenticated RCE PoC !CVE-...

Linux Distros Unpatched Vulnerability : CVE-2025-46712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 fo...

Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls

Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform OTP SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology OT networks. The vulnerability in questio...

Bouygues Telecom Hit by Cyberattack, 6.4 Million Customers Affected

A cyberattack on Bouygues Telecom exposed data for 6.4 million customers. Find out what information was compromised and…...

CVE-2025-8804 Open5GS AMF ngap_build_downlink_nas_transport assertion

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

Exploit for Out-of-bounds Read in Openssl

This repository contains exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House. The exploits target various vulnerabilities in different products and services, including: 1. AirWatch MDM solution: The repository contains a file called...

SKTelecom com.skt.prod.dialer 安全漏洞

SKTelecom com.skt.prod.dialer is an official dialing and call management application from SKTelecom Korea. A security vulnerability exists in SKTelecom com.skt.prod.dialer version 12.5.0 and earlier, which stems from a vulnerability that allows arbitrary applications to make phone calls via a...

Askey RTF8207w和Askey RTF8217 安全漏洞

The Askey RTF8207w and Askey RTF8217 are both fiber optic GPON home gateways from Askey Taiwan, China. A security vulnerability exists in the Askey RTF8207w and Askey RTF8217, which stems from a stack-based buffer overflow issue that could allow a remote attacker to take control of the program...

Ex US Soldier Cameron Wagenius Guilty in Telecom Hacking and Extortion

Former US Army soldier Cameron Wagenius pleads guilty to hacking telecom companies and extorting $1 million+ using cybercrime forums like BreachForums and XSS...

OESA-2025-1767 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Improper Limitation of a Pathname to a Restricted...

Google Chrome to Distrust Chunghwa & Netlock Certificates: How Qualys Certificate View Helps You Respond

In a major change to the global certificate ecosystem, Google Chrome has announced that it will no longer trust any new digital certificates issued by Chunghwa Telecom and Netlock, two long-standing Certificate Authorities CAs, after July 31, 2025. This move is part of Chrome’s ongoing efforts to...