Pack-A-Mal: A Malware Analysis Framework for Open-Source Packages

The increasingly sophisticated environment in which attackers operate makes software security an even greater challenge in open-source projects, where malicious packages are prevalent. Static analysis tools, such as Malcontent, are highly useful but are often incapable of dealing with obfuscated...

KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits

...

SonicWall Says All Firewall Backups Were Accessed by Hackers

SonicWall has confirmed that attackers accessed cloud backup configuration files for all customers using its backup service exposing encrypted credentials and network configurations...

EUVD-2025-32307

Malicious code in bioql PyPI...

EUVD-2025-4943

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-10729

The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free...

SUSE CVE-2025-37868

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

DEBIAN-CVE-2025-37868

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

UBUNTU-CVE-2025-37868

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

PT-2025-18757 · WordPress · Tagdiv Composer

Name of the Vulnerable Software and Affected Versions: tagDiv Composer plugin for WordPress versions up to, and including, 5.4 Description: The issue is related to Stored Cross-Site Scripting via multiple shortcodes due to insufficient input sanitization and output escaping on user-supplied...

DEBIAN-CVE-2022-49562

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

CVE-2024-46463

By default, dedicated folders of ORIZON for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ORIZON has to be modified to prevent this vulnerability...

In-memory Data Management Caching Tools: A Guide to the Best Options

In-memory data management caching tools store frequently accessed data in memory, which significantly improves performance by reducing how often the database needs to be accessed...

“Nearly all” AT&T customers had phone records stolen in new data breach disclosure

In a déjà-vu nightmare, US phone giant AT&T has notified customers that cybercriminals managed to download phone call and text message records of "nearly all of AT&T cellular customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023". In a filing with the Securities and Exchang...

Real-time File Access Monitoring (FAM) with Qualys FIM

What is File Access Monitoring FAM? FAM is a security practice that involves tracking and logging access to sensitive files. FAM should be included with any File Integrity Monitoring FIM solution to trigger alerts when critical host files not intended for regular use are accessed. Importance of F...

Command injection

Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by SORTRO and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been...

CVE-2023-29535

Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and...

PYSEC-2023-62

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session...

Anonymous LOGOUT logs explanation

ns.log： Dec 31 16:13:57 172.31.248.107 12/31/2022:08:13:57 GMT PHQCXADC01 0-PPE-0 : default SSLVPN Message 263167 0 : "Created nFactor session for user Anonymous" Dec 31 16:13:57 172.31.248.107 12/31/2022:08:13:57 GMT PHQCXADC01 0-PPE-0 : default SSLVPN Message 263174 0 : "AAAD API:...

IBM Sterling B2B Integrator Authentication Error Vulnerability

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities. IBM Sterling B2B Integrator...