EUVD-2025-37316

Malicious content from E-Mail can be used to perform a redressing attack. Users can be tricked to perform unintended actions or provide sensitive information to a third party which would enable further threats. Attribute values containing HTML fragments are now denied by the sanitization procedur...

CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The vulnerability in...

Exploiting Latent Space Discontinuities for Building Universal LLM Jailbreaks and Data Extraction Attacks

The rapid proliferation of Large Language Models LLMs has raised significant concerns about their security against adversarial attacks. In this work, we propose a novel approach to crafting universal jailbreaks and data extraction attacks by exploiting latent space discontinuities, an architectur...

EUVD-2025-37025

AG Life Logger Android App version v1.0.2.72 and before package name com.donki.healthy, developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force...

LLM-Based Multi-Class Attack Analysis and Mitigation Framework in IoT/IIoT Networks

The Internet of Things has expanded rapidly, transforming communication and operations across industries but also increasing the attack surface and security breaches. Artificial Intelligence plays a key role in securing IoT, enabling attack detection, attack behavior analysis, and mitigation...

Hackers Hijack Corporate XWiki Servers for Crypto Mining

Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers...

Exploit for CVE-2025-40778

CVE-2025-40778 Proof of Concept Educational demonstration of...

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi. "These automated campaigns exploit known CVE vulnerabilities and cloud misconfigurations to gain control over...

CVE-2025-64134

Jenkins JDepend Plugin 1.3.1 and earlier includes an outdated version of JDepend Maven Plugin that does not configure its XML parser to prevent XML external entity XXE attacks...

SIRAJ: Diverse and Efficient Red-Teaming for LLM Agents Via Distilled Structured Reasoning

The ability of LLM agents to plan and invoke tools exposes them to new safety risks, making a comprehensive red-teaming system crucial for discovering vulnerabilities and ensuring their safe deployment. We present SIRAJ: a generic red-teaming framework for arbitrary black-box LLM agents. We emplo...

Jenkins plugins Multiple Vulnerabilities (2025-10-29)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with...

PT-2025-44283

Name of the Vulnerable Software and Affected Versions Jenkins JDepend Plugin versions 1.3.1 and earlier Description The Jenkins JDepend Plugin uses an outdated version of the JDepend Maven Plugin that lacks proper configuration of its XML parser. This configuration deficiency can allow for XML...

Key Emerging Cybersecurity Threats and Challenges for 2025 and Beyond

The global threat landscape is undergoing an unprecedented transformation. Organizations are facing dizzying levels of complexity, driven by rapid technological innovation, the widespread adoption of artificial intelligence, and the expected disruptive effects of quantum computing. At the same...

Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins

Mass exploitation attacks are once again targeting WordPress websites, this time through serious vulnerabilities in two popular plugins,…...

Missing Linux Kernel mitigations for 'TSA' hardware vulnerabilities (AMD-SB-7029)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Secure Retrieval-Augmented Generation against Poisoning Attacks

Large language models LLMs have transformed natural language processing NLP, enabling applications from content generation to decision support. Retrieval-Augmented Generation RAG improves LLMs by incorporating external knowledge but also introduces security risks, particularly from data poisoning...

Compromising Trusted Execution Environments through DDR5 Memory Bus Interposition

Summary Researchers successfully executed a physical bus interposition attack targeting server-grade DDR5 memory, compromising the confidentiality of encrypted data during runtime. AMD does not plan to provide mitigations since physical vector attacks are out of scope for AMD SEV-SNP. as detailed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unrestricted use of NBD to only use TCP and UNIX stream sockets, which could lead to abusive attacks...

CVE-2025-26862 PingFederate unexpected browser flow initiation in redirectless mode

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

A week in security (October 20 – October 26)

Last week on Malwarebytes Labs: Is AI moving faster than its safety net? Thousands of online stores at risk as SessionReaper attacks spread Apple may have to open its walled garden to outside app stores Meta boosts scam protection on WhatsApp and Messenger Home Depot Halloween phish gives users a...