CVE-2025-40139

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in in smcclcprfxset. smcclcprfxset is called during connect and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and devdstrcu under rcureadlock after...

CVE-2025-40133 mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable().

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset and it's not always under RCU. Using skdstgetsk-dev could trigger UAF. Let's use...

EUVD-2024-53807

Malicious code in bioql PyPI...

OESA-2025-2006 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, thi...

Linux Distros Unpatched Vulnerability : CVE-2025-37877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu: Clear iommu-dma ops on cleanup If iommudeviceregister encounters an error, it can end up tearing down already-configured groups and default domains,...

CVE-2025-38250

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

Protecting Your Business on the Move: A Modern Cybersecurity Guide

Stay secure on the move. Protect your devices, data, and privacy with smart habits, reliable gear, updated software…...

Malicious QR codes sent in the mail deliver malware

Physical letters that contain a QR code to trick people into downloading malware are being sent through the mail, according to a warning issued by The Swiss National Cyber Security Centre NCSC. The letters are sent as if they come from the official Swiss Federal Office of Meteorology and...

CVE-2024-47730

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core reports memory error. Therefore, the driver needs to inject the qm error to close the master ooo...

Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update B)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Multiple Sooil Product Information Disclosure Vulnerabilities

Sooil Dana Diabecare RS and others are products of Sooil Corporation, South Korea.Sooil Dana Diabecare RS is a smart insulin pump with a discrete remote control for medical use.Sooil Anydana-i is a mobile application that can be used to control the Sooil Dana Diabecare RS.Sooil Anydana-i is a...

Week Four of National Cyber Security Awareness Month

In partnership with DHS, the National Cyber Security Alliance has released information on Navigating Your Continuously Connected Life which examines our future using Internet of Things IoT devices. The CyberAware Tip of the Week details the infographic on the growing IoT and provides safe computi...

Samsung Galaxy S II (AT&T) trusted pattern lock Security Bypassed

Samsung Galaxy S II AT &T trusted pattern lock Security Bypassed Major security flaw found in AT&T's upcoming Samsung Galaxy S II device. Guys at BGR noticed that the information on the upcoming AT&T version of the Samsung Galaxy S II isn't so safe behind a once trusted pattern lock, and that it...