CVE-2025-54112

Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

CVE-2025-54112

Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

CVE-2025-54112

Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

Description of the security update for SharePoint Server 2016 Language Pack: September 09, 2025 (KB5002777)

Description of the security update for SharePoint Server 2016 Language Pack: September 09, 2025 KB5002777 Summary Important: ​​​​​​​Prior to installing this Cumulative Update, if you're running the 2013 Style Workflows, you must install the August 2025 patch for SharePoint Workflow manager to you...

PT-2025-36679

Name of the Vulnerable Software and Affected Versions: SINAMICS G220 versions prior to 6.4 HF2 SINAMICS S200 version 6.4 SINAMICS S210 versions prior to 6.4 HF2 Description: The affected devices allow a factory reset to be executed without the required privileges due to improper privilege...

PT-2025-36854

Name of the Vulnerable Software and Affected Versions: Microsoft Virtual Hard Drive affected versions not specified Description: A use-after-free issue exists in Microsoft Virtual Hard Drive that could allow an authorized attacker to gain elevated privileges locally. This issue allows attackers t...

CVE-2025-58400

RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-58400

RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-58400

RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-58400

CVE-2025-58400 affects RATOC RAID Monitoring Manager for Windows by RATOC Systems, Inc. The root cause is an unquoted Windows service path, enabling a user with write access to the system drive root directory to run arbitrary code with SYSTEM privileges. Affected products include RATOC RAID Monit...

Slient-URL-Exploit

URL Exploit Hidden Downloader URL contamination and muted Jav...

We Are Still Unable to Secure LLMs from Malicious Inputs

Nice indirect prompt injection attack: Bargury's attack starts with a poisoned document, which is shared to a potential victim's Google Drive. Bargury says a victim could have also uploaded a compromised file to their own account. It looks like an official document on company meeting policies. Bu...

Linux Distros Unpatched Vulnerability : CVE-2022-39347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for drive...

Exploit for CVE-2025-9074

CVE-2025-9074 – Docker Desktop Windows Container→Host Write...

CTM360 Report Explains How Emotions Fuel Modern Fraud

CTM360 research reveals how scammers hook their victims through manipulative traps built on AI, stolen data, and brand…...

CVE-2025-57699

Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with the SYSTEM privilege...

PT-2025-34332 · Western Digital · Western Digital Kitfox For Windows

Name of the Vulnerable Software and Affected Versions: Western Digital Kitfox for Windows affected versions not specified Description: Western Digital Kitfox for Windows registers a Windows service with an unquoted file path. A user with write permission on the root directory of the system drive...

Think before you Click(Fix): Analyzing the ClickFix social engineering technique

Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of enterprise and end-user devices globally every day. Since early 2024, we’ve helped multiple custome...

CVE-2025-9074

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation ECI enabled, and with or without th...

CVE-2025-9074 Docker Desktop allows unauthenticated access to Docker Engine API from containers

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation ECI enabled, and with or without th...