491 matches found
Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
A Russian advanced persistent threat APT group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new...
Linux Distros Unpatched Vulnerability : CVE-2026-53164
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle an...
CVE-2026-53164
A flaw was found in the Linux kernel's input/output memory management unit IOMMU Direct Memory Access DMA subsystem, specifically within the software IOMMU bounce buffer SWIOTLB mechanism. This vulnerability occurs when the system attempts to map a zero-length memory region, which can be triggere...
CVE-2026-53164
In the Linux kernel, the following vulnerability has been resolved: iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle and trailer. If the middle is empty because there are no aligned pages ...
UBUNTU-CVE-2026-53164
In the Linux kernel, the following vulnerability has been resolved: iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle and trailer. If the middle is empty because there are no aligned pages ...
PT-2026-45870
Name of the Vulnerable Software and Affected Versions openSeaChest version 25.05.3 Description Out of bounds write and read operations occur when using the --showSCSIDefects command. This issue allows for writing defect information out of bounds when processing very large defect lists, which can ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices. Correct device count for multi-actuator drives, which can cause kernel panics...
CVE-2026-43487
A flaw was found in the Linux kernel's libata-core module. This vulnerability arises from issues with Link Power Management LPM when specific Seagate BarraCuda hard drives e.g., ST1000DM010-2EP102 are connected. This can lead to random system freezes, resulting in a denial of service for the...
CVE-2026-43487 ata: libata-core: Disable LPM on ST1000DM010-2EP102
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Disable LPM on ST1000DM010-2EP102 According to a user report, the ST1000DM010-2EP102 has problems with LPM, causing random system freezes. The drive belongs to the same BarraCuda family as the ST2000DM008-2FR102...
Deep Scan: Expanding Vulnerability Detection Beyond Traditional Boundaries
Security teams estimate that a significant percentage of enterprise software is installed outside standard system directories or package-managed locations, creating persistent visibility gaps for traditional vulnerability-scanning methods. As environments become more decentralized, with...
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twic...
New ClickFix Scam Tricks Users Into Mapping Hacker-Controlled Drives
A new ClickFix scam tricks Windows users into running hidden commands that map hacker-controlled drives and load malware…...
Microsoft Graph Enterprise Intelligence Collector
This Metasploit auxiliary module interacts with the Microsoft Graph API to perform enterprise intelligence collection. It supports authentication using Azure AD application credentials or an existing access token and enables enumeration of Azure users, SharePoint sites, OneDrive files, and Exchan...
CVE-2025-13453
A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...
EUVD-2025-206289
A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...
CVE-2025-13453
A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...
CVE-2025-13453
A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...
CVE-2025-13453
CVE-2025-13453 concerns ThinkPlus USB drives where a user with physical access could read data stored on the drive. The NVD entry and multiple third-party sources (Red Hat, EUVD, CIRCL, CVE records) describe the issue as a data-retrieval risk tied to physical access, with CVSS v3.1 base score 4.6...
CVE-2025-13453
A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...
PT-2026-2959
Name of the Vulnerable Software and Affected Versions ThinkPlus USB drives affected versions not specified Description A potential issue exists in some ThinkPlus USB drives that may allow a user with physical access to read data stored on the drive. Recommendations At the moment, there is no...