Hackers Exploiting PDF24 App to Deploy Stealthy PDFSIDER Backdoor

Resecurity has identified PDFSIDER malware that exploits the legitimate PDF24 App to covertly steal data and allow remote access. Learn how this APT-level campaign targets corporate networks through spear-phishing and encrypted communications...

StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU's Stack Engine

In this paper, the authors present StackWarp, a software-based architectural attack exploiting the stack engine on AMD Zen CPUs to modify the stack pointer within an SEV-SNP guest, fully breaking integrity...

DEBIAN-CVE-2025-29943

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...

UBUNTU-CVE-2025-29943

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...

CVE-2025-29943

CVE-2025-29943 : AMD CPUs (Zen 1–Zen 5; EPYC) contain a hardware/microarchitectural issue where an admin-privileged host can manipulate the CPU pipeline configuration, potentially corrupting the stack pointer inside a SEV-SNP guest. A PoC titled “StackWarp” demonstrates exploitation by a hypervis...

MiracleLinux 7 : samba-4.2.3-11.el7 (AXSA:2016-023:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-023:01 advisory. Samba is the standard Windows interoperability suite of programs for Linux and Unix. Security issues fixed with this release: CVE-2015-3223 The...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001443 advisory. An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering destruction of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001071)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001071 advisory. A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974. Tenable has extract...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003999)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003999 advisory. An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering destruction of...

MiracleLinux 4 : samba-3.6.23-24.AXS4 (AXSA:2016-013:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-013:01 advisory. Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information such as lists of available files an...

CVE-2026-21917

An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX device configured for UTM Web-Filtering receives a specifical...

PT-2026-3202

Content removed...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003044)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003044 advisory. A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974. Tenable has extract...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002861)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002861 advisory. A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974. Tenable has extract...

QES-Backed Virtual FIDO2 Authenticators: Architectural Options for Secure, Synchronizable WebAuthn Credentials

FIDO2 and the WebAuthn standard offer phishing-resistant, public-key based authentication but traditionally rely on device-bound cryptographic keys that are not naturally portable across user devices. Recent passkey deployments address this limitation by enabling multi-device credentials...

CVE-2023-50441

Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which...

CVE-2023-50442

Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker with appropriate privileges so that specific file types are excluded from encryption temporarily. This modification can, however, be detected, as described in the Administrator Guide...

CVE-2018-1000145

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...

CVE-2020-24722

An issue was discovered in the GAEN aka Google/Apple Exposure Notifications protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause...

CVE-2024-41156

Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with higher privilege of write access...