USN-7673-1: CRaC JDK 21 vulnerabilities

It was discovered that the 2D component of CRaC JDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

Let’s Be Objective: A Deep Dive into 0bj3ctivityStealer's Features

Let’s Be Objective: A Deep Dive into 0bj3ctivityStealer's Features By Ernesto Fernández Provecho · July 28, 2025 The infostealer landscape keeps evolving year over year, and we are beginning to observe new features, targeting more applications and data, and the implementation of new obfuscation a...

Enhanced Deep Learning DeepFake Detection Integrating Handcrafted Features

The rapid advancement of deepfake and face swap technologies has raised significant concerns in digital security, particularly in identity verification and onboarding processes. Conventional detection methods often struggle to generalize against sophisticated facial manipulations. This study...

NewStart CGSL MAIN 7.02 : python-pynacl Vulnerability (NS-SA-2025-0193)

The remote NewStart CGSL host, running version MAIN 7.02, has python-pynacl packages installed that are affected by a vulnerability: - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks suc...

NewStart CGSL MAIN 7.02 : libssh Vulnerability (NS-SA-2025-0184)

The remote NewStart CGSL host, running version MAIN 7.02, has libssh packages installed that are affected by a vulnerability: - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that...

USN-7668-1 openjdk-21 vulnerabilities

It was discovered that the 2D component of OpenJDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 Mashroor Hasan Bhuiyan discovered that the JSSE...

WordPress Sala Missing Authorization Vulnerability

WordPress Sala is a WordPress theme designed for startups, SaaS services, software technology and more. WordPress Sala suffers from a missing authorization vulnerability that can be exploited by an attacker to cause access to features that are not restricted by ACLs...

Flowable’s Summer 2025 Update Introduces Groundbreaking Agentic AI Capabilities

Flowable’s 2025.1 update brings powerful Agentic AI features to automate workflows, boost efficiency, and scale intelligent business operations...

Microsoft Office 365 Encryption Issue Vulnerability

Microsoft Office 365 is an office software suite product from the American company Microsoft Microsoft. Common components of this product include Word, Excel, Access, Powerpoint, FrontPage, etc. A security vulnerability exists in Microsoft Office 365. An attacker exploiting the vulnerability can...

[SECURITY] Fedora 42 Update: vim-9.1.1552-1.fc42

VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more...

An Investigation of Ear-EEG Signals for a Novel Biometric Authentication System

This work explores the feasibility of biometric authentication using EEG signals acquired through in-ear devices, commonly referred to as ear-EEG. Traditional EEG-based biometric systems, while secure, often suffer from low usability due to cumbersome scalp-based electrode setups. In this study, ...

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service (CVE-2025-36097)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service. This affects WebSphere Liberty with the jsonp-1.0, jsonp-1.1, or jsonp-2.0 features enabled. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application...

AsyncRAT's Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe

Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT , which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. "AsyncRAT has cemented its place as a cornerstone of modern malware an...

DNS Tunneling: Threat Landscape and Improved Detection Solutions

Detecting Domain Name System DNS tunneling is a significant challenge in security due to its capacity to hide harmful actions within DNS traffic that appears to be normal and legitimate. Traditional detection methods are based on rule-based approaches or signature matching methods that are often...

3S-Attack: Spatial, Spectral and Semantic Invisible Backdoor Attack against DNN Models

Backdoor attacks involve either poisoning the training data or directly modifying the model in order to implant a hidden behavior, that causes the model to misclassify inputs when a specific trigger is present. During inference, the model maintains high accuracy on benign samples but misclassifie...

Spectral Feature Extraction for Robust Network Intrusion Detection Using MFCCs

The rapid expansion of Internet of Things IoT networks has led to a surge in security vulnerabilities, emphasizing the critical need for robust anomaly detection and classification techniques. In this work, we propose a novel approach for identifying anomalies in IoT network traffic by leveraging...

[SECURITY] Fedora 41 Update: uv-0.7.13-4.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

[SECURITY] Fedora 42 Update: uv-0.7.13-4.fc42

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

[SECURITY] Fedora 42 Update: rust-nu-cli-0.99.1-6.fc42

CLI-related functionality for Nushell...

CVE-2025-5678

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘redirectURL’ parameter in all versions up to, and including, 3.5.10 due to insufficient input sanitization and output escaping. This makes it possible for...