Linux Distros Unpatched Vulnerability : CVE-2026-43410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update RSU isn't enabled in the First Stage Boot Loader FSBL,...

CVE-2026-43410

A flaw was found in the Linux kernel's stratix10-rsu firmware driver. When the Remote System Update RSU is not enabled in the First Stage Boot Loader FSBL, the driver attempts to access an already-freed channel. This can lead to a NULL pointer dereference, causing a kernel panic and resulting in ...

EUVD-2026-28716

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update RSU isn't enabled in the First Stage Boot Loader FSBL, the driver encounters a NULL pointer dereference when excute...

CVE-2026-43410

Summary: CVE-2026-43410 affects the Linux kernel firmware driver for Stratix 10 RSU. When RSU is not enabled in the FSBL, the driver can NULL-dereference via svc_normal_to_secure_thread(), causing a kernel panic. The root cause is rsu_send_async_msg() freeing the channel on failure, while the pro...

CVE-2026-43410 firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update RSU isn't enabled in the First Stage Boot Loader FSBL, the driver encounters a NULL pointer dereference when excute...

EUVD-2022-28751

Malicious code in bioql PyPI...

Embedded Malicious Code

Overview cdn-icon-fetcher-help is a Malicious package. Affected versions of this package are vulnerable to Embedded Malicious Code. Once this package is installed and executed, it downloads a Javascript file from a cdn-static-seven.vercel.app URL, which appears to be an image hosting site. Howeve...

Embedded Malicious Code

Overview cdn-icon-fetch is a Malicious package. Affected versions of this package are vulnerable to Embedded Malicious Code. Once this package is installed and executed, it downloads a Javascript file from a cdn-static-server.vercel.app URL, which appears to be an image hosting site. However, by...

Red Hat Shim Security Breach

Red Hat Shim is a simple software package from Red Hat. It is intended to be used as a first-stage boot loader on UEFI systems. A security vulnerability exists in Red Hat Shim. An attacker exploiting this vulnerability could cause memory corruption and possibly lead to a bootstrap crash or data...

Malware distributor Storm-0324 facilitates ransomware access

The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginnin...

ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection

A significant number of victims in the consumer and enterprise sectors located across Australia, Japan, the U.S., and India have been affected by an evasive information-stealing malware called ViperSoftX. ViperSoftX was first documented by Fortinet in 2020, with cybersecurity company Avast...

NimPlant - A Light-Weight First-Stage C2 Implant Written In Nim

ByCas van Cooten @chvancooten, with special thanks to some awesome folks: Fabian Mosch @S3cur3Th1sSh1t for sharing dynamic invocation implementation in Nim and the Ekko sleep mask function snovvcrash @snovvcrash for adding the initial version of execute-assembly & self-deleting implant option...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

CVE-2022-23822

CVE-2022-23822 concerns the Zynq-7000 SoC First Stage Boot Loader (FSBL). A physical attack may bypass FSBL authentication and load a malicious image onto the device, enabling the attacker to perform further actions such as using the device as a decryption oracle. The NVD entry notes a mitigation...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware

A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers. "The emails use a social engineering technique of...

The first stage of the WER protocol is not SSL encrypted in Windows

The first stage of the WER protocol is not SSL encrypted in Windows Symptoms Microsoft uses Windows Error Reporting WER to transmit troubleshooting information and updates for specific problems in Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008. For example, WER sends...

CVE-2019-17391

An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker with physical access to the device to read the contents of read-protected eFuses, such as flash encryption and...

CVE-2019-17391

An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker with physical access to the device to read the contents of read-protected eFuses, such as flash encryption and...