Linux Distros Unpatched Vulnerability : CVE-2025-21861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/migratedevice: don't add folio to be freed to LRU in migratedevicefinalize If migration succeeded, we called foliomigrateflags-memcgroupmigrate to migrate th...

Linux Distros Unpatched Vulnerability : CVE-2022-0492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the Linux kernel's cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allow...

Linux Distros Unpatched Vulnerability : CVE-2025-38014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: idxd: Refactor remove call with idxdcleanup helper The idxdcleanup helper cleans up perfmon, interrupts, internals and so on. Refactor remove call wi...

Who Got Arrested in the Raid on the XSS Crime Forum?

On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered an ongoing frenzy of speculatio...

Security update for kernel-livepatch-MICRO-6-0_Update_3

This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2024-50208: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages bsc1233118 CVE-2024-50250: fsdax: daxunshareiter needs to copy entire blocks bsc1233227 CVE-2024-53146: NFSD: prevent a potential integer overflo...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_7

This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: CVE-2025-22115: btrfs: fix block group refcount race in btrfscreatependingblockgroups bsc1241579 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

CVE-2025-8353

UI synchronization issue in the Just-in-Time JIT access request approval interface in Devolutions Server 2025.2.4.0 and earlier allows a remote authenticated attacker to gain unauthorized access to deleted JIT Groups via stale UI state during standard checkout request processing...

CVE-2025-8353

UI synchronization issue in the Just-in-Time JIT access request approval interface in Devolutions Server 2025.2.4.0 and earlier allows a remote authenticated attacker to gain unauthorized access to deleted JIT Groups via stale UI state during standard checkout request processing...

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2025.2.4.0 and earlier, which stems from a UI synchronization issue that could lead to...

Exploit for Use After Free in Adobe Flash_Player

APTREPORT collected by @blackorbird https://x.com/blackorbird Interesting apt report & sample & malware & technology & intellegence collection APT Group for country Threat Actor Groups Tracked by Palo Alto Networks Unit 42...

CVE-2025-38370 btrfs: fix failure to rebuild free space tree using multiple transactions

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix failure to rebuild free space tree using multiple transactions If we are rebuilding a free space tree, while modifying the free space tree we may need to allocate a new metadata block group. If we end up using multiple...

National Nuclear Security Administration Systems Breached in SharePoint Cyberattack

National Nuclear Security Administration and National Institutes of Health targeted in global Microsoft SharePoint vulnerability exploitation. Chinese hacking groups suspected in widespread data breaches...

CVE-2025-51479

Authorization bypass in updateusergroup in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/manage/admin/user-group/id endpoint, bypassing intended curator-group assignment checks...

Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it...

PT-2025-30578 · Unknown · Sma 100 Series

Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 Series versions 210, 410, and 500v SonicWall SMA 100 Series affected versions not specified Description: A critical authenticated arbitrary file upload vulnerability exists in the SonicWall SMA 100 series web management...

Q2 2025 Ransomware Trends Analysis: Boom and Bust

“Tumultous times” would be an accurate summary of Q2 2025 where ransomware threat actors are concerned. Rapid7’s internal and publicly-available data analysis reveals a dynamic environment where major players come and go, newer groups work their way up the heavy-hitters ladder, and threat actors...

CVE-2025-51479

Authorization bypass in updateusergroup in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/manage/admin/user-group/id endpoint, bypassing intended curator-group assignment checks...

Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based...

Onyx 安全漏洞

Onyx is an AI big modeling platform open-sourced by Onyx. A security vulnerability exists in Onyx version 0.27.0, which stems from an authorization bypass vulnerability in updateusergroup that could lead to modifying arbitrary user groups...

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173: NFSv4.0:...