Enterprise Security Incident Analysis and Countermeasures Based on the T-Mobile Data Breach

This paper presents a comprehensive analysis of T-Mobile's critical data breaches in 2021 and 2023, alongside a full-spectrum security audit targeting its systems, infrastructure, and publicly exposed endpoints. By combining case-based vulnerability assessments with active ethical hacking...

net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered

...

CVE-2025-38282

In the Linux kernel, the following vulnerability has been resolved: kernfs: Relax constraint in draining guard The active reference lifecycle provides the break/unbreak mechanism but the active reference is not truly active after unbreak -- callers don't use it afterwards but it's important for...

CVE-2025-38282 kernfs: Relax constraint in draining guard

In the Linux kernel, the following vulnerability has been resolved: kernfs: Relax constraint in draining guard The active reference lifecycle provides the break/unbreak mechanism but the active reference is not truly active after unbreak -- callers don't use it afterwards but it's important for...

SUSE CVE-2025-38210

In the Linux kernel, the following vulnerability has been resolved: configfs-tsm-report: Fix NULL dereference of tsmops Unlike sysfs, the lifetime of configfs objects is controlled by userspace. There is no mechanism for the kernel to find and delete all created config-items. Instead, the...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Red Teaming AI Red Teaming

Red teaming has evolved from its origins in military applications to become a widely adopted methodology in cybersecurity and AI. In this paper, we take a critical look at the practice of AI red teaming. We argue that despite its current popularity in AI governance, there exists a significant gap...

The vulnerability of the Linux operating system’s kernel, related to improper control over resources throughout its lifecycle, allows a perpetrator to trigger a service failure.

The vulnerability of the Linux operating system’s kernel is related to improper control over resources throughout its lifecycle. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the s390/uv component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the s390/uv component of the Linux operating system’s kernel is related to improper control over resources throughout its lifecycle. Exploiting this vulnerability can allow an attacker to cause service failures...

Axis Communications Active Devices Detection

The current plugin identifies Axis devices that are still under active support. Axis Lifecycle Statuses: - Active: Most current offering within a product category. - End of Life: Discontinued date announced - actively execute migrations and last time buys. Product generally orderable until the...

Axis Communications Discontinued Devices Detection

The current plugin identifies Axis devices that are currently discontinued. Axis Lifecycle Statuses: - Active: Most current offering within a product category. - End of Life: Discontinued date announced - actively execute migrations and last time buys. Product generally orderable until the...

New Guidance Released for Reducing Memory-Related Vulnerabilities

Today, CISA, in partnership with the National Security Agency NSA, released a joint guide on reducing memory-related vulnerabilities in modern software development. Memory safety vulnerabilities pose serious risks to national security and critical infrastructure. Adopting memory safe languages MS...

CVE-2025-38076 alloc_tag: allocate percpu counters for module tags dynamically

In the Linux kernel, the following vulnerability has been resolved: alloctag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still in use and if so, we keep the memory containing module's allocation tags alive until all tags...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a genirq/msi lifecycle issue during the IOMMU conversion process...

Siemens Discontinued Devices Detection

The current plugin identifies Siemens devices that are currently discontinued. Siemens Lifecycle Statuses: - 'PM300:Active Product': Most current offering within a product category. - 'PM400:Announcement of product phase-out': Product in phase-out, support and orders still possible. -...

Siemens Active Devices Detection

The current plugin identifies Siemens devices that are still under active support. Siemens Lifecycle Statuses: - 'PM300:Active Product': Most current offering within a product category. - 'PM400:Announcement of product phase-out': Product in phase-out, support and orders still possible. -...

Siemens End-of-Life Devices Detection

The current plugin identifies Siemens devices that are end-of-life, i.e., still supported but have a discontinued date announced. Siemens Lifecycle Statuses: - 'PM300:Active Product': Most current offering within a product category. - 'PM400:Announcement of product phase-out': Product in phase-ou...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via improper handling of callback references during the destruction of the Channel object. An attacker can cause a fatal interpreter crash by triggering DNS queries that result in the Channel object being garbage collecte...

.NET 9.0 Update - June 10, 2025 (KB5061936)

.NET 9.0 Update - June 10, 2025 KB5061936 NET 9.0 has been refreshed with the latest update as of June 10, 2025. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 9.0 servicing updates are upgrades. The latest servicing update fo...

The vulnerability of the Polarion ALM application lifecycle management software lies in its inability to properly handle incoming requests, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Polarion ALM application lifecycle management software is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...