kernel: bonding: check xdp prog when set bond mode

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

EUVD-2025-78744

Malicious code in nativeleopardz3n npm...

EUVD-2025-68883

Malicious code in nativeherringz3n npm...

EUVD-2025-62962

Malicious code in nativepinnipedz3n npm...

Malicious code in native_lobster_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af6e88565b971dbc5b805f2004b898859833169b429a27e7b4ccbbd42a10d5ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-80221 Malicious code in native_lobster_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af6e88565b971dbc5b805f2004b898859833169b429a27e7b4ccbbd42a10d5ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-53103

Malicious code in native-red-antlion npm...

EUVD-2025-53102

Malicious code in native-white-mammal npm...

Intel CIP 代码问题漏洞

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from an uncontrolled search path, which can be exploited by an attacker to cause elevation of...

Intel System Support Utility for Windows 代码问题漏洞

Intel System Support Utility for Windows is a Windows platform-based system support utility from Intel Corporation USA. The program is mainly used to identify the hardware model, operating system version, and software installed on the computer. A code issue vulnerability exists in Intel System...

Intel Processor Identification Utility 安全漏洞

Intel Processor Identification Utility is a processor identification utility from Intel Corporation USA. The program supports the display of graphics information, chipset information, processor supported technologies, and other information. A security vulnerability exists in Intel Processor...

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

Google's Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet's Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 CVSS score: 9.1, allows an attacker to bypass authentication and...

EUVD-2025-49748

Malicious code in nativecatsharkz3n npm...

EUVD-2025-46182

Malicious code in nativezebraz3n npm...

EUVD-2025-44038

A SQL injection vulnerability was discovered in Looker Studio that allowed for data exfiltration from BigQuery data sources. By creating a malicious report with native functions enabled, and having the victim access the report, an attacker could execute injected SQL queries with the victim's...

OS Command Injection

@react-native-community/cli is vulnerable to OS Command Injection. The vulnerability is due to an exposed endpoint that accepts attacker-controlled POST data and passes it to system execution paths without proper sanitization, which allows an unauthenticated network attacker to run arbitrary...

EUVD-2025-37852

kgateway is a Cloud-Native API and AI Gateway. Versions 2.0.4 and below and 2.1.0-agw-cel-rbac through 2.1.0-rc.2 lack authentication, allowing any client with unrestricted network access to the xDS port to retrieve potentially sensitive configuration data including certificate data, backend...

New IDC research highlights a major cloud security shift

Cloud security is at a tipping point. While moving to the cloud powers both growth and speed for organizations, it can also bring new risks. According to IDC’s latest research, organizations experienced an average of nine cloud security incidents in 2024, with 89% reporting a year-over-year...

New IDC research highlights a major cloud security shift

Cloud security is at a tipping point. While moving to the cloud powers both growth and speed for organizations, it can also bring new risks. According to IDC’s latest research, organizations experienced an average of nine cloud security incidents in 2024, with 89% reporting a year-over-year...

[SECURITY] Fedora 42 Update: qt5-qtwebview-5.15.18-1.fc42

Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...