‘Narco-Submarine’ Carrying 4 Tons of Cocaine Captured by Mexico's Navy

Following increased surveillance and patrols of routes used by transnational drug-trafficking networks, Mexican authorities have seized approximately 10 tons of cocaine in the past week alone...

Misconfigured Server Leaks 378GB of Navy Federal Credit Union Files

Cybersecurity researcher Jeremiah Fowler discovered an unsecured and misconfigured server exposing 378 GB of internal Navy Federal Credit…...

U.S. Dept Of Defense: Cross-Site Scripting via 'currentImage' parameter

A Cross-Site Scripting XSS vulnerability was discovered on a website from the U.S. Navy through the 'currentImage' parameter in the GET method. The vulnerability allowed for the injection of malicious scripts that could potentially be executed. A proof of concept was provided that demonstrated th...

SUSE-SU-2025:20227-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - Update to version 20241128 git commit ea71da6f0690: i915: Update Xe2LPD DMC to v2.24 cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops iwlwifi: add Bz-gf FW for core89-91 release amdgpu: update smu 13.0.10...

SUSE-SU-2025:20018-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: Update to version 20240712: amdgpu: update DMCUB to v0.0.225.0 for Various AMDGPU Asics qcom: add gpu firmwares for x1e80100 chipset bsc1219458 linux-firmware: add firmware for qat402xx devices amdgpu: update raven firmware amdgpu: updat...

The US Navy Is Going All In on Starlink

The Navy is testing out the Elon Musk–owned satellite constellation to provide high-speed internet access to sailors at sea. It’s part of a bigger project that’s about more than just getting online...

The US Navy Has Run Out of Pants

Plus: The US intelligence community formally blames Iran for Trump campaign hack, aircraft-tracking platform FlightAware says a “configuration error” exposed sensitive user data, and more...

Whale Song Code

During the Cold War, the US Navy tried to make a secret code out of whale song. The basic plan was to develop coded messages from recordings of whales, dolphins, sea lions, and seals. The submarine would broadcast the noises and a computer--the Combo Signal Recognizer CSR--would detect the specif...

nssd.navy.mil.bd Cross Site Scripting vulnerability OBB-3874190

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips

The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor...

praguegames.cz.navy.globenet.cz Cross Site Scripting vulnerability OBB-3379770

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities

A previously unknown threat actor dubbed NewsPenguin has been linked to a phishing campaign targeting Pakistani entities by leveraging the upcoming international maritime expo as a lure. "The attacker sent out targeted phishing emails with a weaponized document attached that purports to be an...

Culture Fitness

Have you checked in on the overall health of your team lately? What would a new hire think of your current team? Companies all over the world – particularly those of the higher-profile variety – tout their positive cultures and how great it is to be part of the team. This is especially true in th...

MAL-2022-449 Malicious code in @navyfederal/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b2a53d0eedd2b60385997b8d6f50f87e069be4d9a5931b7c7d1657dd9791c64 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Navy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ Gaming

The official Facebook page of a destroyer-class Navy warship, the USS Kidd, has gone rogue: Someone has taken over the page in order to…stream Age of Empires play. Age of Empires is a real-time online multiplayer strategy game in which the objective is to advance one’s civilization. Players “buil...

All Vulnerabilities for fnmoc.navy.mil Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

NetWave System 信息泄露漏洞

Mediatek Net NetWave System is an application system from Mediatek Net, China. System for Navy Fleet Management An information disclosure vulnerability exists in NetWave System 1.0, which originates in index.class.php. The vulnerability allows an unauthenticated attacker to steal sensitive...

PortDoor Espionage Malware Takes Aim at Russian Defense Sector

A previously undocumented backdoor malware, dubbed PortDoor, is being used by a probable Chinese advanced persistent threat actor APT to target the Russian defense sector, according to researchers. The Cybereason Nocturnus Team observed the cybercriminals specifically going after the Rubin Design...

A Navy SEAL, a Quadcopter, and a Quest to Save Lives in Combat

On the battlefield, any doorway can be a death trap. A special ops vet, and his businessman brother, have built an AI to solve that problem...

305 CVEs and Counting: Bug-Hunting Stories From a Security Engineer

Larry Cashdollar, senior security response engineer at Akamai, has been finding CVEs since the 1990s, around when MITRE was first being established. Since then, he’s found 305 CVEs – as well as various security findings, such an IoT bricking malware called Silex, and cybercriminals targeting poor...