CVE-2025-66361

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

CVE-2025-66361

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

PT-2025-48285

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

CVE-2025-66361

CVE-2025-66361 affects Logpoint SIEM prior to 7.7.0. The issue is exposure of sensitive information in System Processes during extended high CPU load. Connected sources (Red Hat, CIRCL, EUVD, NVD, etc.) corroborate the same description. No root-cause technical specifics or remediation steps are p...

TencentOS Server 4: screen (TSSA-2025:0404)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0404 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

AlmaLinux 9 : webkit2gtk3 (ALSA-2025:20922)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20922 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted web...

An In-Depth Systematic Analysis of the Security, Usability, and Automation Capabilities of Password Update Processes on Top-Ranked Websites

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical cyber hygiene measure. However, password update processe...

EUVD-2025-84338

System call entry on Cortex M and possibly R and A, but I think not has a race which allows very practical privilege escalation for malicious userspace processes...

Malicious Package

Overview MCDbRepository is a malicious package. This package contains malicious code that injects time-delayed destructive payloads into database operations and target industrial control systems. Published under the NuGet alias shanhai666 together with 8 other malicious packages between 2023 and...

Improper Authentication Exposure

github.com/chaos-mesh/chaos-mesh is vulnerable to improper authentication exposure. The vulnerability is due to the Chaos Controller Manager exposing an unauthenticated GraphQL debugging server to the entire Kubernetes cluster, which allows an attacker to kill arbitrary processes in any pod...

Risk Psychology and Cyber-Attack Tactics

We examine whether measured cognitive processes predict cyber-attack behavior. We analyzed data that included psychometric scale responses and labeled attack behaviors from cybersecurity professionals who conducted red-team operations against a simulated enterprise network. We employed multilevel...

CVE-2025-61303

CVE-2025-61303 concerns a vulnerability in the Windows behavioral analysis engine used by Hatching Triage Sandbox (Windows 10 build 2004 and Windows 10 LTSC 2021). The issue arises when a sample recursively spawns a very large number of child processes, producing an extreme log volume and exhaust...

CVE-2025-61909

Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...

Icinga 2 安全漏洞

Icinga 2 is a monitoring system from Icinga open source. A security vulnerability exists in Icinga 2 versions 2.10.0 through 2.15.1 and earlier, 2.14.7, and 2.13.13, which stems from a safe-reload script and logrotate configuration that allows Icinga users to send signals to other processes,...

EUVD-2022-55152

In the Linux kernel, the following vulnerability has been resolved: mm: fix unexpected zeroed page mapping with zram swap Two processes under CLONEVM cloning, user process can be corrupted by seeing zeroed page unexpectedly. CPU A CPU B doswappage doswappage SWPSYNCHRONOUSIO path SWPSYNCHRONOUSIO...

CVE-2025-11709

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

EUVD-2020-6265

Malware in sbrugna...

EUVD-2020-28404

Malware in sbrugna...

EUVD-2019-15180

Malware in sbrugna...

EUVD-1999-0973

Malware in sbrugna...