RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

The threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent. "This is the first time that a RomCom payload has been observed being distributed by SocGholish," Arctic Wolf Labs...

iommu/mediatek: Fix crash on isr after kexec()

...

Semantic Superiority Vs. Forensic Efficiency: A Comparative Analysis of Deep Learning and Psycholinguistics for Business Email Compromise Detection

Business Email Compromise BEC is a sophisticated social engineering threat that manipulates organizational hierarchies and exploits psychological vulnerabilities, leading to significant financial damage. According to the 2024 FBI Internet Crime Report, BEC accounts for over $2.9 billion in annual...

Security update for nvidia-container-toolkit

This update for nvidia-container-toolkit fixes the following issues: Update to version 1.18.0: This is a major release and includes the following high-level changes: The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification instead...

SUSE-SU-2025:4187-1 Security update for nvidia-container-toolkit

This update for nvidia-container-toolkit fixes the following issues: - Update to version 1.18.0: - This is a major release and includes the following high-level changes: - The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification...

KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT

...

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence AI framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet. The activity, codenamed ShadowRay 2.0 , is an evolution...

CVE-2025-36462

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

CVE-2025-13260

A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

CVE-2025-13259

A flaw has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /manufacturer/editunit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

WordPress plugin VK All in One Expansion Unit 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

WordPress plugin VK All in One Expansion Unit 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

CVE-2025-36460

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

CVE-2025-36461

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

CVE-2025-31361

A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue a...

CVE-2025-31361 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability

A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue a...

CVE-2025-36463

Summary: Dell ControlVault3/ControlVault3 Plus are affected by multiple out-of-bounds read/write vulnerabilities in the WBDI Driver Broadcom Storage Adapter. Dell ControlVault3 prior to 5.15.14.19 and ControlVault3 Plus prior to 6.2.36.47 are affected. The issues can be triggered by a crafted Win...

CVE-2025-36463 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

CVE-2025-36462

Mode C: Affected products are Dell ControlVault3 and Dell ControlVault3 Plus. Dell ControlVault3 is vulnerable to multiple out-of-bounds read/write issues in the Broadcom Storage Adapter (WBDI) driver when handling WinBioControlUnit, enabling memory corruption via local attacker access. Specifica...

EUVD-2025-197898

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...