CVE-2025-25199 BCryptGenerateSymmetricKey memory leak

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

RAM Scrapers and the Target Data Breach

The retail and hospitality industries have a painful history with wonky point-of-sale systems and malware known as RAM scrapers. These attacks, which date back as many as six years, are designed to be injected into running processes and steal payment card data before it’s encrypted by a...