Latest News

ShortLeash backdoor, used in the China-linked LapDogs campaign since 2023, enables stealth access, persistence, and data theft via compromised SOHO routers and fake certs.

Like its predecessor, SparkCat, the new malware appears to be going after sensitive data — such as seed phrases for cryptocurrency wallets — in device photo galleries.

### Impact The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services `letmeind` and `letmeinfwd`. Therefore, the command line option `num-connections` is not effective and does not limit the number of simultaneously incoming connections. `letmeind` is the public network facing daemon (TCP/UDP). `letmeinfwd` is the internal firewall daemon that only listens on local Unix socket. Possible Denial Of Service by resource exhaustion. ### Affected versions All versions `<= 10.2.0` are affected. ### Patches All users shall upgrade to version `10.2.1`. ### Workarounds Untested possible workarounds: - It might be possible to limit the number of active connections to the `letmeind` port (default 5800) via firewall. - The resource consumption of the service might be restricted with a service manager such as systemd. ### Severity: If a (D)DoS is run against the service, *something* is...

Claude Code extensions in VSCode and forks (e.g., Cursor, Windsurf, and VSCodium) and JetBrains IDEs (e.g., IntelliJ, Pycharm, and Android Studio) are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions versions 0.2.116 through 1.0.23 are vulnerable. For Jetbrains IDE plugins, Claude Code [beta] versions 0.1.1 through 0.1.8 are vulnerable. In VSCode (and forks), exploitation would allow an attacker to read arbitrary files, see the list of files open in the IDE, get selection and diagnostics events from the IDE, or execute code in limited situations where a user has an open Jupyter Notebook and accepts a malicious prompt. In JetBrains IDEs, an attacker could get selection events, a list of open files, and a list of syntax errors. **Remediation** We released a patch for this issue on June 13th, 2025. Although Claude Code auto-updates when you launch it and auto-updates the extensions, you...

### Impact XSS - Errors in filters from website page change detection watches were not being filtered. ### Patches 0.50.4

An AI security researcher has developed a proof of concept that uses subtle, seemingly benign prompts to get GPT and Gemini to generate inappropriate content.

IBM is integrating its governance and AI security tools to address the risks associated with the AI adoption boom.

Citrix is recommending its customers upgrade their appliances to mitigate potential exploitation of the vulnerabilities.

DUBAI, United Arab Emirates, 23rd June 2025, CyberNewsWire

### Impact Vert.x 4.5.12 has changed the semantics of the duplication of duplicated context. Duplicated context is an object used to propagate data through a processing (synchronous or asynchronous). Each "transaction" or "processing" runs on its own isolated duplicated context. Initially, duplicating a duplicated context was creating a fresh (empty) new context, meaning that the new duplicated context can be used to managed a separated transaction. In Vert.x 4.5.12, this semantics has changed, and since the content of the parent duplicated context is copied into the new one, potentially leaking data. This CVE is especially for Quarkus as Quarkus extensively uses the Vert.x duplicated context to implement context propagation. With the new semantic data from one transaction can leak to the data from another transaction. From a Vert.x point of view, this new semantic clarifies the behavior. A significant amount of data is stored in the duplicated context, including request scope,...