Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware

Talos has observed exploitation of CVE-2025-0994 in the wild by UAT-6382, a Chinese-speaking threat actor, who then deployed malware payloads via TetraLoader.

TALOS
#vulnerability#web#ios#mac#windows#apple#microsoft#cisco#js#git#java#intel#backdoor#bios#auth#ssh#ibm#zero_day#webkit
Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

The trove has now been taken down but included users’ logins for platforms including Apple, Google, and Meta, plus services from multiple governments.

Scammers are using AI to impersonate senior officials, warns FBI

Cybercriminals are using AI-based tools to generate voice clones of the voices of senior US officials in order to scam people.

CVE-2025-47181: Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.

New updates for Red Hat Enterprise Linux on confidential virtual machines

The new major release of Red Hat Enterprise Linux (RHEL) brings a number of important improvements in the confidential computing domain. This article covers the most important features available now in both RHEL 10 and RHEL 9.6: Full support for RHEL Unified Kernel Image (UKI), including FIPS and kdump supportIntel Trusted Domain Extension (TDX) guestsTrustee attestation clientFull support for RHEL Unified Kernel Image (UKI)First introduced in RHEL9.2 as a Technology Preview, UKI for RHEL is a UEFI Portable Executable (PE) binary containing the Linux kernel, initramfs, and kernel command line.

Microsoft Dismantles Lumma Stealer Network, Seizes 2,000+ Domains

Microsoft disrupts Lumma Stealer network, seizing 2,000 domains linked to 394,000 infections in global cybercrime crackdown with law enforcement partners.

GHSA-vrpq-qp53-qv56: Eclipse JGit XML External Entity (XXE) Vulnerability

In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) attacks when parsing XML files. This vulnerability can lead to information disclosure, denial of service, and other security issues.

GHSA-qfm8-78qf-p75j: The Front End User Registration extension for TYPO3 (sr_feuser_register) Remote Code Execution

The sr_feuser_register extension through 12.4.8 for TYPO3 allows Remote Code Execution via unsafe deserialization.

GHSA-hq4f-5qjv-fwrg: The Backup Plus extension for TYPO3 (ns_backup) has a Predictable Resource Location

The ns_backup extension through 13.0.0 for TYPO3 has a Predictable Resource Location. This allows an unauthenticated remote user to download created backups and configuration files.

GHSA-pqqp-7cp8-vxvf: Ackites KillWxapkg Zip Bomb Resource Exhaustion

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.