Five Eyes Launch Guidance to Improve Edge Device Security
The UK and its Five Eyes partners have launched new security guidance for edge device manufacturers and network defenders Read More
Cybercriminals Eye DeepSeek, Alibaba LLMs for Malware Development
Check Point has observed cybercriminals toy with Alibaba’s Qwen LLM to develop infostealers Read More
Destructive Attacks on Financial Institutions Surge
Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks Read More
ZDI-25-084: Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mintty. User interaction is required to exploit this vulnerability in that the...
ZDI-25-085: Logsign Unified SecOps Platform Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this vulnerability. The...
USN-7257-1: Kerberos vulnerability
Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that Kerberos incorrectly authenticated certain responses. An attacker able to...
USN-7255-1: OpenJDK 23 vulnerability
It was discovered that the Hotspot component of OpenJDK 23 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use...
USN-7254-1: OpenJDK 21 vulnerability
It was discovered that the Hotspot component of OpenJDK 21 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use...
USN-7253-1: OpenJDK 17 vulnerability
It was discovered that the Hotspot component of OpenJDK 17 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use...
USN-7252-1: OpenJDK 11 vulnerability
It was discovered that the Hotspot component of OpenJDK 11 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use...
