Phishing False Alarm
A very security-conscious company was hit with a (presumed) massive state-actor phishing attack with gift cards, and everyone rallied to combat it—until it turned out...
Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls
The security provider published mitigation measures to prevent exploitation Read More
Secureworks Exposes North Korean Links to Fraudulent Crowdfunding
Secureworks Counter Threat Unit (CTU) has identified links between North Korean IT workers and fraudulent crowdfunding activities, with the group known as Nickle Tapestry orchestrating...
Microsoft Patches Eight Zero-Days to Start the Year
Patch Tuesday saw Microsoft fix eight zero-days, three of which are being actively exploited Read More
ZDI-25-028: Microsoft Office Word RTF File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in...
ZDI-25-029: Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-25-030: Microsoft Office Word DOCX File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in...
git-lfs-3.6.1-1.fc41
FEDORA-2025-1de066b8af Packages in this update: git-lfs-3.6.1-1.fc41 Update description: Update to latest version Fix CVE-2024-53263 Read More
git-lfs-3.6.1-1.fc40
FEDORA-2025-50deb0acd5 Packages in this update: git-lfs-3.6.1-1.fc40 Update description: Update to latest version Fix CVE-2024-53263 Read More
DSA-5844-1 chromium – security update
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-5844-1 Read More
