ZDI-25-212: (Pwn2Own) Synology BeeStation BST150-4T Improper Authentication Vulnerability

Read Time:13 Second

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Synology BeeStation BST150-4T devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-50630.

Erlang/OTP RCE (CVE-2025-32433)

What is the Vulnerability? A critical SSH vulnerability has recently been identified in the Erlang/Open Telecom Platform (OTP). The vulnerability,...

April 22, 2025

digikam-8.6.0-4.fc40

FEDORA-2025-97687e7f68 Packages in this update: digikam-8.6.0-4.fc40 Update description: update internal Libraw to 2025/03/17 snapshot Read More

April 21, 2025

digikam-8.6.0-4.fc41

FEDORA-2025-5bbbb2df79 Packages in this update: digikam-8.6.0-4.fc41 Update description: update internal Libraw to 2025/03/17 snapshot Read More

April 21, 2025

digikam-8.6.0-4.fc42

FEDORA-2025-1c1e378468 Packages in this update: digikam-8.6.0-4.fc42 Update description: update internal Libraw to 2025/03/17 snapshot Read More

April 21, 2025

epiphany-47.6-1.fc41

FEDORA-2025-164c668d6a Packages in this update: epiphany-47.6-1.fc41 Update description: Update to 47.6, notably fixing CVE-2025-3839 Read More

April 21, 2025

epiphany-48.2-1.fc42

FEDORA-2025-efbe201596 Packages in this update: epiphany-48.2-1.fc42 Update description: Update to 48.2, notably fixing CVE-2025-3839 Read More

April 21, 2025

Microsoft Reports 92% Adoption Rate for Phishing-Resistant MFA Among Corporate Users

Android Improves Its Security

SuperCard X Enables Contactless ATM Fraud in Real-Time

Billbug Espionage Group Deploys New Tools in Southeast Asia

New Cryptojacking Malware Targets Docker with Novel Mining Technique

The AI Fix #47: An AI is the best computer programmer in the world

Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily

$40bn Southeast Asian Scam Sector Growing “Like a Cancer”

Crosswalks hacked to play fake audio of Musk, Zuck, and Jeff Bezos

ZDI-25-212: (Pwn2Own) Synology BeeStation BST150-4T Improper Authentication Vulnerability

Erlang/OTP RCE (CVE-2025-32433)

digikam-8.6.0-4.fc40

digikam-8.6.0-4.fc41

digikam-8.6.0-4.fc42

epiphany-47.6-1.fc41

epiphany-48.2-1.fc42