Advisories
-
European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms
This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware Read More
-
Paragon Spyware used to Spy on European Journalists
Paragon is a Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of their product. Citizen Lab caught them spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025, a select group of iOS users were notified by Apple that they…
-
Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool Read More
-
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email Read More
-
apache-commons-beanutils-1.9.4-39.fc41
FEDORA-2025-3eb7c0066f Packages in this update: apache-commons-beanutils-1.9.4-39.fc41 Update description: Fix improper access control vulnerability Resolves: CVE-2025-48734 Read More
-
apache-commons-beanutils-1.9.4-39.fc42
FEDORA-2025-48e8e5f8ed Packages in this update: apache-commons-beanutils-1.9.4-39.fc42 Update description: Fix improper access control vulnerability Resolves: CVE-2025-48734 Read More
-
USN-7550-7: Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: – GPU drivers; – Sun RPC protocol; (CVE-2024-56551, CVE-2024-56608, CVE-2024-53168) Read More
-
South African man imprisoned after ransom demand against his former employer
Lucky Erasmus and a company insider installed software without authorisation on Ecentric’s systems which granted them remote access, enabling them to steal sensitive data and make unauthorised changes to senior managers’ passwords. Read more in my article on the Hot for Security blog. Read More
-
chromium-137.0.7151.103-1.el10_1
FEDORA-EPEL-2025-73b10a6316 Packages in this update: chromium-137.0.7151.103-1.el10_1 Update description: Update to 137.0.7151.103 CVE-2025-5958: Use after free in Media CVE-2025-5959: Type Confusion in V8 Read More
-
chromium-137.0.7151.103-1.el9
FEDORA-EPEL-2025-549cb45f1c Packages in this update: chromium-137.0.7151.103-1.el9 Update description: Update to 137.0.7151.103 CVE-2025-5958: Use after free in Media CVE-2025-5959: Type Confusion in V8 Read More