-
The soft underbelly of space isn’t in orbit, it’s on the ground
In this Help Net Security interview, Øystein Thorvaldsen, CISO at KSAT, discusses how adversaries view the ground segment as the practical …
-
Privacy risks sit inside the ads that fill your social media feed
Regulatory limits on explicit targeting have not stopped algorithmic profiling on the web. Ad optimization systems still adapt which ads …
-
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known …
-
Should AI access be treated as a civil right across generations?
AI use is expanding faster than the infrastructure that supports it, and that gap is starting to matter for security, resilience, and …
-
What cybersecurity leaders are reading to stay ahead
If you’re looking for holiday gift ideas, books remain one of the simplest ways to spark curiosity and support someone’s growth. …
-
Linux Kernel Rust Code Sees Its First CVE Vulnerability
Longtime Linux developer Greg Kroah-Hartman announced that the Linux kernel has received its first CVE tied to Rust code. Phoronix …
-
Smashing Security podcast #448: The Kindle that got pwned
Think your Kindle is harmless? Think …
-
France Arrests 22 Year Old After Hack of Interior Ministry Systems
France is now dealing with one of its most serious public sector cybersecurity incidents in recent years, after the Interior Ministry …
-
CVE-2025-68463 – Bio.Entrez in Biopython through 186 allows doctype …
Bio.Entrez in Biopython through 186 allows doctype …
-
CVE-2025-68462 – Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, …
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of …
-
CVE-2025-68459 – RG – AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., …
RG – AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. …
-
CVE-2025-47387 – Memory Corruption when processing IOCTLs for JPEG data without …
Memory Corruption when processing IOCTLs for JPEG data without …
●●●
NVD
- CVE-2025-14856 – A security vulnerability has been detected in y_project RuoYi up to 4.8.1. The affected …
- CVE-2025-14202 – A vulnerability in the file upload at bookmark + asset rendering pipeline allows an …
- CVE-2025-14841 – A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function …
- CVE-2025-14837 – A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function …
- CVE-2025-68463 – Bio.Entrez in Biopython through 186 allows doctype …
EXPLOITS
- Summar Employee Portal 3.98.0 – Authenticated SQL Injection
- esm-dev 136 – Path Traversal
- Pluck 4.7.7-dev2 – PHP Code Execution
- Django 5.1.13 – SQL Injection
- phpMyFAQ 2.9.8 – Cross-Site Request Forgery (CSRF)
SECURELIST
- Operation ForumTroll continues: Russian political scientists targeted using plagiarism rep
- God Mode On: how we attacked a vehicle’s head unit modem
- Frogblight threatens you with a court case: a new Android banker targets Turkish users
- Following the digital trail: what happens to data stolen in a phishing attack
- Turn me on, turn me off: Zigbee assessment in industrial environments