🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
21 MarChromium: CVE-2025-2476 Use after free in LensThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
21 MarCVE-2025-29795 Microsoft Edge (Chromium-based) Update Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 4[−]
21 MarIBM's Operating System Is A Perfect 10 - In Terms of Cybersecurity Vulnerability. Cyber Security Today for March 21, 2025Cybersecurity Today: Critical IBM AIX Vulnerability and Major Browser Exploits Revealed In this episode, host Jim Love discusses pressing cybersecurity issues, including IBM's AIX operating system scoring a perfect 10 in security vulnerability, leaving critical sectors exposed to…CYBERSECURITYTODAY.LIBSYN.COM
21 MarAnalyzing the Global Increase in Vulnerability Scanning in 2024BotPoke comes to the foreground yet again.F5.COM
21 MarAnalyzing the Global Increase in Vulnerability Scanning in 2024BotPoke comes to the foreground yet again.F5.COM
21 MarAnalyzing the Global Increase in Vulnerability Scanning in 2024BotPoke comes to the foreground yet again.F5.COM
🔥 INCIDENT REPORTING 1[−]
21 MarAlbabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline OperationsTrend Research encounters new versions of the Albabat ransomware, which appears to target Windows, Linux, and macOS devices. We also reveal the group’s use of GitHub to streamline their ransomware operation.TRENDMICRO.COM
🕵️ THREAT INTELLIGENCE 1[−]
21 MarWeekly Update 444Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. It's time to fly! 🇬🇧 🇮🇸 🇮🇪 That's two new flags (or if you're on Windows and can't see flag emojis…TROYHUNT.COM
📡 INFOSEC NEWS 2[−]
21 MarArrests in Tap-to-Pay Scheme Powered by PhishingAuthorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were…KREBSONSECURITY.COM
21 MarFinding bugs in implementations of HQC, the fifth post-quantum standardFollowing the introduction of crypto-condor and differential fuzzing in earlier blogposts, we showcase a use case where Quarsklab's automated test suite for cryptographic implementations allowed us to improve the reference implementation of the recently standardized HQC scheme.QUARKSLAB.COM