MATLOCK.CA
130Articles
8Categories
2025-10-29Date
πŸ›
Microsoft Issues Alert on ASP.NET Flaw Allowing HTTP Request Smuggling Attacks
GBHACKERS.COM — 29 Oct 2025
πŸ›
XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
KEVGBHACKERS.COM — 29 Oct 2025
πŸ›
Active Exploits Hit Dassault and XWiki β€” CISA Confirms Critical Flaws Under Attack
THEHACKERNEWS.COM — 29 Oct 2025
πŸ›
Docker Compose Flaw Lets Attackers Overwrite Arbitrary Files
GBHACKERS.COM — 29 Oct 2025
πŸ›
Google Wear OS Flaw Lets Any App Send Texts on Behalf of Users
GBHACKERS.COM — 29 Oct 2025
πŸ›
Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data
SOPHOS.COM — 29 Oct 2025
πŸ›
CVE-2025-40025 f2fs: fix to do sanity check on node footer for non inode dnode
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40051 vhost: vringh: Modify the return value check
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40077 f2fs: fix to avoid overflow while left shift operation
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40064 smc: Fix use-after-free in __pnet_find_base_ndev().
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40038 KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40042 tracing: Fix race condition in kprobe initialization causing NULL pointer dereference
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40029 bus: fsl-mc: Check return value of platform_get_resource()
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40061 RDMA/rxe: Fix race in do_task() when draining
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40078 bpf: Explicitly check accesses to bpf_sock_addr
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40044 fs: udf: fix OOB read in lengthAllocDescs handling
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40052 smb: client: fix crypto buffers in non-linear memory
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40030 pinctrl: check the return value of pinmux_ops::get_function_name()
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40035 Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40053 net: dlink: handle copy_thresh allocation failure
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40055 ocfs2: fix double free in user_cluster_connect()
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40056 vhost: vringh: Fix copy_to_iter return value check
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40040 mm/ksm: fix flag-dropping behavior in ksm_madvise
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40026 KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40060 coresight: trbe: Return NULL pointer for allocation failures
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40080 nbd: restrict sockets to TCP and UDP
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40032 PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40033 remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable()
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40074 ipv4: start using dst_dev_rcu()
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40043 net: nfc: nci: Add parameter validation for packet data
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40039 ksmbd: Fix race condition in RPC handle list access
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40036 misc: fastrpc: fix possible map leak in fastrpc_put_args
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40048 uio_hv_generic: Let userspace take care of interrupt mask
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40081 perf: arm_spe: Prevent overflow in PERF_IDX2OFF()
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40049 Squashfs: fix uninit-value in squashfs_get_parent
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-11840 GNU Binutils ldmisc.c vfinfo out-of-bounds
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40027 net/9p: fix double req put in p9_fd_cancelled
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40065 RISC-V: KVM: Write hgatp register with valid mode bits
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40075 tcp_metrics: use dst_dev_net_rcu()
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40057 ptp: Add a upper bound on max_vclocks
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40068 fs: ntfs3: Fix integer overflow in run_unpack()
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40079 riscv, bpf: Sign extend struct ops return values properly
MSRC.MICROSOFT.COM — 29 Oct 2025
πŸ›
CVE-2025-40071 tty: n_gsm: Don't block input queue by waiting MSC
MSRC.MICROSOFT.COM — 29 Oct 2025
⚠️
Aisuru Botnet Shifts from DDoS to Residential Proxies
KREBSONSECURITY.COM — 29 Oct 2025
⚠️
Atroposia malware kit lowers the bar for cybercrime β€” and raises the stakes for enterprise defenders
CSOONLINE.COM — 29 Oct 2025
⚠️
New Atroposia RAT Uses Hidden Remote Desktop, Vulnerability Scanning and Advanced Persistence
GBHACKERS.COM — 29 Oct 2025
⚠️
Mozilla Enforces Transparency Rules for Data Collection in New Firefox Extensions
GBHACKERS.COM — 29 Oct 2025
⚠️
Top 7 agentic AI use cases for cybersecurity
CSOONLINE.COM — 29 Oct 2025
⚠️
New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs
SECURITYWEEK.COM — 29 Oct 2025
⚠️
CISA Warns of Exploited DELMIA Factory Software Vulnerabilities
SECURITYWEEK.COM — 29 Oct 2025
⚠️
Is your perimeter having an identity crisis?
CSOONLINE.COM — 29 Oct 2025
⚠️
CISA Issues Alert on Active Exploitation of Dassault Systèmes Security Flaws
GBHACKERS.COM — 29 Oct 2025
⚠️
Ad and PR Giant Dentsu Says Hackers Stole Merkle Data
SECURITYWEEK.COM — 29 Oct 2025
⚠️
XWiki Vulnerability Exploited in Cryptocurrency Mining Operation
SECURITYWEEK.COM — 29 Oct 2025
⚠️
Signal’s Post-Quantum Cryptographic Implementation
SCHNEIER.COM — 2025-10-29
⚠️
CyberRidge Emerges From Stealth With $26 Million for Photonic Encryption Solution
SECURITYWEEK.COM — 29 Oct 2025
⚠️
New TEE.fail Exploit Steals Secrets from Intel & AMD DDR5 Trusted Environments
GBHACKERS.COM — 29 Oct 2025
⚠️
Google Publishes New Guide to Help Defenders Monitor Privileged Accounts
GBHACKERS.COM — 29 Oct 2025
⚠️
Massive 4TB EY Database Backup Found Publicly Accessible on Azure
GBHACKERS.COM — 29 Oct 2025
⚠️
Visibility Gaps: Streamlining Patching and Vulnerability Remediation
BLEEPINGCOMPUTER.COM — 29 Oct 2025
⚠️
CISA warns of two more actively exploited Dassault vulnerabilities
KEVSH.ITJUST.WORKS — 29 Oct 2025
⚠️
Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices
THEHACKERNEWS.COM — 29 Oct 2025
⚠️
Is Russia Cracking Down on Cyber Criminals? Fake Death Scams & Exposed AI Servers | Cybersecurity Today
CYBERSECURITYTODAY.LIBSYN.COM — 29 Oct 2025
⚠️
Former L3Harris Trenchant boss pleads guilty to selling zero-day exploits to Russian broker
TECHCRUNCH.COM — 29 Oct 2025
⚠️
WordPress security plugin exposes private data to site subscribers
BLEEPINGCOMPUTER.COM — 29 Oct 2025
⚠️
Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD
KEVRISKY.BIZ — 29 Oct 2025
πŸ“‹
Zehntausende Exchange-Server in Deutschland gefΓ€hrdet
CSOONLINE.COM — 29 Oct 2025
πŸ“’
Discover Practical AI Tactics for GRC β€” Join the Free Expert Webinar
THEHACKERNEWS.COM — 29 Oct 2025
πŸ“’
Google Chrome security advisory (AV25-706)
CYBER.GC.CA — 2025-10-29
πŸ“’
VMware security advisory (AV25-705)
CYBER.GC.CA — 2025-10-29
πŸ“’
Jenkins security advisory (AV25-707)
CYBER.GC.CA — 2025-10-29
πŸ“’
Insider Risk, Ethical Walls and the Future of Data Governance in Financial Services
KNOWBE4.COM — 29 Oct 2025
πŸ“’
Docker security advisory (AV25–708)
CYBER.GC.CA — 2025-10-29
πŸ”₯
LG Uplus is latest South Korean telco to confirm cybersecurity incident
TECHCRUNCH.COM — 29 Oct 2025
πŸ”₯
How to collect memory-only filesystems on Linux systems, (Wed, Oct 29th)
ISC.SANS.EDU — 29 Oct 2025
πŸ”₯
Gunra Ransomware Targets Windows and Linux with Dual Encryption
GBHACKERS.COM — 29 Oct 2025
πŸ”₯
Beast Ransomware Targets Active SMB Connections to Infect Entire Networks
GBHACKERS.COM — 29 Oct 2025
πŸ”₯
Massive Tata Motors Data Leak Exposes 70+ TB of Sensitive Information
GBHACKERS.COM — 29 Oct 2025
πŸ”₯
Ransomware-Attacke auf schwedischen Stromversorger
CSOONLINE.COM — 29 Oct 2025
πŸ”₯
BlueNoroff reemerges with new campaigns for crypto theft and espionage
CSOONLINE.COM — 29 Oct 2025
πŸ”₯
Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc
THEHACKERNEWS.COM — 29 Oct 2025
πŸ”₯
Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics
THEHACKERNEWS.COM — 29 Oct 2025
πŸ”₯
Hackers Allegedly Leak HSBC USA Customer and Financial Information
GBHACKERS.COM — 29 Oct 2025
πŸ”₯
New β€˜Gentlemen’ RaaS Appears on Hacking Forums, Targeting Windows, Linux and ESXi
GBHACKERS.COM — 29 Oct 2025
πŸ”₯
Qilin claims pharmacy benefit manager MedImpact | Cybernews
SH.ITJUST.WORKS — 29 Oct 2025
πŸ”₯
Next-gen firewalls, VPNs can increase security risks: At-Bay
SH.ITJUST.WORKS — 29 Oct 2025
πŸ”₯
Advertising giant Dentsu reports data breach at subsidiary Merkle
SH.ITJUST.WORKS — 29 Oct 2025
πŸ”₯
Report: Organizations Are Struggling to Keep Up With AI-Powered Attacks
KNOWBE4.COM — 29 Oct 2025
πŸ”₯
Canada says hacktivists breached water and energy facilities
BLEEPINGCOMPUTER.COM — 29 Oct 2025
πŸ•΅οΈ
ISC Stormcast For Wednesday, October 29th, 2025 https://isc.sans.edu/podcastdetail/9676, (Wed, Oct 29th)
ISC.SANS.EDU — 29 Oct 2025
πŸ•΅οΈ
Ethical Prompt Injection: Fighting Shadow AI with Its Own Weapon
GBHACKERS.COM — 29 Oct 2025
πŸ•΅οΈ
10 NPM Packages That Automatically Run on Install and Steal Credentials
GBHACKERS.COM — 29 Oct 2025
πŸ•΅οΈ
Emergence of the Chief Trust Officer as CISOs Earn Business Respect and Agenda Shifts - BSW #419
YOUTUBE.COM — 2025-10-29
πŸ•΅οΈ
Chrome to Turn HTTPS on by Default for Public Sites
SECURITYWEEK.COM — 29 Oct 2025
πŸ•΅οΈ
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux
THEHACKERNEWS.COM — 29 Oct 2025
πŸ•΅οΈ
AI Security Firm Polygraf Raises $9.5 Million in Seed Funding
SECURITYWEEK.COM — 29 Oct 2025
πŸ•΅οΈ
Cybercriminals Launch Flood of Fake Forex Platforms to Harvest Logins
GBHACKERS.COM — 29 Oct 2025
πŸ•΅οΈ
New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
The Human-AI Partnership: Securing the New Dual-Front of Business Risk
KNOWBE4.COM — 29 Oct 2025
πŸ•΅οΈ
PureHVNC RAT Distributed via Weaponized Judicial Documents
GBHACKERS.COM — 29 Oct 2025
πŸ•΅οΈ
MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS
SECURITYWEEK.COM — 29 Oct 2025
πŸ•΅οΈ
Russian Hackers Target Government with Stealthy β€œLiving-Off-the-Land” Tactics
GBHACKERS.COM — 29 Oct 2025
πŸ•΅οΈ
Scammers target international students by threatening their visa status - Help Net Security
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
AI agents can leak company data through simple web searches - Help Net Security
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack - SecurityWeek
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
What are You Working on Wednesday
INFOSEC.PUB — 29 Oct 2025
πŸ•΅οΈ
Germany: 92% of Exchange servers left unprotected | Cybernews
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
Hackers Target Swedish Power Grid Operator - SecurityWeek
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
Researchers Expose GhostCall and GhostHire: BlueNoroff's New Malware Chains
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
Sweet Security Brings Runtime-CNAPP Power to Windows
GBHACKERS.COM — 29 Oct 2025
πŸ•΅οΈ
TurboMirai-Class 'Aisuru' Botnet Blamed for 20+ Tbps DDoS Attacks - SecurityWeek
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
Azure down: Thousands of users complain about outage; here's Microsoft's latest statement
SH.ITJUST.WORKS — 29 Oct 2025
πŸ•΅οΈ
Microsoft DNS Outage Disrupts Azure and Microsoft 365 Services Worldwide
GBHACKERS.COM — 29 Oct 2025
πŸ•΅οΈ
MY TAKE: What a cystoscopy taught me about the changing face of patient care β€” and trusting AI
LASTWATCHDOG.COM — 29 Oct 2025
🌐
CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware
TECHCRUNCH.COM — 29 Oct 2025
🌐
AL25-016 Internet-accessible industrial control systems (ICS) abused by hacktivists
CYBER.GC.CA — 2025-10-29
🌐
Malicious NPM packages fetch infostealer for Windows, Linux, macOS
BLEEPINGCOMPUTER.COM — 29 Oct 2025
πŸ“‘
New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves
THEHACKERNEWS.COM — 29 Oct 2025
πŸ“‘
Tata Motors confirms it fixed security flaws, which exposed company and customer data
TECHCRUNCH.COM — 29 Oct 2025
πŸ“‘
TechCrunch Disrupt 2025: Day 3
TECHCRUNCH.COM — 29 Oct 2025
πŸ“‘
Microsoft fixes 0x800F081F errors causing Windows update failures
BLEEPINGCOMPUTER.COM — 29 Oct 2025
πŸ“‘
Which social media are the most privacy-oriented in 2025 | Kaspersky official blog
KASPERSKY.COM — 29 Oct 2025
πŸ“‘
Sophos Firewall v22: Health Check
SOPHOS.COM — 29 Oct 2025
πŸ“‘
New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts
THEHACKERNEWS.COM — 29 Oct 2025
πŸ“‘
PhantomRaven attack floods npm with credential-stealing packages
BLEEPINGCOMPUTER.COM — 29 Oct 2025
πŸ“‘
Microsoft: DNS outage impacts Azure and Microsoft 365 services
BLEEPINGCOMPUTER.COM — 29 Oct 2025
πŸ“‘
Microsoft fixes Media Creation Tool broken on some Windows PCs
BLEEPINGCOMPUTER.COM — 29 Oct 2025
πŸ“‘
Cybersecurity Awareness Month 2025: When seeing isn't believing
WELIVESECURITY.COM — 29 Oct 2025
πŸ“‘
One IP address, many users: detecting CGNAT to reduce collateral effects
CLOUDFLARE.COM — 29 Oct 2025
πŸ“‘
Defending QUIC from acknowledgement-based DDoS attacks
CLOUDFLARE.COM — 29 Oct 2025