MATLOCK.CA
118Articles
8Categories
2025-12-16Date
πŸ›
JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation
GBHACKERS.COM — 16 Dec 2025
πŸ›
CVE-2022-50406 iomap: iomap: fix memory corruption when recording errors during writeback
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2023-53410 USB: ULPI: fix memory leak with using debugfs_lookup()
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2023-53387 scsi: ufs: core: Fix device management cmd timeout flow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2023-53367 accel/habanalabs: fix mem leak in capture user mappings
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-44905 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-44904 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-7067 HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-7068 HDF5 H5FL.c H5FL__malloc memory leak
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-6269 HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-6858 HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-6816 HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-6856 HDF5 H5FL.c H5FL__reg_gc_list use after free
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-6750 HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-6857 HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-6818 HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-2913 HDF5 H5FL.c H5FL__blk_gc_list use after free
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-2925 HDF5 H5MM.c H5MM_realloc double free
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-2926 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-2923 HDF5 H5Fint.c H5F_addr_encode_len heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-2924 HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-2914 HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-2153 HDF5 h5 File H5SM.c H5SM_delete heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-2310 HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-40345 usb: storage: sddr55: Reject out-of-bound new_pba
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-37731 Elasticsearch Improper Authentication
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass
THEHACKERNEWS.COM — 16 Dec 2025
πŸ›
CISA Alerts on Apple WebKit Zero-Day Actively Used in Cyberattacks
KEVGBHACKERS.COM — 16 Dec 2025
πŸ›
OpenShift GitOps Vulnerability Allows Attackers to Escalate Privileges to Root
GBHACKERS.COM — 16 Dec 2025
πŸ›
Critical FortiGate SSO Vulnerability Actively Exploited in Real-World Attacks
KEVGBHACKERS.COM — 16 Dec 2025
πŸ›
Microsoft Outlines Mitigation for React2Shell RCE Vulnerability in React Server Components
GBHACKERS.COM — 16 Dec 2025
πŸ›
CVE-2025-40328 smb: client: fix potential UAF in smb2_close_cached_fid()
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-40342 nvme-fc: use lock accessing port_state and rport state
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-40329 drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-40341 futex: Don't leak robust_list pointer on exec race
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-40343 nvmet-fc: avoid scheduling association deletion twice
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-40331 sctp: Prevent TOCTOU out-of-bounds write
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-40333 f2fs: fix infinite loop in __insert_extent_tree()
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
CVE-2025-40337 net: stmmac: Correctly handle Rx checksum offload errors
MSRC.MICROSOFT.COM — 16 Dec 2025
πŸ›
Russian APT group pivots to network edge device misconfigurations
CSOONLINE.COM — 16 Dec 2025
πŸ›
Thinking Outside The Box [dusted off draft from 2017]
PROJECTZERO.GOOGLE — 2025-12-16
⚠️
Chrome Extension with 6M+ Users Found Collecting AI Chatbot Inputs
GBHACKERS.COM — 16 Dec 2025
⚠️
How to create a ransomware playbook that works
CSOONLINE.COM — 16 Dec 2025
⚠️
Security content of iOS 26.2 and iPadOS 26.2
INFOSEC.PUB — 16 Dec 2025
⚠️
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors
KEVTHEHACKERNEWS.COM — 16 Dec 2025
⚠️
In-the-Wild Exploitation of Fresh Fortinet Flaws Begins
SECURITYWEEK.COM — 16 Dec 2025
⚠️
Developing Open Source Skills for Maintaining Projects - Kat Cosgrove - ASW #361
YOUTUBE.COM — 2025-12-16
⚠️
European authorities dismantle call center fraud ring in Ukraine
BLEEPINGCOMPUTER.COM — 16 Dec 2025
⚠️
JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover
SECURITYWEEK.COM — 16 Dec 2025
⚠️
β€˜Featured’ Urban VPN caught stealing private AI chats
CSOONLINE.COM — 16 Dec 2025
⚠️
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
THEHACKERNEWS.COM — 16 Dec 2025
⚠️
ZnDoor Malware Exploiting React2Shell Vulnerability to Compromise Network Devices
SH.ITJUST.WORKS — 16 Dec 2025
⚠️
Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks
SECURITYWEEK.COM — 16 Dec 2025
⚠️
The mistold story of a software failure that grounded 6,000 jets
CSOONLINE.COM — 16 Dec 2025
⚠️
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
SH.ITJUST.WORKS — 16 Dec 2025
⚠️
Nation-State and Cybercrime Exploits Tied to React2Shell
SH.ITJUST.WORKS — 16 Dec 2025
⚠️
700,000 Records Compromised in Askul Ransomware Attack
SECURITYWEEK.COM — 16 Dec 2025
⚠️
Urban VPN beim Diebstahl privater KI-Chats erwischt
CSOONLINE.COM — 16 Dec 2025
⚠️
The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet
BLEEPINGCOMPUTER.COM — 16 Dec 2025
⚠️
LLMs Can't Sign CLAs
YOUTUBE.COM — 2025-12-16
⚠️
Hackers exploit newly patched Fortinet auth bypass flaws
BLEEPINGCOMPUTER.COM — 16 Dec 2025
⚠️
Demystifying risk in AI
CSOONLINE.COM — 16 Dec 2025
⚠️
Phishing in Telegram Mini Apps: how to avoid taking the bait | Kaspersky official blog
KASPERSKY.COM — 16 Dec 2025
⚠️
From Open Source to OpenAI: The Evolution of Third-Party Risk
SECURITYWEEK.COM — 16 Dec 2025
⚠️
Russian Hackers Launch Attacks on Network Edge Devices in Western Critical Infrastructure
GBHACKERS.COM — 16 Dec 2025
⚠️
SoundCloud Confirms Data Breach After Hackers Steal User Account Information
GBHACKERS.COM — 16 Dec 2025
⚠️
Internet-Based Solar Panel Systems Vulnerable to Rapid Cyberattacks
GBHACKERS.COM — 16 Dec 2025
⚠️
GhostPairing Attack Exposes WhatsApp Accounts to Full Takeover via Phone Numbers
GBHACKERS.COM — 16 Dec 2025
⚠️
Phishing Campaign Targets Executives With Phony Awards
KNOWBE4.COM — 16 Dec 2025
⚠️
Santa's Stealer: Malware as a Service
YOUTUBE.COM — 2025-12-16
⚠️
Welcome to the new Project Zero Blog
PROJECTZERO.GOOGLE — 2025-12-16
⚠️
Use GWP-ASan to detect exploits in production environments
TRAILOFBITS.COM — 16 Dec 2025
πŸ“’
Microsoft will finally kill obsolete cipher that has wreaked decades of havoc
SH.ITJUST.WORKS — 16 Dec 2025
πŸ“’
Red Hat security advisory (AV25-841)
CYBER.GC.CA — 2025-12-16
πŸ”₯
Google to Shut Down Dark Web Monitoring Tool in February 2026
THEHACKERNEWS.COM — 16 Dec 2025
πŸ”₯
SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data
GBHACKERS.COM — 16 Dec 2025
πŸ”₯
Jaguar Land Rover Confirms August Cyberattack Led to Employee Data Theft
GBHACKERS.COM — 16 Dec 2025
πŸ”₯
User Data Compromised in SoundCloud Hack
SECURITYWEEK.COM — 16 Dec 2025
πŸ”₯
Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files
SH.ITJUST.WORKS — 16 Dec 2025
πŸ”₯
SoundCloud confirms breach after member data stolen, VPN access disrupted
SH.ITJUST.WORKS — 16 Dec 2025
πŸ”₯
Internet-Ausfall im Bundestag wohl kein Cyberangriff
CSOONLINE.COM — 16 Dec 2025
πŸ”₯
Cyberattack disrupts Venezuelan oil giant PDVSA's operations
BLEEPINGCOMPUTER.COM — 16 Dec 2025
πŸ”₯
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
THEHACKERNEWS.COM — 16 Dec 2025
πŸ”₯
LLM-Driven Automation: A New Catalyst for Ransomware and RaaS Ecosystems
GBHACKERS.COM — 16 Dec 2025
πŸ”₯
German parliament suffers suspected cyberattack during Zelenskiy’s visit, FT reports
SH.ITJUST.WORKS — 16 Dec 2025
πŸ”₯
Weekly Update 482
TROYHUNT.COM — 16 Dec 2025
πŸ•΅οΈ
ISC Stormcast For Tuesday, December 16th, 2025 https://isc.sans.edu/podcastdetail/9740, (Tue, Dec 16th)
ISC.SANS.EDU — 16 Dec 2025
πŸ•΅οΈ
LW ROUNDTABLE: Part 4, Trust frameworks on trial and the push toward verifiable systems
LASTWATCHDOG.COM — 16 Dec 2025
πŸ•΅οΈ
PornHub extorted after hackers steal Premium member activity data
SH.ITJUST.WORKS — 16 Dec 2025
πŸ•΅οΈ
Chinese Surveillance and AI
SCHNEIER.COM — 2025-12-16
πŸ•΅οΈ
xHunt APT Hackers Attacking Microsoft Exchange and IIS Web Servers to Deploy Custom Backdoors
SH.ITJUST.WORKS — 16 Dec 2025
πŸ•΅οΈ
New SantaStealer malware steals data from browsers, crypto wallets
SH.ITJUST.WORKS — 16 Dec 2025
πŸ•΅οΈ
Atlassian Patches Critical Apache Tika Flaw - SecurityWeek
SH.ITJUST.WORKS — 16 Dec 2025
πŸ•΅οΈ
Verisoul Raises $8.8 Million for Fraud Prevention
SECURITYWEEK.COM — 16 Dec 2025
πŸ•΅οΈ
Echo Raises $35 Million in Series A Funding
SECURITYWEEK.COM — 16 Dec 2025
πŸ•΅οΈ
CyberheistNews Vol 15 #50 [NEW FEATURE] KnowBe4 Releases Deepfake Training to Combat AI Threats!
KNOWBE4.COM — 16 Dec 2025
πŸ•΅οΈ
CISO Communities – Cybersecurity’s Secret Weapon
SECURITYWEEK.COM — 16 Dec 2025
πŸ•΅οΈ
PornHub extorted after hackers steal Premium member activity data
INFOSEC.PUB — 16 Dec 2025
πŸ•΅οΈ
Where Cloud Security Stands Today and Where AI Breaks It
PALOALTONETWORKS.COM — 16 Dec 2025
πŸ•΅οΈ
Untangling Hybrid Cloud Security
PALOALTONETWORKS.COM — 16 Dec 2025
πŸ•΅οΈ
Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026
GBHACKERS.COM — 16 Dec 2025
πŸ•΅οΈ
News Alert: Link11’s Top 5 cybersecurity trends set to shape European defense strategies in 2026
LASTWATCHDOG.COM — 16 Dec 2025
πŸ•΅οΈ
Amazon disrupts Russian GRU hackers attacking edge network devices
BLEEPINGCOMPUTER.COM — 16 Dec 2025
πŸ•΅οΈ
Kubernetes SIGs: Horizontal & Vertical
YOUTUBE.COM — 2025-12-16
πŸ•΅οΈ
Pornhub, WSL, Santastealer, Geoserver, Webkit, Fortiyomama, Dad's pix, Aaran Leyland - SWN #538
YOUTUBE.COM — 2025-12-16
🌐
Most Parked Domains Now Serving Malicious Content
KREBSONSECURITY.COM — 16 Dec 2025
🌐
GhostPoster attacks hide malicious JavaScript in Firefox addon logos
BLEEPINGCOMPUTER.COM — 16 Dec 2025
🌐
Cellik Android malware builds malicious versions from Google Play apps
BLEEPINGCOMPUTER.COM — 16 Dec 2025
🌐
ESET Threat Report H2 2025
WELIVESECURITY.COM — 16 Dec 2025
πŸŽ™οΈ
The AI Fix #81: ChatGPT is the last AI you’ll understand, and your teacher is a deepfake
GRAHAMCLULEY.COM — 16 Dec 2025
πŸ“‘
Why Data Security and Privacy Need to Start in Code
THEHACKERNEWS.COM — 16 Dec 2025
πŸ“‘
Microsoft to block Exchange Online access for outdated mobile devices
BLEEPINGCOMPUTER.COM — 16 Dec 2025
πŸ“‘
Hacking group says it’s extorting Pornhub after stealing users’ viewing data
TECHCRUNCH.COM — 16 Dec 2025
πŸ“‘
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
THEHACKERNEWS.COM — 16 Dec 2025
πŸ“‘
Texas sues TV makers for taking screenshots of what people watch
BLEEPINGCOMPUTER.COM — 16 Dec 2025
πŸ“‘
[webapps] Summar Employee Portal 3.98.0 - Authenticated SQL Injection
EXPLOIT-DB.COM — 16 Dec 2025
πŸ“‘
[webapps] esm-dev 136 - Path Traversal
EXPLOIT-DB.COM — 16 Dec 2025