MATLOCK.CA
146Articles
8Categories
2025-12-17Date
๐Ÿšจ
CISA Adds Actively Exploited Fortinet Signature Verification Flaw to KEV CatalogThe Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-59718 to its Known Exploited Vulnerabilities (KEV) catalog, marking the latest Fortinet vulnerability being actively exploited in the wild. The flaw affects multiple Fortinet products and poโ€ฆ
KEVGBHACKERS.COM — 17 Dec 2025
๐Ÿ›
FortiGate firewall credentials being stolen after vulnerabilities discovered
KEVCSOONLINE.COM — 17 Dec 2025
๐Ÿ›
CISA Alerts on Actively Exploited Gladinet CentreStack and Triofox Flaws
KEVGBHACKERS.COM — 17 Dec 2025
๐Ÿ›
NVIDIA Isaac Lab Flaw Enables Remote Code Execution
GBHACKERS.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-38384 mtd: spinand: fix memory leak of ECC engine conf
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-38386 ACPICA: Refuse to evaluate a method if arguments are missing
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-38389 drm/i915/gt: Fix timeline left held on VMA alloc error
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-38387 RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
Russische APT-Gruppe greift westliche KRITIS-Betreiber an
CSOONLINE.COM — 17 Dec 2025
๐Ÿ›
JumpCloud agent turns uninstall into a system shortcut
CSOONLINE.COM — 17 Dec 2025
๐Ÿ›
Critical React2Shell flaw exploited in ransomware attacks
BLEEPINGCOMPUTER.COM — 17 Dec 2025
๐Ÿ›
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
KEVTHEHACKERNEWS.COM — 17 Dec 2025
๐Ÿ›
ForumTrol Operation Uses Chrome Zero-Day in Fresh Phishing Attacks
GBHACKERS.COM — 17 Dec 2025
๐Ÿ›
Microsoft Desktop Window Manager Flaw Allows Privilege Escalation
GBHACKERS.COM — 17 Dec 2025
๐Ÿ›
Nagios XI 2026R1.1 Released to Patch Privilege Escalation Vulnerability
GBHACKERS.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditions
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68223 drm/radeon: delete radeon_fence_process in is_signaled, no deadlock
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68201 drm/amdgpu: remove two invalid BUG_ON()s
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68266 bfs: Reconstruct file type when loading from disk
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68198 crash: fix crashkernel resource shrink
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-40354 drm/amd/display: increase max link count and fix link->enc NULL pointer access
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_request
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68230 drm/amdgpu: fix gpu page fault after hibernation on PF passthrough
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68264 ext4: refresh inline data size before write operations
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68231 mm/mempool: fix poisoning order>0 pages with HIGHMEM
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68219 cifs: fix memory leak in smb3_fs_context_parse_param error path
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68261 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68174 amd/amdkfd: enhance kfd process check in switch partition
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-40355 sysfs: check visibility before changing group attribute ownership
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68259 KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68239 binfmt_misc: restore write access before closing files opened by open_exec()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68257 comedi: check device's attached status in compat ioctls
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68206 netfilter: nft_ct: add seqadj extension for natted connections
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68254 staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68209 mlx5: Fix default values in create CQ
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68237 mtdchar: fix integer overflow in read/write ioctls
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68233 drm/tegra: Add call to put_pid()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-67897 In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet.
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68224 scsi: core: Fix a regression triggered by scsi_host_busy()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CT
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68190 drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68211 ksm: use range-walk function to jump over holes in scan_get_next_rmap_item
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68203 drm/amdgpu: fix lock warning in amdgpu_userq_fence_driver_process
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68196 drm/amd/display: Cache streams targeting link when performing LT automation
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-40362 ceph: fix multifs mds auth caps issue
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68235 nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68229 scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-40353 arm64: mte: Do not warn if the page is already tagged in copy_highpage()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68214 timers: Fix NULL function pointer race in timer_shutdown_sync()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68204 pmdomain: arm: scmi: Fix genpd leak on provider registration failure
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68175 media: nxp: imx8-isi: Fix streaming cleanup on release
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68265 nvme: fix admin request_queue lifetime
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68236 scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down (PC=3)
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68227 mptcp: Fix proto fallback detection with BPF
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68256 staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68220 net: ethernet: ti: netcp: Standardize knav_dma_open_channel to return NULL on error
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68222 pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68281 ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68217 Input: pegasus-notetaker - fix potential out-of-bounds access
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68188 tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-68258 comedi: multiq3: sanitize config options in multiq3_attach()
MSRC.MICROSOFT.COM — 17 Dec 2025
๐Ÿ›
CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode
MSRC.MICROSOFT.COM — 17 Dec 2025
โš ๏ธ
React2Shell Vulnerability, Black Force Phishing Kit, Microsoft OAuth Attacks, and PornHub Data Breach
CYBERSECURITYTODAY.LIBSYN.COM — 17 Dec 2025
โš ๏ธ
ClickFix Spoof of โ€œWord Onlineโ€ Used to Spread DarkGate Malware
GBHACKERS.COM — 17 Dec 2025
โš ๏ธ
New Moonwalk++ PoC Demonstrates How Malware Can Forge Windows Call Stacks to Evade Detection
GBHACKERS.COM — 17 Dec 2025
โš ๏ธ
Blind Eagle Hackers Exploit Trust to Bypass Email Security Controls
GBHACKERS.COM — 17 Dec 2025
โš ๏ธ
Chrome Security Update Fixes Remote Code Execution Flaws
GBHACKERS.COM — 17 Dec 2025
โš ๏ธ
The devil of proposed SEC AI disclosure rule is in the details
CSOONLINE.COM — 17 Dec 2025
โš ๏ธ
Dux Emerges From Stealth Mode With $9 Million in Funding
SECURITYWEEK.COM — 17 Dec 2025
โš ๏ธ
Cybersecurity Hiring Trends as Boards Bridge Confidence Gap and Build Strategic Lever - BSW #426
YOUTUBE.COM — 2025-12-17
โš ๏ธ
Hackers exploit newly patched Fortinet auth bypass flaws
SH.ITJUST.WORKS — 17 Dec 2025
โš ๏ธ
A tool for monitoring integrity of bootchain
SH.ITJUST.WORKS — 17 Dec 2025
โš ๏ธ
GPU Efficiency in VLAI Model Training
INFOSEC.PUB — 17 Dec 2025
โš ๏ธ
Chinese espionage crew 'Ink Dragon' expands its snooping activities into European government servers, security researchers say
INFOSEC.PUB — 17 Dec 2025
โš ๏ธ
EOR Interview: 3 Key Questions
YOUTUBE.COM — 2025-12-17
โš ๏ธ
Maybe a Little Bit More Interesting React2Shell Exploit, (Wed, Dec 17th)
ISC.SANS.EDU — 17 Dec 2025
โš ๏ธ
Sonicwall warns of new SMA1000 zero-day exploited in attacks
BLEEPINGCOMPUTER.COM — 17 Dec 2025
โš ๏ธ
Apple & Google Emergency Patches for Zero Days
YOUTUBE.COM — 2025-12-17
โš ๏ธ
Cisco warns of unpatched AsyncOS zero-day exploited in attacks
KEVBLEEPINGCOMPUTER.COM — 17 Dec 2025
โš ๏ธ
Cisco says Chinese hackers are exploiting its customers with a new zero-day
TECHCRUNCH.COM — 17 Dec 2025
โš ๏ธ
Hackers Can Seize Control of Car Dashboards Through Modem Vulnerabilities
GBHACKERS.COM — 17 Dec 2025
โš ๏ธ
GhostPoster Attack Uses PNG Icons to Compromise 50,000 Firefox Users
GBHACKERS.COM — 17 Dec 2025
โš ๏ธ
Zeroday Cloud hacking event awards $320,0000 for 11 zero days
BLEEPINGCOMPUTER.COM — 17 Dec 2025
โš ๏ธ
Chinaโ€™s Zero-Day Pipeline: From Discovery to Deployment
RECORDEDFUTURE.COM — 17 Dec 2025
๐Ÿ“ข
Deliberate Internet Shutdowns
SCHNEIER.COM — 2025-12-17
๐Ÿ“ข
Tenable security advisory (AV25-842)
CYBER.GC.CA — 2025-12-17
๐Ÿ“ข
Google Chrome security advisory (AV25-843)
CYBER.GC.CA — 2025-12-17
๐Ÿ“ข
HPE security advisory (AV25-844)
CYBER.GC.CA — 2025-12-17
๐Ÿ“ข
SonicWall security advisory (AV25-845)
CYBER.GC.CA — 2025-12-17
๐Ÿ“ข
Mozilla security advisory (AV25-846)
CYBER.GC.CA — 2025-12-17
๐Ÿ“ข
Drupal security advisory (AV25-847)
CYBER.GC.CA — 2025-12-17
๐Ÿ“ข
Cisco security advisory (AV25-848) โ€“ Update 1
CYBER.GC.CA — 2025-12-17
๐Ÿ“ข
France arrests suspect tied to cyberattack on Interior Ministry
BLEEPINGCOMPUTER.COM — 17 Dec 2025
๐Ÿ”ฅ
Auto Parts Giant LKQ Confirms Oracle EBS Breach
SECURITYWEEK.COM — 17 Dec 2025
๐Ÿ”ฅ
Venezuelan Oil Company Downplays Alleged US Cyberattack
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ”ฅ
Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time
THEHACKERNEWS.COM — 17 Dec 2025
๐Ÿ”ฅ
US Autoparts Maker LKQ Confirms Oracle EBS Breach - Infosecurity Magazine
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ”ฅ
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
THEHACKERNEWS.COM — 17 Dec 2025
๐Ÿ”ฅ
Chinese Hackers Turn Compromised Servers Into ShadowPad Nodes
GBHACKERS.COM — 17 Dec 2025
๐Ÿ”ฅ
Singularity Linux Kernel Rootkit with klogctl Detection Evasion
GBHACKERS.COM — 17 Dec 2025
๐Ÿ”ฅ
Amazon: Ongoing cryptomining campaign uses hacked AWS accounts
BLEEPINGCOMPUTER.COM — 17 Dec 2025
๐Ÿ”ฅ
Web Hosting Talk - 515,149 breached accounts
HAVEIBEENPWNED.COM — 17 Dec 2025
๐Ÿ”ฅ
The $0 Transaction That Signaled a Nation-State Cyberattack
RECORDEDFUTURE.COM — 17 Dec 2025
๐Ÿ”ฅ
Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack
RISKY.BIZ — 17 Dec 2025
๐Ÿ•ต๏ธ
ISC Stormcast For Wednesday, December 17th, 2025 https://isc.sans.edu/podcastdetail/9742, (Wed, Dec 17th)
ISC.SANS.EDU — 17 Dec 2025
๐Ÿ•ต๏ธ
Parked Domains Emerge as a Primary Channel for Malware and Phishing
GBHACKERS.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Cellik Android Malware Uses One-Click APK Builder to Hide in Play Store Apps
GBHACKERS.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Telekom startet System gegen Betrugsanrufe
CSOONLINE.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
GhostPoster Firefox Extensions Hide Malware in Icons
SECURITYWEEK.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
ForumTroll targets political scientists | Kaspersky official blog
KASPERSKY.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure | Amazon Web Services
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
Adaptive Security Raises $81 Million in Series B Funding
SECURITYWEEK.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Does anyone think that a bunch of Computer Science/Software Engineering graduates unable to find jobs could result in increased cybercrime?
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking
SECURITYWEEK.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware
THEHACKERNEWS.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
โ€˜Featuredโ€™ Urban VPN caught stealing private AI chats | CSO Online
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
Phishing Messages and Social Ads Flood Users Ahead of Christmas - Infosecurity Magazine
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
New $150 Cellik RAT Grants Android Control, Trojanizes Google Play Apps
SECURITYWEEK.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
GhostPoster attacks hide malicious JavaScript in Firefox addon logos
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
Hacker Conversations: Alex Hall, One-time Fraudster
SECURITYWEEK.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Partnering with Precision in 2026
PALOALTONETWORKS.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft
SECURITYWEEK.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
China's Ink Dragon hides out in European government networks
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
Mexico Unveils Its First National Cybersecurity Plan: A New Era of Digital Resilience
KNOWBE4.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Russian APT actor phishes the Baltics and the Balkans
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
GhostPairing Attacks: from phone number to full access in WhatsApp
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
Cellik Android malware builds malicious versions from Google Play apps
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
THEHACKERNEWS.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
Ink Dragon's Relay Network and Stealthy Offensive Operation
SH.ITJUST.WORKS — 17 Dec 2025
๐Ÿ•ต๏ธ
Access Fabric: A modern approach to identity and network access
MICROSOFT.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
WhatsApp device linking abused in account hijacking attacks
BLEEPINGCOMPUTER.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Kimsuky Hackers Use Weaponized QR Codes to Distribute Malicious Mobile Apps
GBHACKERS.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Microsoft to Block Exchange Online Access from Outdated Devices
GBHACKERS.COM — 17 Dec 2025
๐Ÿ•ต๏ธ
Cybersecurity's Talent Crisis: Two Jobs for Every Expert!
YOUTUBE.COM — 2025-12-17
๐Ÿ•ต๏ธ
SHARED INTEL Q&A: This is how โ€˜edge AIโ€™ is forcing a rethink of trust, security and resilience
LASTWATCHDOG.COM — 17 Dec 2025
๐ŸŒ
GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads
THEHACKERNEWS.COM — 17 Dec 2025
๐ŸŒ
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks
THEHACKERNEWS.COM — 17 Dec 2025
๐ŸŒ
Cyber on the Geopolitical, Battlefield: Beyond the, โ€œBig Fourหฎ
RECORDEDFUTURE.COM — 17 Dec 2025
๐Ÿ“ก
Surveillance at sea: Cruise firm bans smart glasses to curb covert recording
BITDEFENDER.COM — 17 Dec 2025
๐Ÿ“ก
Microsoft asks IT admins to reach out for Windows IIS failures fix
BLEEPINGCOMPUTER.COM — 17 Dec 2025
๐Ÿ“ก
Your MFA Is Costing You Millions. It Doesn't Have To.
BLEEPINGCOMPUTER.COM — 17 Dec 2025
๐Ÿ“ก
BlueDeltaโ€™s Persistent Campaign Against UKR.NET
RECORDEDFUTURE.COM — 17 Dec 2025