36Articles
4Categories
2025-12-20Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 23[−]
20 DecCVE-2025-38236 af_unix: Don't leave consecutive consumed OOB skbs.Information published.MSRC.MICROSOFT.COM
20 DecCVE-2025-38251 atm: clip: prevent NULL deref in clip_push()Information published.MSRC.MICROSOFT.COM
20 DecCVE-2025-38262 tty: serial: uartlite: register uart driver in initInformation published.MSRC.MICROSOFT.COM
20 DecCVE-2025-38263 bcache: fix NULL pointer in cache_set_flush()Information published.MSRC.MICROSOFT.COM
20 DecCVE-2025-38166 bpf: fix ktls panic with sockmapInformation published.MSRC.MICROSOFT.COM
20 DecCVE-2025-38225 media: imx-jpeg: Cleanup after an allocation errorInformation published.MSRC.MICROSOFT.COM
20 DecCVE-2025-38275 phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bugInformation published.MSRC.MICROSOFT.COM
20 DecCVE-2025-38177 sch_hfsc: make hfsc_qlen_notify() idempotentInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 6[−]
20 Dec25,000+ FortiCloud SSO-Enabled Systems Vulnerable to Remote ExploitationThe Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. The non-profit security organi…GBHACKERS.COM
20 DecU.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus MalwareThe U.S. Department of Justice (DoJ) this week announced the indictment of 54 individuals in connection with a multi-million dollar ATM jackpotting scheme. The large-scale conspiracy involved deploying malware named Ploutus to hack into automated teller machines (ATMs) across the…THEHACKERNEWS.COM
20 DecChina-linked hackers exploit insecure setting in Cisco security productssubmitted by tardigrade to cybersecurity 1 points | 0 comments https://www.cybersecuritydive.com/news/cisco-china-cyberattacks-asyncos-configuration/808258/ cross-posted from: scribe.disroot.org/post/6219559 Archived link China-linked hackers have been using misconfigured Cisco s…INFOSEC.PUB
20 DecChina-linked hackers exploit insecure setting in Cisco security productssubmitted by tardigrade to cybersecurity 1 points | 0 comments https://www.cybersecuritydive.com/news/cisco-china-cyberattacks-asyncos-configuration/808258/ Archived link China-linked hackers have been using misconfigured Cisco security products to deploy backdoors on target netw…SH.ITJUST.WORKS
20 DecPrimary time scale failure at NIST Boulder campus; significant impact on NTP servicessubmitted by vk6flab to cybersecurity 1 points | 0 comments https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I cross-posted from: lemmy.radio/post/10939156 Dear colleagues, In short, the atomic ensemble time scale at our Boulder campus has failed due …INFOSEC.PUB
20 DecPrimary time scale failure at NIST Boulder campus; significant impact on NTP servicessubmitted by vk6flab to cybersecurity 1 points | 0 comments https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I cross-posted from: lemmy.radio/post/10939156 Dear colleagues, In short, the atomic ensemble time scale at our Boulder campus has failed due …SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 3[−]
20 DecYear-End Review: The Highs and Lows of Cybersecurity in 2025Cybersecurity Today brings you a special year-end episode, featuring noteworthy guests Tammy Harper from Flare, Laura Payne from White Tuque, David Shipley from Beauceron Security, and John Pinard, co-host of Project Synapse. This episode delves into the pivotal cybersecurity sto…CYBERSECURITYTODAY.LIBSYN.COM
20 DecMicrosoft Teams Outage Causes Global Messaging Delays and Service InterruptionsMicrosoft Teams users worldwide experienced significant service disruptions on December 20, 2025, as the collaboration platform encountered widespread issues affecting messaging functionality and other critical service operations. The company has acknowledged the incident and is …GBHACKERS.COM
20 DecRansomHouse upgrades encryption with multi-layered data processingThe RansomHouse ransomware-as-a-service (RaaS) has recently upgraded its encryptor, switching from a relatively simple single-phase linear technique to a more complex, multi-layered method. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 4[−]
20 DecWeekly Update 483Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. Building out an IoT environment is a little like the old Maslow's Hierarchy of Needs. All the stuff on the top is only any good if all the stuff on the bottom is…TROYHUNT.COM
20 DecTrust Your Cats, Not AIAI might falter, but your cats will always be cats! 🐱 Delve into the humorous exploration of AI's quirks and the challenges it brings. Subscribe to our podcasts: https://securityweekly.com/subscribe #TechPitfalls #HumorInTech #SecurityWeekly #Cybersecurity #InformationSecurity #A…YOUTUBE.COM
20 DecNorth Korean infiltrator caught working in Amazon IT department thanks to lag — 110ms keystroke input raises red flags over true locationsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.tomshardware.com/tech-industry/cyber-security/north-korean-infiltrator-caught-working-in-amazon-it-department-thanks-to-lag-110ms-keystroke-input-raises-red-flags-over-true-locationINFOSEC.PUB
20 DecBangladeshi Operator of Fake ID Marketplaces Charged in International Fraud CaseA 29-year-old Bangladeshi man has been indicted on federal charges for operating online marketplaces that sold fraudulent identity document templates to customers worldwide, U.S. authorities announced. Zahid Hasan of Dhaka, Bangladesh, faces nine federal counts, including six cou…GBHACKERS.COM