🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
21 DecCVE-2025-37931 btrfs: adjust subpage bit start based on sectorsizeInformation published.MSRC.MICROSOFT.COM
21 DecCVE-2025-37932 sch_htb: make htb_qlen_notify() idempotentInformation published.MSRC.MICROSOFT.COM
21 DecCVE-2025-37938 tracing: Verify event formats that have "%*p.."Information published.MSRC.MICROSOFT.COM
21 DecCVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limitInformation published.MSRC.MICROSOFT.COM
21 DecCVE-2025-68161 Apache Log4j Core: Missing TLS hostname verification in Socket appenderInformation published.MSRC.MICROSOFT.COM
21 DecCVE-2025-68114 Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflowInformation published.MSRC.MICROSOFT.COM
21 DecCVE-2025-38300 crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()Information published.MSRC.MICROSOFT.COM
21 DecCVE-2025-38331 net: ethernet: cortina: Use TOE/TSO on all TCPInformation published.MSRC.MICROSOFT.COM
21 DecCVE-2025-38347 f2fs: fix to do sanity check on ino and xnidInformation published.MSRC.MICROSOFT.COM
21 DecCVE-2025-66382 In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.Information published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 1[−]
21 DecDocker Hardened Images now open source and available for freeMore than a 1,000 Docker Hardened Images (DHI) are now freely available and open source for software builders, under the Apache 2.0 license. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 1[−]
21 DecIranian Infy APT Resurfaces with New Malware Activity After Years of SilenceThreat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey. "The scale of Prince of Persia's activity is m…THEHACKERNEWS.COM