Security Bulletin

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft-G2 Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: XMC20 Vulnerability: Relative Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could...

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-50302 Linux Kernel Use of Uninitialized Resource Vulnerability CVE-2025-22225 VMware ESXi Arbitrary Write...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: Carrier Equipment: Block Load Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

Investigators at the ICO are looking into how (or if) TikTok, as well as Reddit and Imgur, are enforcing UK privacy protections for 13- to 17-year-old users.

The ransomware-as-a-service (RaaS) cybercrime group intends to leak the stolen information in just two days, it claims; but oddly, it doesn't seek a ransom payment from its victim.

NAB Show 2025, is happening in Las Vegas, NV April 5-9, 2025. This year’s theme is “Where content comes to life.” That could not be a better description for Cisco this year. And what better place to showcase how technology influences our customers’...

A complex campaign allows cyberattackers to take over Windows systems by a combining a ClickFix-style attack and sophisticated obfuscation that abuses legitimate Microsoft services.