Security Bulletin
14 Aug 2025
Biztonsági szemle
North Korea Attacks South Koreans With Ransomware
DPRK hackers are throwing every kind of malware at the wall and seeing what sticks, deploying stealers, backdoors, and ransomware all at once.
13 Aug 2025
Biztonsági szemle
Fortinet Products Are in the Crosshairs Again
The company disclosed a critical FortiSIEM flaw with a PoC exploit for it the same week researchers warned of an ominous surge in malicious traffic targeting the vendor's SSL VPNs.
13 Aug 2025
Biztonsági szemle
Whispers of XZ Utils Backdoor Live on in Old Docker Images
Developers maintaining the images made the "intentional choice" to leave the artifacts available as "a historical curiosity," given the improbability they'd be exploited.
13 Aug 2025
Biztonsági szemle
Popular AI Systems Still a Work-in-Progress for Security
According to a recent Forescout analysis, open source models were significantly less successful in vulnerability research than commercial and underground models.
13 Aug 2025
Biztonsági szemle
Patch Now: Attackers Target OT Networks via Critical RCE Flaw
Researchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastructure and OT development.
13 Aug 2025
Biztonsági szemle
What the LockBit 4.0 Leak Reveals About RaaS Groups
The leak serves as a wake-up call: Being prepared is the cornerstone of a successful defense, and those who don't prepare are going to face uncertainty caused by the lack of attackers' accountability.
13 Aug 2025
Biztonsági szemle
How an AI-Based 'Pen Tester' Became a Top Bug Hunter on HackerOne
AI researcher explains how an automated penetration-testing tool became the first non-human member on HackerOne to reach the top of the platform's US leaderboard.
13 Aug 2025
Biztonsági szemle
Tájékoztatás Adobe szoftverek sérülékenységeiről – 2025. augusztus
A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) tájékoztatót ad ki az Adobe szoftverfejlesztő cég termékeit érintő sérülékenységekkel kapcsolatban, azok súlyossága, valamint az egyes biztonsági hibákat érintő aktív...
13 Aug 2025
Biztonsági szemle
Riasztás Microsoft termékeket érintő sérülékenységekről – 2025. augusztus
A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) riasztást ad ki a Microsoft szoftvereket érintő kritikus kockázati besorolású sérülékenységek kapcsán, azok súlyossága, kihasználhatósága és a szoftverek széleskörű...
13 Aug 2025
Biztonsági szemle
CVE-2017-11882 Will Never Die, (Wed, Aug 13th)
One of the key messages broadcasted by security professionals is: "Patch, patch and patch again!". But they are nasty vulnerabilities that remain exploited by attackers even if they are pretty old. %%cve:2017-11882%% is one of them: this remote code...
13 Aug 2025
Biztonsági szemle
ISC Stormcast For Wednesday, August 13th, 2025 https://isc.sans.edu/podcastdetail/9568, (Wed, Aug 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
13 Aug 2025
Biztonsági szemle
China Questions Security of AI Chips From Nvidia, AMD
The US banned the sale of AI chips to China and then backed off. Now, Chinese sources are calling on NVIDIA to prove its AI chips have no backdoors.