Autoencoders and the Latent Space Neural networks are designed to learn compressed representations of high-dimensional data, and autoencoders (AEs) are…
Development
Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security
As applications become more distributed, traditional monitoring and security tools are failing to keep pace. This article explores how eBPF, when utilized by the graduated CNCF Cilium and its sub-proj …
Read more
Published Date:
Jun 18, 2025 (4 hours, 33 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2021-44228
Critical Linux Privilege Escalation Vulnerabilities Let Attackers Gain Full Root Access
Two critical, interconnected flaws, CVE-2025-6018 and CVE-2025-6019, enable unprivileged attackers to achieve root access on major Linux distributions.
Affecting millions worldwide, these vulnerabilit …
Read more
Published Date:
Jun 18, 2025 (4 hours, 1 minute ago)
Vulnerabilities has been mentioned in this article.
CSG waarschuwt voor kritiek beveiligingslek in NetScaler Gateway en ADC
De Cloud Software Group (CSG) waarschuwt voor een kritieke kwetsbaarheid in NetScaler ADC en NetScaler Gateway die tot een “memory overread” kan leiden. Een aanvaller zou zo vertrouwelijke informatie …
Read more
Published Date:
Jun 18, 2025 (2 hours, 58 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-5777
CISA Warns of Linux Kernel Improper Ownership Management Vulnerability Exploited in Attacks
CISA has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that CVE-2023-0386 is being actively exploited in real-world attacks.
This improper o …
Read more
Published Date:
Jun 18, 2025 (2 hours, 57 minutes ago)
Vulnerabilities has been mentioned in this article.
Chrome Vulnerabilities Let Attackers Execute Arbitrary Code – Update Now!
Google has released an urgent security update for Chrome browsers across all desktop platforms, addressing critical vulnerabilities that could allow attackers to execute arbitrary code on users’ syste …
Read more
Published Date:
Jun 18, 2025 (2 hours, 54 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE ID : CVE-2025-1562
Published : June 18, 2025, 8:15 a.m. | 1 hour, 14 minutes ago
Description : The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the install_or_activate_addon_plugins() function and a weak nonce hash in all versions up to, and including, 3.5.3. This makes it possible for unauthenticated attackers to install arbitrary plugins on the site that can be leveraged to further infect a vulnerable site.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5981
Published : June 18, 2025, 9:15 a.m. | 14 minutes ago
Description : Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR’s unpack() function for container images. Particularly, when using the CLI flag –remote-image on untrusted container images.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
The “Infinite Workday” is Here: Microsoft Warns of Never-Ending Work Driven by Hybrid Models & AI
Microsoft recently released a new study titled “2025 Work Trend Index Annual Report,” in which it issues a warning about the rise of the “infinite workday.” The report describes this phenomenon as a p …
Read more
Published Date:
Jun 18, 2025 (3 hours, 30 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-24787
CVE-2023-34966
Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping
The decentralized social networking platform Mastodon has recently issued an email to its users, notifying them of an update to its Terms of Service. The most significant change introduced is a formal …
Read more
Published Date:
Jun 18, 2025 (3 hours, 14 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-23832
CVE-2023-36460
Linux Kernel Flaw (CVE-2023-0386) Actively Exploited for Root Privilege Escalation, PoC Available
A dangerous Linux privilege escalation vulnerability, CVE-2023-0386, has officially entered the CISA Known Exploited Vulnerabilities (KEV) Catalog amid confirmed reports of active exploitation in the …
Read more
Published Date:
Jun 18, 2025 (3 hours, 51 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2023-0386
Trinper Backdoor Exploiting Chrome Zero-Day CVE-2025-2783
A critical vulnerability in Google Chrome, tracked as CVE-2025-2783, has been exploited in cyberattacks deploying the Trinper backdoor. The flaw, a sandbox escape vulnerability, enables attackers to e …
Read more
Published Date:
Jun 18, 2025 (3 hours, 13 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-26685
CVE-2025-2783
KimJongRAT Returns: New PE & PowerShell Variants Steal Crypto and Browser Data via CDNs
Unit 42 has uncovered two newly evolved variants of the KimJongRAT malware, one using traditional PE (Portable Executable) files and the other employing PowerShell-based scripts to infiltrate systems, …
Read more
Published Date:
Jun 18, 2025 (2 hours, 21 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2023-2530
Critical Linux Root Exploit Chain Discovered in PAM & UDisks, Affecting Major Distros
The Qualys Threat Research Unit (TRU) has unveiled two interconnected privilege escalation vulnerabilities—CVE-2025-6018 and CVE-2025-6019—that can allow any local attacker to gain full root access on …
Read more
Published Date:
Jun 18, 2025 (2 hours, 8 minutes ago)
Vulnerabilities has been mentioned in this article.
SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem
Full Disclosure
mailing list archives
SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem
From: SEC Consult Vulnerability Lab via Fulldisclosure
Read more
Published Date:
Jun 18, 2025 (1 hour, 29 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-26412
SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)
Full Disclosure
mailing list archives
SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)
From: SEC Consult Vulnerability Lab via Fulldisclosure
Read more
Published Date:
Jun 18, 2025 (1 hour, 29 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-5301
: “Glass Cage” – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure
mailing list archives
From: josephgoyd via Fulldisclosure
Date: Tue, 10 Jun 2025 14:48:51 +0000
“Glass Cage” – Sophisticated Zero-Click iMessage Exploi …
Read more
Published Date:
Jun 18, 2025 (1 hour, 29 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-24201
CVE-2025-24085
CVE ID : CVE-2025-23252
Published : June 18, 2025, 1:15 a.m. | 5 hours, 15 minutes ago
Description : The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to restricted components. A successful exploit of this vulnerability may lead to information disclosure.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4413
Published : June 18, 2025, 3:15 a.m. | 3 hours, 15 minutes ago
Description : The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay_upload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-50202
Published : June 18, 2025, 5:15 a.m. | 1 hour, 14 minutes ago
Description : Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user’s uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue has been patched in version 6.6.10.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…