Tag: exploit
-
The Register: Google DeepMind minds the patch with AI flaw-fixing scheme
Source URL: https://www.theregister.com/2025/10/07/google_deepmind_patches_holes/ Source: The Register Title: Google DeepMind minds the patch with AI flaw-fixing scheme Feedly Summary: CodeMender has been generating fixes for vulnerabilities in open source projects Google says its AI-powered security repair tool CodeMender has been helping secure open source projects through automated patch creation, subject to human approval.… AI Summary and…
-
Slashdot: Redis Warns of Critical Flaw Impacting Thousands of Instances
Source URL: https://it.slashdot.org/story/25/10/06/222222/redis-warns-of-critical-flaw-impacting-thousands-of-instances?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Redis Warns of Critical Flaw Impacting Thousands of Instances Feedly Summary: AI Summary and Description: Yes Summary: The Redis security team has issued critical patches for a vulnerability (CVE-2025-49844) that could allow remote code execution on a significant number of instances. This vulnerability, stemming from a long-standing issue in…
-
The Register: Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried
Source URL: https://www.theregister.com/2025/10/06/microsoft_blames_medusa_ransomware_affiliates/ Source: The Register Title: Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried Feedly Summary: You can’t find anything bad if you don’t look, right? Medusa ransomware affiliates are among those exploiting a maximum-severity bug in Fortra’s GoAnywhere managed file transfer (MFT) product, according to Microsoft Threat Intelligence.……
-
Microsoft Security Blog: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/ Source: Microsoft Security Blog Title: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Feedly Summary: Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this…
-
The Register: Clop crew hits Oracle E-Business Suite users with fresh zero-day
Source URL: https://www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/ Source: The Register Title: Clop crew hits Oracle E-Business Suite users with fresh zero-day Feedly Summary: Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that…
-
Slashdot: Mouse Sensors Can Pick Up Speech From Surface Vibrations, Researchers Show
Source URL: https://it.slashdot.org/story/25/10/05/2225224/mouse-sensors-can-pick-up-speech-from-surface-vibrations-researchers-show?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Mouse Sensors Can Pick Up Speech From Surface Vibrations, Researchers Show Feedly Summary: AI Summary and Description: Yes Summary: Researchers from the University of California, Irvine, have identified a security vulnerability in high-performance optical mice that can be exploited to capture audio data from a user’s environment, effectively turning…