Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services. The vulnerability, tracked as CVE-2025-23266, carries a CVSS score of 9.0 out of 10.0. It…
Author: IT Security News Bot
Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
Google on Thursday revealed it’s pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy infrastructure. “The BADBOX 2.0 botnet compromised over 10 million uncertified…
New “LameHug” Malware Deploys AI-Generated Commands
Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector This article has been indexed from www.infosecurity-magazine.com Read the original article: New “LameHug” Malware…
[UPDATE] [hoch] PHP: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in PHP ausnutzen, um Denial of Service oder Server-Side Request-Forgery Angriffe durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [hoch] PHP: Mehrere Schwachstellen
[UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht näher spezifizierte Auswirkungen zu erzielen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen…
[UPDATE] [mittel] Python (CPython): Schwachstelle ermöglicht Denial of Service
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Python ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] Python (CPython): Schwachstelle…
[UPDATE] [mittel] Red Hat Enterprise Linux (python-setuptools): Schwachstelle ermöglicht Codeausführung
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] Red Hat Enterprise…
Russian Vodka Maker Beluga Struck by Ransomware Attack
Novabev Group, the parent company of premium vodka brand Beluga, has confirmed it was hit by a sophisticated ransomware attack on July 14, 2025, temporarily disrupting operations and affecting IT infrastructure across the company and its WineLab subsidiary. The Russian…
Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025
VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them. Broadcom four vulnerabilities in VMware products demonstrated at Pwn2Own Berlin 2025. White hat hackers earned over $340,000 for VMware exploits, including $150,000…
Retail Becomes New Target as Healthcare Ransomware Attacks Slow
Comparitech found that healthcare ransomware attacks rose 4% in H1 2025, a significantly lower rate than the cross-sector average of 50% This article has been indexed from www.infosecurity-magazine.com Read the original article: Retail Becomes New Target as Healthcare Ransomware Attacks…
AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet
A cryptomining botnet active since 2019 has incorporated likely AI-generated Lcryx ransomware into its operations This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet
Veeam Phishing via Wav File, (Fri, Jul 18th)
A interesting phishing attempt was reported by a contact. It started with a simple email that looked like a voice mail notification like many VoIP systems deliver when the call is missed. There was a WAV file attached to the…
10 Best XDR (Extended Detection & Response) Solutions 2025
In 2025, the cybersecurity landscape is more fragmented and perilous than ever before. Organizations face an explosion of data sources, an increasing attack surface spanning endpoints, networks, cloud environments, and identities, and a relentless onslaught of sophisticated, multi-stage attacks. Traditional…
CISA Publishes 13 ICS Security Advisories on Critical Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) released thirteen Industrial Control Systems (ICS) security advisories on July 17, 2025, highlighting critical vulnerabilities that could compromise essential infrastructure operations. This coordinated disclosure represents one of the most significant advisory releases of…
‘Daemon Ex Plist’ Vulnerability Grants Root Access on macOS
A newly disclosed vulnerability dubbed “Daemon Ex Plist” allows attackers to escalate privileges from standard user to root access on macOS systems, exploiting a timing flaw in how the operating system handles daemon configuration files. Security researcher Egor Filatov published details of…
I tested a ‘de-Googled’ tablet without all the bloatware – and it was beyond refreshing
Murena reworked the Pixel Tablet by stripping out Google’s services and adding built-in privacy tools to avoid tracking. This article has been indexed from Latest news Read the original article: I tested a ‘de-Googled’ tablet without all the bloatware –…
This MSI handheld could replace my gaming laptop, and not just for its more portable design
The MSI Claw 8 AI+ improves on its predecessor, delivering better performance and a long-lasting battery. This article has been indexed from Latest news Read the original article: This MSI handheld could replace my gaming laptop, and not just for…
I tested a Bluetooth tracker for iOS and Android, and its safety features are top-tier
The Chipolo Pop trackers can help you find your keys and phone, and even take selfies. This article has been indexed from Latest news Read the original article: I tested a Bluetooth tracker for iOS and Android, and its safety…
Anne Arundel Dermatology Data Breach Impacts 1.9 Million People
Anne Arundel Dermatology said hackers had access to its systems for three months and may have stolen personal and health information. The post Anne Arundel Dermatology Data Breach Impacts 1.9 Million People appeared first on SecurityWeek. This article has been…
Operation Eastwood: NoName057(16) am Ende oder noch im Rennen?
Die jüngsten internationalen Maßnahmen gegen NoName057(16) werden ihre Aktivitäten wahrscheinlich nicht dauerhaft beenden, sagt Rafa Lopez von Checkpoint. Dieser Artikel wurde indexiert von IT-News Cybersicherheit – silicon.de Lesen Sie den originalen Artikel: Operation Eastwood: NoName057(16) am Ende oder noch im…