Linux Crash Reporting Flaws (CVE-2025-5054, 4598) Expose Password Hashes
Qualys details CVE-2025-5054 and CVE-2025-4598, critical vulnerabilities affecting Linux crash reporting tools like Apport and systemd-coredump. Learn how…
Qualcomm fixed three zero-days exploited in limited, targeted attacks
Qualcomm addressed three zero-day vulnerabilities that, according to the company, have been exploited in limited, targeted attacks in the wild. Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. Google Android Security team reported the three issues, tracked as CVE-2025-21479, CVE-2025-21480, […]
US Sanctions Philippines’ Funnull Technology Over $200M Crypto Scam
The US Department of the Treasury has taken action against Funnull Technology Inc. for enabling massive pig butchering…
Defensive Security Podcast Episode 308
Like what we’re doing with the DefSec Podcast and want to help support us? Donate here: https://www.patreon.com/defensivesec In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss a range of topics including the introduction of a new cryptocurrency, Guard Llama Coin, and the implications of recent cybersecurity incidents involving ConnectWise … Continue reading Defensive Security Podcast Episode 308
Streamline Regulation Mandates With NIST CSF and Secure Workload
Cisco Secure Workload serves as a foundational solution for organizations seeking to implement an effective microsegmentation strategy.
Backdoors in Python and NPM Packages Target Windows and Linux
Checkmarx uncovers cross-ecosystem attack: fake Python and NPM packages plant backdoor on Windows and Linux, enabling data theft plus remote control.
Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188
Technical details about a critical Cisco IOS XE WLC flaw (CVE-2025-20188) are now public, raising the risk of a working exploit emerging soon. Details of a critical vulnerability, tracked as CVE-2025-20188, impacting Cisco IOS XE WLC are now public, raising the risk of exploitation. In early May, Cisco released software updates to address the vulnerability CVE-2025-20188 […]
Two flaws in vBulletin forum software are under attack
Experts found two vulnerabilities in the vBulletin forum software, one of which is already being exploited in real-world attacks. Two critical vBulletin flaws, tracked as CVE-2025-48827 and CVE-2025-48828, enable API abuse and remote code execution. The experts warn that one of these flaws is actively exploited in the wild. An unauthenticated user could exploit CVE-2025-48827 […]
Corporate KKK: How ICE Became a Paramilitary Profit Machine
One missed form from 2015—submitted late as the couple grieved a stillbirth—is now grounds for family destruction in America. Immigration officials encouraged Kasper Eriksen’s naturalisation for years, never mentioning any missing document until …
Tesla Claims Dead Children Failed to Present Selves as Obstacles Worth Avoiding
“How were our cars supposed to know these weren’t just speed bumps?” asks company spokesperson. Mounting criticism over a decade of school zone fatalities has led Tesla representatives to claim this week that deceased children had fai…