ZDI-25-175 0Day Luxion KeyShot USDC File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-2532.

Pick Up A Pebble Again

A decade ago, smartwatches were an unexplored avenue full of exotic promise. There were bleeding-edge and eye-wateringly expensive platforms from the likes of Samsung or Apple, but for the more …read more

Source

USN-7360-1 Alpine vulnerabilities

It was discovered that Alpine did not use a secure connection under certain circumstances. A remote attacker could possibly use this issue to leak sensitive information. (CVE-2020-14929) It was discovered that Alpine could allow untagged responses from an IMAP server before upgrading to a TLS connection. A remote attacker could possibly use this issue to

It was discovered that Alpine did not use a secure connection under certain circumstances. A remote attacker could possibly use this issue to leak sensitive information. (CVE-2020-14929) It was discovered that Alpine could allow untagged responses from an IMAP server before upgrading to a TLS connection. A remote attacker could possibly use this issue to leak sensitive information. (CVE-2021-38370) It was discovered that Alpine could crash when receiving certain SMTP commands. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-46853)

GreyNoise Observes Active Exploitation of Critical Apache Tomcat RCE Vulnerability CVE-2025-24813

Attackers are actively exploiting Apache Tomcat servers by leveraging CVE-2025-24813, a newly disclosed vulnerability that, if successfully exploited, could enable remote code execution (RCE). GreyNoise has identified multiple IPs engaging in this activity across multiple regions.

Attackers are actively exploiting Apache Tomcat servers by leveraging CVE-2025-24813, a newly disclosed vulnerability that, if successfully exploited, could enable remote code execution (RCE). GreyNoise has identified multiple IPs engaging in this activity across multiple regions.

Mitigating threats against telco networks in the cloud

In the telecommunication world, security is not just a necessity—it’s a foundation of trust. Telcos are the backbone for global communication, transporting sensitive data in real time across large networks. Any vulnerability in this critical infrastructure can lead to data breaches, exposing confidential information. With billions of connected devices, from

In the telecommunication world, security is not just a necessity—it’s a foundation of trust. Telcos are the backbone for global communication, transporting sensitive data in real time across large networks. Any vulnerability in this critical infrastructure can lead to data breaches, exposing confidential information. With billions of connected devices, from mobile phones to IoT, the potential of misuse of data can seriously impact national security. Protecting the network from threats isn’t merely a technical challenge, it’s a vital part of the job.User management, hardening, network secur

webapps FluxBB 1511 - Stored Cross-Site Scripting XSS

FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)

FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)

Source

webapps JUX Real Estate 340 - SQL Injection

JUX Real Estate 3.4.0 - SQL Injection

JUX Real Estate 3.4.0 - SQL Injection

Source

TotalAV vs Surfshark VPN Features Comparison Guide

When comparing VPN software, consider server locations, ease of use, device compatibility, and more. Check out our TotalAV vs Surfshark guide here. The post TotalAV vs Surfshark VPN: Features Comparison Guide appeared first on eSecurity Planet.

When comparing VPN software, consider server locations, ease of use, device compatibility, and more. Check out our TotalAV vs Surfshark guide here.

The post TotalAV vs Surfshark VPN: Features Comparison Guide appeared first on eSecurity Planet.

SpyClouds 2025 Identity Exposure Report The Scale And Hidden Risks Of Digital Identity Threats

Source

SecPod Launches Saner Cloud A Revolutionary CNAPP For Preventive Cybersecurity

Source