Topic: security recommendations
-
Urgent: Patch Citrix Bleed 2 NetScaler flaw as exploits go public
A critical Citrix NetScaler vulnerability (CVE-2025-5777) allows attackers to steal session tokens by exploiting malformed login requests to dump memory contents, similar to last year's CitrixBleed flaw. The flaw arises from improper use of the snprintf function, leaking ~127 bytes of memory per ...
Read More » -
SquidLoader Malware Threatens Hong Kong Finance Sector
SquidLoader is a sophisticated new malware targeting Hong Kong financial institutions, using stealthy evasion techniques to deliver Cobalt Strike Beacon payloads undetected. The attack starts with spear-phishing emails containing disguised RAR archives, deploying multi-stage infection processes l...
Read More » -
Louis Vuitton UK Hit by Major Data Breach
Louis Vuitton UK confirmed a data breach exposing customer details like names, contact info, and purchase history, though payment data remained secure. The breach follows similar incidents at other LVMH-owned brands, suggesting a possible pattern of targeting across the luxury conglomerate. UK au...
Read More » -
Linux Distros at Risk: Chaining 2 LPEs for Root Access (CVE-2025-6018/19)
Two critical Linux vulnerabilities (CVE-2025-6018 and CVE-2025-6019) allow attackers to gain full system control by chaining exploits, affecting major distributions like Ubuntu and openSUSE. CVE-2025-6018 misconfigures PAM to grant remote attackers local user privileges, while CVE-2025-6019 explo...
Read More » -
Active Exploits Target Critical Wing FTP Server Flaw (CVE-2025-47812)
A critical remote code execution flaw (CVE-2025-47812) in Wing FTP Server is being actively exploited, allowing unauthenticated attackers to execute arbitrary system commands with elevated privileges. The vulnerability stems from improper input validation in Wing FTP's web interfaces, enabling Lu...
Read More »
