NICKNAME: Zero-Click iMessage Exploit Targeted Key Figures in US, EU https://hackread.com/nickname-zero-click-imessage-exploit-figures-us-eu/ #Cybersecurity #Vulnerability #CyberAttack #ZeroClick #Security #iMessage #NICKNAME #iPhone #China #EU #US

NICKNAME: Zero-Click iMessage Exploit Targeted Key Figures in US, EU – Source:hackread.com https://ciso2ciso.com/nickname-zero-click-imessage-exploit-targeted-key-figures-in-us-eu-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #CyberAttack #ZeroClick #Hackread #iMessage #NICKNAME #security #iPhone #China #EU #US

NICKNAME: A zero-click iMessage exploit was used to target high-profile figures in the US & EU, including politicians, journalists and AI execs.

https://hackread.com/nickname-zero-click-imessage-exploit-figures-us-eu/

@mobilizon any estimate when the docker image will be upgraded to fix the latest vulnerability? I had to shut down our instance until it's available.

If CI is broken, could someone just make a new image manually for this release?

Vulnerability Of California Roadways To Post-Wildfire Debris Flows
--
https://doi.org/10.1088/2634-4505/acb3f5 <-- shared paper
--
#GIS #spatial #mapping #California #geology #engineeringgeology #geomorphology #risk #hazard #water #hydrology #massmovement #landslide #debrisflow #roadway #road #highway #CalTrans #infrastructure #cost #damage #economics #fire #wildfire #postwildfire #transportation #watersheds #climatechange #extremeweather #rainfall #precipitation #naturalhazards #vegetation #spatialanalysis #vulnerability #assessment #soil

Google Issues Emergency Chrome Patch for Critical Flaw
In a digital landscape increasingly fraught with cyber threats.
https://www.webpronews.com/google-issues-emergency-chrome-patch-for-critical-flaw/ #cybersecurity #Chrome #browser #vulnerability #updatenow

#Roundcube <= 1.6.10 Post-Auth RCE via #PHP Object Deserialization #Vulnerability

https://fearsoff.org/research/roundcube

Gotta admit, 35,000 solar panels would make a baaaaadass botnet.

https://www.securityweek.com/35000-solar-power-systems-exposed-to-internet/

Minutes from the CVE Board teleconference meeting on May 14 are now available

https://cve.mitre.org/community/board/meeting_summaries/14_May_2025.pdf

#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity

Vulnerability CVE-2024-47081 has received a comment on Vulnerability-Lookup:

Netrc credential leak in PSF requests library
http://vulnerability.circl.lu/comment/a5ae6fa3-504b-4d03-a153-b9f12f911f71

Jen Ellis of NextJenSecurity has joined the CVE Board https://www.cve.org/Media/News/item/news/2025/06/03/New-CVE-Board-Member-NextJenSecurity

#cve #vulnerability #vulnerabilitymanagement #informationsecurity #cybersecurity

Teradyne Robotics is now a CVE Numbering Authority (CNA) assigning CVE IDs for all products released by Teradyne Robotics subsidiaries, Universal Robots (UR) and Mobile Industrial Robots (MiR), including both actively supported and end-of-life/end-of-service products, as well as vulnerabilities in third-party software identified by Teradyne Robotics that are outside the scope of another CNA

https://www.cve.org/Media/News/item/news/2025/06/03/Teradyne-Robotics-Added-as-CNA

#cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity

New on the #CVE Blog:
“CVE Program Report for Quarter 1 Calendar Year (Q1 CY) 2025”

https://medium.com/@cve_program/cve-program-report-for-quarter-1-calendar-year-q1-cy-2025-0e84776ee5c5

#VulnerabilityManagement #Vulnerability #InformationSecurity #Cybersecurity

883 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of May 19, 2025

https://www.cisa.gov/news-events/bulletins/sb25-147

#CVE #CVEID #CVSS #CWE #Vulnerability #VulnerabilityManagement #HSSEDI #CISA

Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis:

https://horizon3.ai/attack-research/attack-blogs/cisco-ios-xe-wlc-arbitrary-file-upload-vulnerability-cve-2025-20188-analysis/

The hackathon FIRSTCON25 takes place physically at 37th ANNUAL FIRST CONFERENCE on Sunday 22nd June in Copenhagen.

GCVE.eu topic has been added to the hackathon.

About the hackathon https://discourse.ossbase.org/c/hackathon-firstcon25/12
GCVE.eu topic https://discourse.ossbase.org/t/gcve-eu-processes-standards-bcp-and-tooling/95
Registration https://pretix.eu/circl/hackathonfirst25/

@firstdotorg @gcve @ddu @jtk @gallypette

New Linux vulnerabilities (CVE-2025-5054, CVE-2025-4598) let attackers steal password hashes from Ubuntu, Red Hat, Fedora. Patch & protect!

Read: https://hackread.com/linux-crash-reporting-flaws-expose-password-hashes/

CVE-2025-31200 Writeup from noahhw

https://blog.noahhw.dev/posts/cve-2025-31200/

All of the videos from “CVE/FIRST VulnCon 2025” are now available on YouTube!

https://www.youtube.com/playlist?list=PLWfD9RQVdJ6cm3kSvz-Sk87CawSzn5Ep0

#CVE #FIRST #VulnerabilityManagement #Vulnerability #Cybersecurity #InformationSecurity

At least there is a way to close the door.

Thousands of Asus routers are being hit with stealthy, persistent backdoors

https://arstechnica.com/security/2025/05/thousands-of-asus-routers-are-being-hit-with-stealthy-persistent-backdoors/