#linux

Google has released an update to patch two high-severity vulnerabilities, one of which is already under active exploitation.

Suspected espionage-driven threat actors from Iran have been observed deploying backdoors like TWOSTROKE and DEEPROOT as part of continued attacks aimed at aerospace, aviation, and defense industries in the Middle East. The activity has been attributed by Google-owned Mandiant to a threat cluster tracked as UNC1549 (aka Nimbus Manticore or Subtle Snail), which was first documented by the threat

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Schneider Electric Equipment: PowerChute Serial Shutdown Vulnerabilities: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Restriction of Excessive Authentication Attempts, Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access user accounts or gain elevated system access. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of Schneider Electric PowerChute Serial Shutdown are affected: Schneider Electric PowerChute Serial Shutdown: Versions 1.3 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 A path traversal vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST/REST/UpdateJRE request payload. CVE-2025-115...

Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 (CVSS score: 8.8), a type confusion vulnerability in the V8 JavaScript and WebAssembly engine that could be exploited to achieve arbitrary code execution or program crashes. "Type

### Summary The glob CLI contains a command injection vulnerability in its `-c/--cmd` option that allows arbitrary command execution when processing files with malicious names. When `glob -c <command> <patterns>` is used, matched filenames are passed to a shell with `shell: true`, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. ### Details **Root Cause:** The vulnerability exists in `src/bin.mts:277` where the CLI collects glob matches and executes the supplied command using `foregroundChild()` with `shell: true`: ```javascript stream.on('end', () => foregroundChild(cmd, matches, { shell: true })) ``` **Technical Flow:** 1. User runs `glob -c <command> <pattern>` 2. CLI finds files matching the pattern 3. Matched filenames are collected into an array 4. Command is executed with matched filenames as arguments using `shell: true` 5. Shell interprets metacharacters in filenames as c...

This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It’s not just about hacking anymore. Criminals are building systems to make money, spy, or spread malware like it’s a business. And in some cases, they’re using the same

We are thrilled to announce the general availability of Red Hat OpenShift Service Mesh 3.2. This release includes the general availability of Istio’s ambient mode—a new way of deploying service mesh without sidecars that significantly lowers the resource costs of using service mesh. This provides a low overhead solution for zero trust networking with lightweight pod-to-pod mTLS encryption and authorization policies based on workload identities, with the ability to add more advanced features as required.Based on the Istio, Envoy, and Kiali projects, this release updates the version of Istio

November “In the Trend of VM” (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux. The usual monthly roundup. After several months, here’s a big one. 🔥 🗞 Post on Habr (rus)🗞 Post on SecurityLab (rus)🗒 Digest on the PT website (rus) A total of nine vulnerabilities: 🔻 RCE – Windows Server Update […]

## Summary Dragging a file whose filename contains HTML is reflected verbatim into the page via the drag-and-drop helper, so any user who drops a crafted file on PrivateBin will execute arbitrary JavaScript within their own session (self-XSS). This allows an attacker who can entice a victim to drag or otherwise attach such a file to exfiltrate plaintext, encryption keys, or stored pastes before they are encrypted or sent. **Note 1:** as the malicious filename must contain the `>` character, the victim must not be using Windows for this to work, since this OS simply forbids this character in filenames. **Note 2:** most PrivateBin instances use the Content-Security-Policy header to prevent most use-cases of this vulnerability. This report will describe the impact as if this header had been disabled by the PrivateBin instance owner. ## Affected versions PrivateBin versions since 1.7.7. ## Conditions * Only macIOS or Linux users are affected, due to the way the `>` character is trea...

November Microsoft Patch Tuesday. A total of 65 vulnerabilities. I’m not comparing this with the October report because I’ve decided to cover only MSPT-day vulnerabilities. The thing is, Microsoft has started massively adding Linux-product vulnerabilities to their official website, and these clutter the “extended” MSPT reports. 🤷‍♂️ There is one vulnerability with evidence of in-the-wild […]