Google’s Android pKVM Framework Achieves SESIP Level 5 Certification

Por
Google’s Android pKVM Framework Achieves SESIP Level 5 Certification

Google has revealed that protected KVM (pKVM), the hypervisor that powers the Android Virtualization Framework (AVF), has achieved SESIP Level 5 certification, marking a major breakthrough for open-source security and consumer electronics. This milestone positions pKVM as the inaugural software security system tailored for widespread deployment in consumer devices to reach this elite assurance threshold. … Ler mais

Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild

Por
Picus Blue Report 2025

Fortinet is warning about aremote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM is a central security monitoring and analytics system used for logging, network telemetry, and security incident alerts, serving as an integral part of security operation centers, where … Ler mais

Infamous XZ Backdoor Found Hidden in Docker Images for Over a Year

Por
Infamous XZ Backdoor Found Hidden in Docker Images for Over a Year

Security researchers at Binarly have discovered that the sophisticated supply chain hack still exists in publicly accessible Docker images on Docker Hub, more than a year after the startling revelation of the XZ Utils backdoor in March 2024. The backdoor, attributed to a pseudonymous developer known as ‘Jia Tan’ who infiltrated the XZ Utils project … Ler mais

Emerging AI-Driven Phishing Trends Reshape Cybercrime Tactics

Por
GPT

Artificial intelligence (AI) in advances and adaptive social engineering techniques have led to a significant revolution in phishing and scams within the continually changing realm of cybercrime. Cybercriminals are leveraging neural networks and large language models (LLMs) to craft hyper-realistic deceptive content, exploiting current events and personal data to target individuals and organizations more effectively. … Ler mais

Windows 11 24H2 updates failing again with 0x80240069 errors

Por
Picus Red Report 2025

The KB5063878 Windows 11 24H2 cumulative update, released earlier this week, fails to install on some systems according to widespread reports from Windows administrators. As many admins have reported on social media and BleepingComputer, this issue affects Windows Server Update Services (WSUS) users, who are experiencing 0x80240069 errors when installing the August 2025 security updates. … Ler mais

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Por
Picus Blue Report 2025

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating withweaker login methods, making them susceptible to phishing and session hijacking. These weaker login channels are vulnerable to adversary-in-the-middle phishing attacks that employ tools like Evilginx, enabling attackers to snatch valid session cookies and hijack the accounts. … Ler mais

Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products

Por
Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products

Adobe has rolled out its August 2025 Patch Tuesday updates, addressing a total of 60 vulnerabilities across a wide array of products, including key creative tools and enterprise solutions. These patches primarily focus on out-of-bounds read and write issues, use-after-free errors, and arbitrary code execution risks, many of which carry high severity ratings due to … Ler mais

Critical FortiSIEM flaw under active exploitation, Fortinet warns

Por
Critical FortiSIEM flaw under active exploitation, Fortinet warns

Critical FortiSIEM flaw under active exploitation, Fortinet warns Fortinet warns of a critical FortiSIEM vulnerability, tracked as CVE-2025-25256, that is actively exploited in attacks in the wild. Fortinet warns customers of a critical vulnerability, tracked asCVE-2025-25256 (CVSS score of 9.8), affecting FortiSIEM for which an exploit exists in the wild. Fortinet gave no details about … Ler mais

Erlang/OTP SSH Vulnerability Sees Spike in Exploitation Attempts

Por
Erlang/OTP SSH Vulnerability Sees Spike in Exploitation Attempts

A severe remote code execution (RCE) vulnerability in Erlang’s Open Telecom Platform (OTP) Secure Shell daemon (sshd) is being actively exploited. According to a new analysis by Palo Alto’s Unit 42, CVE-2025-32433, rated 10.0 on the CVSS scale, allows unauthenticated attackers to execute commands by sending specific SSH messages before authentication. Vulnerable versions include Erlang/OTP … Ler mais

Spike in Fortinet VPN brute-force attacks raises zero-day concerns

Por
Picus Blue Report 2025

A massive spike in brute-force attacks targeted Fortinet SSL VPNs earlier this month, followed by a switch to FortiManager, marked a deliberate shift in targeting that has historically preceded new vulnerability disclosures. The campaign, detected by threat monitoring platform GreyNoise, manifested in two waves, on August 3 and August 5, with the second wave pivoting … Ler mais