Mastodon

486 posts168 participants60 posts today

ZeroDay BaeNew FileFix attack uses cache smuggling to evade security software <a href="https://www.bleepingcomputer.com/news/security/new-filefix-attack-uses-cache-smuggling-to-evade-security-software/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/new-filefix-attack-uses-cache-smuggling-to-evade-security-software/</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/bleepingcomputer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bleepingcomputer</a>

The Zeek Network Security MonitorWe’re excited for a few in-person events coming up: 🌟 Oct. 20, Training at NSF Cybersecurity Summit 🌟 Oct. 21–24, hack.lu 🌟 Mar. 25-26, Two day Zeek Workshop at CERN Learn more + see all community updates in our newsletter: <a href="https://shorturl.at/NqUmr" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://shorturl.at/NqUmr</a><a href="https://infosec.exchange/tags/ZeekCommunity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ZeekCommunity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a>

Lenin alevski 🕵️💻What if converting Dockerfiles was as simple as a single command? 🚀🤔 DFC (Dockerfile Converter) transforms traditional Dockerfiles into compatible versions using Chainguard Images and APKs. It adjusts FROM lines, RUN commands, and more. Example: `RUN apt-get install nano` → `RUN apk add --no-cache nano`. <a href="https://infosec.exchange/tags/Dockerfiles" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Dockerfiles</a> <a href="https://infosec.exchange/tags/CLItools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CLItools</a> <a href="https://infosec.exchange/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> 👉 <a href="https://github.com/chainguard-dev/dfc" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/chainguard-dev/dfc</a><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Software</a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CTF</a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecuritycareer</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blueteam</a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#purpleteam</a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tips</a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloudsecurity</a>— ✨ 🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Shodan SafariASN: AS15557 Location: Nancy, FR Added: 2025-10-07T11:15<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

ZeroDay BaeUnplug Gemini from email and calendars, says cybersecurity firm | CSO Online <a href="https://www.csoonline.com/article/4069806/unplug-gemini-from-email-and-calendars-says-cybersecurity-firm.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.csoonline.com/article/4069806/unplug-gemini-from-email-and-calendars-says-cybersecurity-firm.html</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/ai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ai</a> <a href="https://infosec.exchange/tags/csoonline" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#csoonline</a>

ZeroDay BaeRE: <a href="https://infosec.exchange/@cyberseckyle/115334541393623997" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@cyberseckyle/115334541393623997</a>With the recent news of the 1.5TB of age-verification photos being leaked from Discord in the recent breach. Thought I’d share this again. <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/DataBreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataBreach</a> <a href="https://infosec.exchange/tags/Discord" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Discord</a>

Matthias SchulzeRaspi-Konkurrenz: Qualcomm schluckt Arduino und stellt Einplatinencomputer vor <a href="https://www.heise.de/news/Raspi-Konkurrenz-Qualcomm-schluckt-Arduino-und-stellt-Einplatinencomputer-vor-10733137.html?wt_mc=rss.red.ho.top-news.atom.beitrag.beitrag" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/Raspi-Konkurrenz-Qualcomm-schluckt-Arduino-und-stellt-Einplatinencomputer-vor-10733137.html?wt_mc=rss.red.ho.top-news.atom.beitrag.beitrag</a> <a href="https://ioc.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://ioc.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Shodan SafariASN: AS4766 Location: Hwaseong-si, KR Added: 2025-10-07T11:56<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Tekno Fix - IT SolutionsHackers are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators.WordPress plugin security firm Wordfence recorded more than 13,800 exploitation attempts since August 1st.<a href="https://mstdn.social/tags/Tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tech</a> <a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://mstdn.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://mstdn.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://mstdn.social/tags/Computing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Computing</a> <a href="https://mstdn.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechNews</a> <a href="https://mstdn.social/tags/Blog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Blog</a> <a href="https://mstdn.social/tags/Wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Wordpress</a> <a href="https://mstdn.social/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://mstdn.social/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> <a href="https://mstdn.social/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a> <a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/Business" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Business</a> <a href="https://mstdn.social/tags/Engineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Engineering</a> <a href="https://mstdn.social/tags/Markets" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Markets</a> <a href="https://mstdn.social/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USA</a> <a href="https://mstdn.social/tags/EU" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EU</a> <a href="https://mstdn.social/tags/Asia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Asia</a> <a href="https://mstdn.social/tags/Africa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Africa</a> <a href="https://mstdn.social/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a> <a href="https://mstdn.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a>

rk: it’s hyphen-minus actuallyThere has been a recent spate of vulnerabilities disclosed with CVSS scores of 10.0 when they very demonstrably couldn’t possibly have that score (getting a perfect 10.0 is remarkably difficult).You then go and look at the official CVE record and the CVSS score is something lower, sometimes much lower. Are the authors just saying 10.0 to get clicks/fame? LLM’s writing the summaries and putting it in there because that’s what great disclosures have? Who knows. <a href="https://mastodon.well.com/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Tekno Fix - IT SolutionsMicrosoft is removing more methods that help users create local Windows accounts and bypass the Microsoft account requirement when installing Windows 11."We are removing known mechanisms for creating a local account in the Windows Setup experience (OOBE)," Microsoft's Amanda Langowski said.<a href="https://mstdn.social/tags/Tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tech</a> <a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://mstdn.social/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://mstdn.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://mstdn.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://mstdn.social/tags/Computing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Computing</a> <a href="https://mstdn.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechNews</a> <a href="https://mstdn.social/tags/Blog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Blog</a> <a href="https://mstdn.social/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://mstdn.social/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> <a href="https://mstdn.social/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a> <a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/Business" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Business</a> <a href="https://mstdn.social/tags/Engineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Engineering</a> <a href="https://mstdn.social/tags/Markets" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Markets</a> <a href="https://mstdn.social/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USA</a> <a href="https://mstdn.social/tags/EU" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EU</a> <a href="https://mstdn.social/tags/Asia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Asia</a> <a href="https://mstdn.social/tags/Africa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Africa</a> <a href="https://mstdn.social/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a> <a href="https://mstdn.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a>

BeyondMachines :verified:School communication platform Finalsite suspends services after security breachFinalsite, a communication platform serving over 8,000 schools and universities across 115 countries suspended all operations on October 7, 2025, following an undisclosed security incident, leaving thousands of educational institutions without mass notification capabilities. The nature and scope of the breach is not disclosed.**** <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incident</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://beyondmachines.net/event_details/school-communication-platform-finalsite-suspends-services-after-security-breach-o-o-e-e-1/gD2P6Ple2L" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://beyondmachines.net/event_details/school-communication-platform-finalsite-suspends-services-after-security-breach-o-o-e-e-1/gD2P6Ple2L</a>

Shodan SafariASN: AS35805 Location: Akhaltsikhe, GE Added: 2025-10-07T11:28<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

BeyondMachines :verified:DraftKings reports credential stuffing attack targeting customer accountsDraftKings reports a credential stuffing attack detected on September 2, 2025, in which attackers used externally stolen or leaked login credentials from other platforms to compromise fewer than 30 customer accounts, exposing personal information and transaction history. The company has mandated password resets and multifactor authentication for affected accounts.**** <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incident</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://beyondmachines.net/event_details/draftkings-warns-users-of-credential-stuffing-attack-targeting-customer-accounts-8-4-i-q-w/gD2P6Ple2L" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://beyondmachines.net/event_details/draftkings-warns-users-of-credential-stuffing-attack-targeting-customer-accounts-8-4-i-q-w/gD2P6Ple2L</a>

Shodan SafariASN: AS4766 Location: Hwaseong-si, KR Added: 2025-10-07T11:30<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Brian Greenberg :verified:Tilly Norwood — the so-called “AI actress” — feels less like progress and more like propaganda. The rollout isn’t about art or tech; it’s about softening the idea that gen AI belongs in Hollywood as a replacement for people. What’s creepy is how it’s marketed: “agents are interested,” “she could be the next Scarlett Johansson.” The goal isn’t to sell a movie. It’s to sell the inevitability that AI will be the new normal. 🤖 Beneath the buzz, Tilly’s still a digital puppet needing human handlers. The only real actors here are the execs trying to convince us this is the future of storytelling.TL;DR 🎭 Not an actress, a digital puppet ⚙️ “AI actors” = PR stunt, not progress 🧠 Normalization is the real goal ⚠️ SAG-AFTRA’s concerns are the story<a href="https://www.theverge.com/ai-artificial-intelligence/791680/tilly-norwood-particle6-xicoia-eline-van-der-velden" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.theverge.com/ai-artificial-intelligence/791680/tilly-norwood-particle6-xicoia-eline-van-der-velden</a><a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://infosec.exchange/tags/Hollywood" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hollywood</a> <a href="https://infosec.exchange/tags/Ethics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ethics</a> <a href="https://infosec.exchange/tags/FutureOfWork" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FutureOfWork</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/deepfakes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#deepfakes</a>

skry<a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/@briankrebs/115339803435646384" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@briankrebs/115339803435646384</a>

Brian Greenberg :verified:When your AI "assistant" fabricates citations and invents court quotes, that’s not innovation, that’s negligence. Unbelievable, 🤦🏻‍♂️ Deloitte’s $290K report for the Australian government used generative AI (Azure OpenAI), and hallucinated fake sources and misattributed legal commentary. A researcher caught it and Deloitte admitted 'some' references were wrong, and now they’re refunding part of the fee. 😬This is the growing pain of AI adoption: big firms racing ahead without the governance to match. Transparency after the fact doesn’t rebuild trust — it just highlights the gap between capability and accountability.TL;DR ⚠️ AI-generated report errors 📚 Fake citations discovered 💸 Partial refund to the government 🤖 Big Four still chasing AI efficiency<a href="https://fortune.com/2025/10/07/deloitte-ai-australia-government-report-hallucinations-technology-290000-refund/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://fortune.com/2025/10/07/deloitte-ai-australia-government-report-hallucinations-technology-290000-refund/</a><a href="https://infosec.exchange/tags/AIethics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AIethics</a> <a href="https://infosec.exchange/tags/Consulting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Consulting</a> <a href="https://infosec.exchange/tags/Deloitte" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Deloitte</a> <a href="https://infosec.exchange/tags/Governance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Governance</a> <a href="https://infosec.exchange/tags/GRC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GRC</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

BeyondMachines :verified:Critical memory corruption flaw in IBM AIX and VIOS package managerIBM is reporting a critical vulnerability (CVE-2025-6965) in AIX and VIOS operating systems affecting the RPM package manager, where a SQLite flaw can cause memory corruption and enable arbitrary code execution on all versions of AIX 7.2/7.3 and VIOS 3.1/4.1.**If you're running IBM AIX or VIOS systems, check if you have vulnerable RPM versions (run lslpp -L | grep -i rpm.rte). Then plan a patch to apply IBM's security patches for CVE-2025-6965.** <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#advisory</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://beyondmachines.net/event_details/critical-memory-corruption-flaw-in-ibm-aix-and-vios-package-manager-o-r-2-p-1/gD2P6Ple2L" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://beyondmachines.net/event_details/critical-memory-corruption-flaw-in-ibm-aix-and-vios-package-manager-o-r-2-p-1/gD2P6Ple2L</a>

Shodan SafariASN: AS266082 Location: Parobé, BR Added: 2025-10-07T11:51<a href="https://infosec.exchange/tags/shodansafari" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#shodansafari</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

Recent searches

Search options

Administered by:

Server stats:

#infosec