CVE Alert: CVE-2025-54112 – Microsoft – Windows 10 Version 1809
CVE-2025-54112 HIGHNo exploitation known Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally....
threatintel
CVE Alert: CVE-2025-54105 – Microsoft – Windows Server 2025 (Server Core installation)
CVE-2025-54105 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows...
CVE Alert: CVE-2025-54103 – Microsoft – Windows 10 Version 21H2
CVE-2025-54103 HIGHNo exploitation known Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54102 – Microsoft – Windows 10 Version 1809
CVE-2025-54102 HIGHNo exploitation known Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges...
CVE Alert: CVE-2025-54091 – Microsoft – Windows 10 Version 1809
CVE-2025-54091 HIGHNo exploitation known Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54092 – Microsoft – Windows 10 Version 1809
CVE-2025-54092 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized...
CVE Alert: CVE-2025-54098 – Microsoft – Windows 10 Version 1809
CVE-2025-54098 HIGHNo exploitation known Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally. CVSS v3.1...
CVE Alert: CVE-2025-54093 – Microsoft – Windows 10 Version 1809
CVE-2025-54093 HIGHNo exploitation known Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally....
CVE Alert: CVE-2025-54099 – Microsoft – Windows 10 Version 1809
CVE-2025-54099 HIGHNo exploitation known Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate...
Playing Ball Games In The Datacenter Was Obviously Stupid, But We Had To Win Theleague
Who, Me? Monday mornings see the resumption of endless coopetition between IT folks and those they strive to serve but...
Ubuntu Users Left Waiting After Canonical’s Servers Take Weekend Off
When is an outage not an outage? According to Canonical's forum, it's when a 36-minute server disruption creates a multi-day...
Anthropic To Pay At Least $1.5 Billion To Authors Whose Work It Knowinglypirated
AI upstart Anthropic has agreed to create a $1.5 billion fund it will use to compensate authors whose works it...
All It Work To Involve Ai By 2030, Says Gartner, But Jobs Are Safe
All work in IT departments will be done with the help of AI by 2030, according to analyst firm Gartner,...
Cisa Sounds Alarm Over Tp Link Wireless Routers Under Attack
Infosec in brief The US Cybersecurity and Infrastructure Security Agency (CISA) has said two flaws in routers made by Chinese...
Linus Has Had Enough Of Links That Point To ‘stupid Useless Garbage’
The latest release candidate for Linux is out, but before its release, Linus Torvalds had something he wanted to get...
Pre Owned Software Trial Kicks Off In Uk As Microsoft Pushes Resale Ban
Microsoft's tussle with UK-based reseller ValueLicensing over the sale of secondhand licenses returns to the UK's Competition Appeal Tribunal this...
Red Hat Back Office Team To Be Big And Blue Whether They Like It Or Not
IBM-owned subsidiary Red Hat is docking a bunch of its back-office staff, along with the techies that support them, into...
Dev Snared In Crypto Phishing Net, 18 Npm Packages Compromised
Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset of the...
Drift Massive Attack Traced Back To Loose Salesloft Github Account
The Salesloft Drift breach that compromised "hundreds" of companies including Google, Palo Alto Networks, and Cloudflare, all started with miscreants...
No Gains, Just Pains As 1.6m Fitness Phone Call Recordings Exposed Online
Exclusive Sensitive info from hundreds of thousands of gym customers and staff – including names, financial details, and potentially biometric...
Pacer Buckles Under Mfa Rollout As Courts Warn Of Support Delays
US courts have warned of delays as PACER, the system for accessing court documents, struggles to support users enrolling in...
What The Plex? Streaming Service Suffers Yet Another Password Spill
Streaming platform Plex is warning some users to reset their passwords after suffering yet another breach.The popular media server provider,...
More Packages Poisoned In Npm Attack, But Would Be Crypto Thieves Left Pocketchange
During the two-hour window on Monday in which hijacked npm versions were available for download, malware-laced packages reached one in...
Cobalt Strike Beacon Detected – 117[.]72[.]184[.]172:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
