CyberAlerts

Fedora 40 : dotnet9.0 (2025-78dcffbaa1)

Description: Nessus Plugin ID 234468 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-78dcffbaa1 advisory. This is the monthly update for .NET 9 for March 2025. Release Notes: - SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md - Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.mdTenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected dotnet9.0 package. Read more at https://www.tenable.com/plugins/nessus/234468

Source: Tenable Plugins

April 16th, 2025 (6 days ago)

Fedora 41 : php-tcpdf (2025-85549e07c8)

Description: Nessus Plugin ID 234469 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-85549e07c8 advisory. ## Version 6.9.1 (2025-04-03) - Fixed Path Traversal security vulnerability reported by Positive Technologies. ---- ## Version 6.9.0 (2025-03-30) - Added PHP 8.4 testing. - Removed tcpdf_import.php and tcpdf_parser.php files (for a parser check the tc-lib-pdf-parser project instead). - Fix composer.json.Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected php-tcpdf package. Read more at https://www.tenable.com/plugins/nessus/234469

Source: Tenable Plugins

April 16th, 2025 (6 days ago)

Fedora 40 : lemonldap-ng (2025-80dfa228e7)

Description: Nessus Plugin ID 234470 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-80dfa228e7 advisory. See https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected lemonldap-ng package. Read more at https://www.tenable.com/plugins/nessus/234470

Source: Tenable Plugins

April 16th, 2025 (6 days ago)

CVE-2024-54534

Azul Zulu Java Multiple Vulnerabilities (2025-04-15)

Description: Nessus Plugin ID 234471 with High Severity Synopsis Azul Zulu OpenJDK is affected by multiple vulnerabilities. Description The version of Azul Zulu installed on the remote host is 6 prior to 6.71 / 7 prior to 7.77 / 8 prior to 8.85.0.22 / 11 prior to 11.79.20 / 11 prior to 11.79.18 / 17 prior to 17.57.20 / 17 prior to 17.57.18 / 21 prior to 21.41.18 / 24 prior to 24.30.13 / 24 prior to 24.30.12. It is, therefore, affected by multiple vulnerabilities as referenced in the 2025-04-15 advisory. - The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. (CVE-2024-54534) - GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. The function gst_buffer_new_allocate then attempts to allocate memory, eventually calling _sysmem_new_block. The function _sysmem_new_block adds alignment and header size to the (unsigned...

Source: Tenable Plugins

April 16th, 2025 (6 days ago)

New macOS Spyware PasivRobber Linked to Chinese State Actors

Description: A newly discovered malware suite for macOS, dubbed PasivRobber, appears to be a highly advanced surveillance framework with links to Chinese tech firms known for developing government surveillance tools. First unearthed on March 13, 2025, by Kandji researchers, the toolset showcases a deep technical understanding of macOS internals and targets applications popular among Chinese users. … The post New macOS Spyware PasivRobber Linked to Chinese State Actors appeared first on CyberInsider.

Source: CyberInsider

April 16th, 2025 (6 days ago)

🏴‍☠️ Medusa has just published a new victim : Pawnee Heights Unified School District

Description: Pawnee Heights Unified School District ( founded 1949 ) a school district located in Rozel, Kansas. It provides academic services from elementary and secondary level. Pawnee Heights Unified School District corporate office is located in 100 Grand, Rozel, Kansas, 67574, United States and has 129 employees. The total amount of data leakage is 498.10 GB

Source: Ransomware.live

April 16th, 2025 (6 days ago)

🏴‍☠️ Dragonforce has just published a new victim : Setpoint Systems

Description: Setpoint Systems is a lean automation integration firm providing engineering, design, build, and controls experts for turn key custom automated solutions using the Toyota Production System (TPS) methodology. Since 1992 Setpoint has designed, manufactured, and marketed automated manufacturing equipment to increase productivity and quality for companies in a variety of industries. Setpoint has developed a methodology and system that mitigates customers risk and maximizes the customers return on investment.

Source: Ransomware.live

April 16th, 2025 (6 days ago)

🏴‍☠️ Dragonforce has just published a new victim : Pratt Homes

Description: Check out the videos below to learn more about our home selection, design, and building processes. Our company has always been a family affair ever since Uncle Doug moved into the first official Pratt Home in Scandia in 1973. Each newly married and with student loans to pay off, brothers Len and Lowell banded together, determined to create a legacy. They hired relatives and school friends as their business grew through the first start-up years. Now, nearly 1,000 families have chosen to make their dream homes with us, and we feel a deep sense of pride knowing that each home was built to our high standards and with our philosophy of quality construction and customer satisfaction. In 1976, the Pratts began the development side of their business with five homes in Forest Lake. Three years later, they commenced with their first large-scale project: Birch Lake Woods, building over 60 single family homes and 128 multiple condo units in White Bear Lake.

Source: Ransomware.live

April 16th, 2025 (6 days ago)

🏴‍☠️ Dragonforce has just published a new victim : Pryor Morrow

Description: Pryor Morrow is a firm specializing in architecture, engineering, and interior design, focused on serving schools, governments, and recreational facilities. With a commitment to building strong relationships, the company prioritizes client needs and aims to create impactful community spaces that enhance people's lives. Their experienced team, boasting over 200 years of combined experience, strives to deliver exceptional results while mentoring the next generation of designers. By designing innovative structures, they aim to leave a lasting legacy for future generations.

Source: Ransomware.live

April 16th, 2025 (6 days ago)

🏴‍☠️ Dragonforce has just published a new victim : KraftKisarna

Description: We at KraftKisarna mainly carry out electrical control and fire alarm installations, and maintain railways and train stations around Sweden. We also carry out complete electrical installations in infrastructure, lighting and power in track and track-related environments, associated peripheral areas such as walking – cycle paths and welcoming green areas. Also bridge, tunnel and platform work. Our staff has good experience and is specially trained to work safely on track and track environments. Despite our young age as a company, we have been able to carry out a large number of projects in the field of railways throughout Sweden. Our primary end customers are the Swedish Transport Administration, municipalities and industries.

Source: Ransomware.live

April 16th, 2025 (6 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Fedora 40 : dotnet9.0 (2025-78dcffbaa1) Description: Nessus Plugin ID 234468 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-78dcffbaa1 advisory. This is the monthly update for .NET 9 for March 2025. Release Notes: - SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md - Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.mdTenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected dotnet9.0 package. Read more at https://www.tenable.com/plugins/nessus/234468 Source: Tenable Plugins April 16th, 2025 (6 days ago)
	Fedora 41 : php-tcpdf (2025-85549e07c8) Description: Nessus Plugin ID 234469 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-85549e07c8 advisory. ## Version 6.9.1 (2025-04-03) - Fixed Path Traversal security vulnerability reported by Positive Technologies. ---- ## Version 6.9.0 (2025-03-30) - Added PHP 8.4 testing. - Removed tcpdf_import.php and tcpdf_parser.php files (for a parser check the tc-lib-pdf-parser project instead). - Fix composer.json.Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected php-tcpdf package. Read more at https://www.tenable.com/plugins/nessus/234469 Source: Tenable Plugins April 16th, 2025 (6 days ago)
	Fedora 40 : lemonldap-ng (2025-80dfa228e7) Description: Nessus Plugin ID 234470 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-80dfa228e7 advisory. See https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected lemonldap-ng package. Read more at https://www.tenable.com/plugins/nessus/234470 Source: Tenable Plugins April 16th, 2025 (6 days ago)
CVE-2024-54534	Azul Zulu Java Multiple Vulnerabilities (2025-04-15) Description: Nessus Plugin ID 234471 with High Severity Synopsis Azul Zulu OpenJDK is affected by multiple vulnerabilities. Description The version of Azul Zulu installed on the remote host is 6 prior to 6.71 / 7 prior to 7.77 / 8 prior to 8.85.0.22 / 11 prior to 11.79.20 / 11 prior to 11.79.18 / 17 prior to 17.57.20 / 17 prior to 17.57.18 / 21 prior to 21.41.18 / 24 prior to 24.30.13 / 24 prior to 24.30.12. It is, therefore, affected by multiple vulnerabilities as referenced in the 2025-04-15 advisory. - The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. (CVE-2024-54534) - GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. The function gst_buffer_new_allocate then attempts to allocate memory, eventually calling _sysmem_new_block. The function _sysmem_new_block adds alignment and header size to the (unsigned... Source: Tenable Plugins April 16th, 2025 (6 days ago)
	New macOS Spyware PasivRobber Linked to Chinese State Actors Description: A newly discovered malware suite for macOS, dubbed PasivRobber, appears to be a highly advanced surveillance framework with links to Chinese tech firms known for developing government surveillance tools. First unearthed on March 13, 2025, by Kandji researchers, the toolset showcases a deep technical understanding of macOS internals and targets applications popular among Chinese users. … The post New macOS Spyware PasivRobber Linked to Chinese State Actors appeared first on CyberInsider. Source: CyberInsider April 16th, 2025 (6 days ago)
	🏴‍☠️ Medusa has just published a new victim : Pawnee Heights Unified School District Description: Pawnee Heights Unified School District ( founded 1949 ) a school district located in Rozel, Kansas. It provides academic services from elementary and secondary level. Pawnee Heights Unified School District corporate office is located in 100 Grand, Rozel, Kansas, 67574, United States and has 129 employees. The total amount of data leakage is 498.10 GB Source: Ransomware.live April 16th, 2025 (6 days ago)
	🏴‍☠️ Dragonforce has just published a new victim : Setpoint Systems Description: Setpoint Systems is a lean automation integration firm providing engineering, design, build, and controls experts for turn key custom automated solutions using the Toyota Production System (TPS) methodology. Since 1992 Setpoint has designed, manufactured, and marketed automated manufacturing equipment to increase productivity and quality for companies in a variety of industries. Setpoint has developed a methodology and system that mitigates customers risk and maximizes the customers return on investment. Source: Ransomware.live April 16th, 2025 (6 days ago)
	🏴‍☠️ Dragonforce has just published a new victim : Pratt Homes Description: Check out the videos below to learn more about our home selection, design, and building processes. Our company has always been a family affair ever since Uncle Doug moved into the first official Pratt Home in Scandia in 1973. Each newly married and with student loans to pay off, brothers Len and Lowell banded together, determined to create a legacy. They hired relatives and school friends as their business grew through the first start-up years. Now, nearly 1,000 families have chosen to make their dream homes with us, and we feel a deep sense of pride knowing that each home was built to our high standards and with our philosophy of quality construction and customer satisfaction. In 1976, the Pratts began the development side of their business with five homes in Forest Lake. Three years later, they commenced with their first large-scale project: Birch Lake Woods, building over 60 single family homes and 128 multiple condo units in White Bear Lake. Source: Ransomware.live April 16th, 2025 (6 days ago)
	🏴‍☠️ Dragonforce has just published a new victim : Pryor Morrow Description: Pryor Morrow is a firm specializing in architecture, engineering, and interior design, focused on serving schools, governments, and recreational facilities. With a commitment to building strong relationships, the company prioritizes client needs and aims to create impactful community spaces that enhance people's lives. Their experienced team, boasting over 200 years of combined experience, strives to deliver exceptional results while mentoring the next generation of designers. By designing innovative structures, they aim to leave a lasting legacy for future generations. Source: Ransomware.live April 16th, 2025 (6 days ago)
	🏴‍☠️ Dragonforce has just published a new victim : KraftKisarna Description: We at KraftKisarna mainly carry out electrical control and fire alarm installations, and maintain railways and train stations around Sweden. We also carry out complete electrical installations in infrastructure, lighting and power in track and track-related environments, associated peripheral areas such as walking – cycle paths and welcoming green areas. Also bridge, tunnel and platform work. Our staff has good experience and is specially trained to work safely on track and track environments. Despite our young age as a company, we have been able to carry out a large number of projects in the field of railways throughout Sweden. Our primary end customers are the Swedish Transport Administration, municipalities and industries. Source: Ransomware.live April 16th, 2025 (6 days ago)