Yanac – Page 9 – Yet Another News Aggregator Channel

Apple has introduced new beta versions of system software for those enrolled in the Apple beta testing program, versioned as

News

December 16, 2025 Yanac

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed ‘GhostPoster’ is hiding JavaScript code in the image logo of malicious Firefox extensions counting more than 50,000

News

December 16, 2025 Yanac

SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users

SoundCloud confirms a breach affecting an estimated 20% of users, resulting in stolen email addresses. The company is dealing with

Security Vulns

December 16, 2025 Yanac

CVE-2025-46294 | Claris FileMaker Server up to 22.0.3 IIS Short Filename Enumeration information disclosure

A vulnerability classified as problematic was found in Claris FileMaker Server up to 22.0.3. Affected is an unknown function of

Security Vulns

December 16, 2025 Yanac

CVE-2025-68146 | tox-dev filelock up to 3.20.0 on Python UnixFileLock/WindowsFileLock os.open toctou (GHSA-w853-jp5j-5j7f)

A vulnerability, which was classified as problematic, has been found in tox-dev filelock up to 3.20.0 on Python. Affected by

Security Vulns

December 16, 2025 Yanac

CVE-2025-68142 | facelessuser pymdown-extensions up to 10.16.0 pymdownx.blocks.caption redos (GHSA-r6h4-mm7h-8pmq)

A vulnerability, which was classified as problematic, was found in facelessuser pymdown-extensions up to 10.16.0. Affected by this issue is

Security Vulns

December 16, 2025 Yanac

CVE-2025-46295 | Claris FileMaker Server up to 22.0.3 Apache Commons Text code injection

A vulnerability has been found in Claris FileMaker Server up to 22.0.3 and classified as critical. This affects an unknown

Security Vulns

December 16, 2025 Yanac

CVE-2023-53902 | WebsiteBaker 2.13.3 GET /admin/media/delete.php path path traversal (Exploit 51554 / EDB-51554)

A vulnerability was found in WebsiteBaker 2.13.3 and classified as critical. This vulnerability affects unknown code of the file /admin/media/delete.php

Security Vulns

December 16, 2025 Yanac

CVE-2023-53894 | Dulldusk phpfm 1.7.9 weak authentication (Exploit 51594 / EDB-51594)

A vulnerability was found in Dulldusk phpfm 1.7.9. It has been classified as critical. This issue affects some unknown processing.

Security Vulns

December 16, 2025 Yanac

CVE-2025-33225 | NVIDIA Resiliency Extension on Linux symlink

A vulnerability was found in NVIDIA Resiliency Extension on Linux. It has been declared as critical. Impacted is an unknown

Author: Yanac

First Beta of iOS 26.3 & macOS Tahoe 26.3 Released for Testing

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users

CVE-2025-46294 | Claris FileMaker Server up to 22.0.3 IIS Short Filename Enumeration information disclosure

CVE-2025-68146 | tox-dev filelock up to 3.20.0 on Python UnixFileLock/WindowsFileLock os.open toctou (GHSA-w853-jp5j-5j7f)

CVE-2025-68142 | facelessuser pymdown-extensions up to 10.16.0 pymdownx.blocks.caption redos (GHSA-r6h4-mm7h-8pmq)

CVE-2025-46295 | Claris FileMaker Server up to 22.0.3 Apache Commons Text code injection

CVE-2023-53902 | WebsiteBaker 2.13.3 GET /admin/media/delete.php path path traversal (Exploit 51554 / EDB-51554)

CVE-2023-53894 | Dulldusk phpfm 1.7.9 weak authentication (Exploit 51594 / EDB-51594)

CVE-2025-33225 | NVIDIA Resiliency Extension on Linux symlink