Recent news in security

Security Vendor 

Threats Making WAVs – Incident Response to a Cryptomining Attack 

Yanac

Guardicore security researchers describe and uncover a full analysis of a cryptomining attack, which hid a cryptominer inside WAV files.

Mem3nt0 mori – The Hacking Team is back! 
Security Vendor 

Mem3nt0 mori – The Hacking Team is back! 

Yanac

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the

Security Vulns 

CVE-2025-11971 | GitLab Enterprise Edition up to 18.3.4/18.4.2/18.5.0 Pipeline Execution authorization (Patch 566587)

Yanac

A vulnerability categorized as problematic has been discovered in GitLab Enterprise Edition up to 18.3.4/18.4.2/18.5.0. Affected is an unknown function

Vendor

CERTs

Vulnerabilities

Threats Making WAVs – Incident Response to a Cryptomining Attack 

Yanac
Mem3nt0 mori – The Hacking Team is back! 

Mem3nt0 mori – The Hacking Team is back! 

Yanac

RIPE 91 Daily Meeting Blog – Friday 

Yanac
Cloud Discovery With AzureHound 

Cloud Discovery With AzureHound 

Yanac
How Cloudflare’s client-side security made the npm supply chain attack a non-event 

How Cloudflare’s client-side security made the npm supply chain attack a non-event 

Yanac
Why Threat Actors Succeed 

Why Threat Actors Succeed 

Yanac
The Good, the Bad and the Ugly in Cybersecurity – Week 43 

The Good, the Bad and the Ugly in Cybersecurity – Week 43 

Yanac
Privacy rankings of popular messaging apps in 2025 | Kaspersky official blog 

Privacy rankings of popular messaging apps in 2025 | Kaspersky official blog 

Yanac
Securing agentic commerce: helping AI Agents transact with Visa and Mastercard 

Securing agentic commerce: helping AI Agents transact with Visa and Mastercard 

Yanac

From Dream Job to Malware: DreamLoaders in Lazarus’ Recent Campaign 

Yanac

Radio-Frequency Attacks: Securing the OSI Stack

Yanac

Vulnerability in NetBird VPN software

Yanac

Podatność w oprogramowaniu NetBird VPN

Yanac

Vulnerability in SIMPLE.ERP software

Yanac

Podatność w oprogramowaniu SIMPLE.ERP

Yanac

Cyber security is business survival

Yanac

Getting your organisation ready for Windows 11 upgrade before Autumn 2025

Yanac

What’s New in SSVC: Build, Explore, and Evolve Your Decision Models

Yanac

Phishing attacks: defending your organisation

Yanac

Maintaining a sustainable strengthened cyber security posture

Yanac

CVE-2025-11971 | GitLab Enterprise Edition up to 18.3.4/18.4.2/18.5.0 Pipeline Execution authorization (Patch 566587)

Yanac

CVE-2025-11447 | GitLab Community Edition/Enterprise Edition up to 18.3.4/18.4.2/18.5.0 JSON allocation of resources (Patch 574858)

Yanac

CVE-2025-10497 | GitLab Community Edition/Enterprise Edition up to 18.3.4/18.4.2/18.5.0 allocation of resources (Patch 570336)

Yanac

CVE-2025-11974 | GitLab Community Edition/Enterprise Edition up to 18.3.4/18.4.2/18.5.0 API Endpoint allocation of resources (Patch 571761)

Yanac

CVE-2025-6601 | GitLab Enterprise Edition up to 18.4.2/18.5.0 logic error (Patch 551267)

Yanac

CVE-2025-11989 | GitLab Enterprise Edition up to 18.3.4/18.4.2/18.5.0 Description authorization (Patch 1426)

Yanac

CVE-2025-12287 | Bdtask Wholesale Inventory Control and Inventory Management System edit_profile sql injection

Yanac

CVE-2025-12288 | Bdtask Pharmacy Management System up to 9.4 User Profile /user/edit_user/ authorization

Yanac

CVE-2025-12289 | Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System 1001 cross site scripting

Yanac

CVE-2025-12290 | Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System /i/359 cross site scripting

Yanac