#cyberwatch — Public Fediverse posts

CVE-2025-14558 is a 9.8-severity vulnerability in FreeBSD's IPv6 auto-configuration that lets attackers execute arbitrary code with a single crafted network packet. FreeBSD released patches on December 16, 2024, but the threat escalated when multiple proof-of-concept exploits hit GitHub about two weeks ago.

Read More: https://www.security.land/freebsd-ipv6-flaw-enables-remote-code-execution-attacks/

#SecurityLand #CyberWatch #FreeBSD #Cybersecurity #VulnerabilityManagement #IPv6 #CVE

A devastating security flaw has been discovered in OpenAI’s ChatGPT that could silently steal your Gmail data without you ever knowing. Security firm Radware has uncovered what they’re calling “ShadowLeak”.

#SecurityLand #CyberWatch #OpenAI #ChatGPT #Radware #Vulnerability #ShadowLeak

Read More: https://www.security.land/zero-click-chatgpt-vulnerability-exposes-gmail-data-without-user-knowledge/

A devastating security flaw has been discovered in OpenAI’s ChatGPT that could silently steal your Gmail data without you ever knowing. Security firm Radware has uncovered what they’re calling “ShadowLeak”.

#SecurityLand #CyberWatch #OpenAI #ChatGPT #Radware #Vulnerability #ShadowLeak

Read More: https://www.security.land/zero-click-chatgpt-vulnerability-exposes-gmail-data-without-user-knowledge/

A devastating security flaw has been discovered in OpenAI’s ChatGPT that could silently steal your Gmail data without you ever knowing. Security firm Radware has uncovered what they’re calling “ShadowLeak”.

#SecurityLand #CyberWatch #OpenAI #ChatGPT #Radware #Vulnerability #ShadowLeak

Read More: https://www.security.land/zero-click-chatgpt-vulnerability-exposes-gmail-data-without-user-knowledge/

A devastating security flaw has been discovered in OpenAI’s ChatGPT that could silently steal your Gmail data without you ever knowing. Security firm Radware has uncovered what they’re calling “ShadowLeak”.

#SecurityLand #CyberWatch #OpenAI #ChatGPT #Radware #Vulnerability #ShadowLeak

Read More: https://www.security.land/zero-click-chatgpt-vulnerability-exposes-gmail-data-without-user-knowledge/

A devastating security flaw has been discovered in OpenAI’s ChatGPT that could silently steal your Gmail data without you ever knowing. Security firm Radware has uncovered what they’re calling “ShadowLeak”.

#SecurityLand #CyberWatch #OpenAI #ChatGPT #Radware #Vulnerability #ShadowLeak

Read More: https://www.security.land/zero-click-chatgpt-vulnerability-exposes-gmail-data-without-user-knowledge/

🚨 Sophisticated "Shai-Hulud" worm compromises 187+ NPM packages in devastating supply chain attack. The self-replicating malware steals dev credentials and publicly exposes them on GitHub. CrowdStrike among victims. JavaScript ecosystem under siege.

#SecurityLand #CyberWatch #CyberSecurity #NPM #SupplyChain #ShaiHulud #Github #Javascript

Read More: https://www.security.land/npm-under-attack-shai-hulud-worm-compromises-187-packages-in-major-supply-chain-breach/

pgAdmin CVE-2025-9636 vulnerability enables OAuth session hijacking, threatening PostgreSQL database security. Database administrators must prioritize pgAdmin 9.8 upgrade immediately. Essential reading for cybersecurity professionals.

#SecurityLand #CyberWatch #Cybersecurity #PostgreSQL #DatabaseSecurity #CVE #OAuth #pgAdmin

Read More: https://www.security.land/critical-pgadmin-cve-2025-9636-vulnerability-enables-oauth-session-hijacking-and-account-takeover/

🚨Critical security vulnerability (CVSS 10.0) discovered in Pterodactyl Panel! Attackers can execute code without authentication. Game server admins must update to v1.11.11 immediately to prevent compromise.

#SecurityLand #CyberWatch #Cybersecurity #GameServers #Pterodactyl #SecurityVulnerability #CVSS

https://www.security.land/critical-security-flaw-discovered-in-pterodactyl-panel-immediate-action-required

Critical security flaws discovered in VMware core products including vCenter Server and ESXi. Vulnerabilities could allow command execution and service disruption. Updates available now to protect your infrastructure.

#SecurityLand #CyberWatch #Broadcom #VMware #Vulnerability #PatchNow #SecurityVulnerability #Technology

Read More: https://www.security.land/multiple-security-vulnerabilities-discovered-in-vmware-products-including-vcenter-server-and-esxi/

CISA has issued an urgent advisory about six actively exploited vulnerabilities affecting Ivanti EPMM, Zimbra, Output Messenger, and other enterprise systems. Learn which systems are at risk and what actions your organization should take immediately to protect critical infrastructure.

#SecurityLand #CyberWatch #CISA #Vulnerability #Ivanti #EPMM #Zimbra #OutputMessenger #EnterpriseSecurity #SecurityExploit #CriticalInfrastructure #Government

Read More: https://www.security.land/us-government-warns-about-six-actively-exploited-vulnerabilities/

🚨 A critical vulnerability (CVE-2025-47275) in the Auth0 SDK exposes Symfony, Laravel, and WordPress users to brute-force session attacks. Okta has released patches—learn how to protect your application now.

#SecurityLand #CyberWatch #Auth0 #Okta #PHP #Laravel #WordPress #Symfony #Vulnerability #Patch

Read More: https://www.security.land/critical-vulnerability-found-in-auth0-sdk-patch-released-for-php-symfony-laravel-and-wordpress/

🚨 A severe SQL injection vulnerability (CVE-2025-46337) has been discovered in the ADOdb PostgreSQL driver. Developers using PHP + PostgreSQL must update to version 5.22.9 immediately to stay secure.

#SecurityLand #CyberWatch #SecurityVulnerability #CVE #ADOdb #PostgreSQL #PHP #SQLInjection

Read More: https://www.security.land/critical-sql-injection-vulnerability-found-in-adodb-postgresql-driver/