Google’s Real-World Testing Shows Rust Reduces Android Memory Vulnerability Rate by 1000 Times Compared to C/C++!

Google's Real-World Testing Shows Rust Reduces Android Memory Vulnerability Rate by 1000 Times Compared to C/C++!

Source: CSDN (ID: CSDNnews) In recent years, Rust has become a rather controversial programming language. On one hand, many U.S. government agencies have publicly called for a shift away from C/C++ towards memory-safe programming languages like Rust. At the same time, major companies are competing to embrace Rust, emphasizing that it allows for writing safer … Read more

The Bluetooth Headset Zero-Day Vulnerability: How EN18031 Strengthens Security for Personal Devices

The Bluetooth Headset Zero-Day Vulnerability: How EN18031 Strengthens Security for Personal Devices

1.Invisible Eavesdropping Within 10 Meters: Real Scenarios of Bluetooth Headset Vulnerabilities A user regularly uses a well-known brand of true wireless Bluetooth headset (equipped with the Airoha chipset) for commuting to listen to music and making calls, unaware that the device has a critical security vulnerability. An attacker exploited the systemic security flaw in the … Read more

Vulnerability in Dahua ICC Smart IoT Comprehensive Management Platform Allows Arbitrary File Reading

Vulnerability in Dahua ICC Smart IoT Comprehensive Management Platform Allows Arbitrary File Reading

Impacted Component Dahua ICC Smart IoT Comprehensive Management Platform Vulnerability Description The Dahua ICC Smart IoT Comprehensive Management Platform download has a file reading vulnerability, allowing attackers to read sensitive configuration file information. Recommended Fix Install Changting Leichi interception and upgrade to the latest version promptly. Starry巡平台 Platform Usage Instructions: https://ruisika.github.io/xunxing/intro/ Join the community to … Read more

Critical Vulnerability in Ubuntu Linux Kernel

Critical Vulnerability in Ubuntu Linux Kernel

Ubuntu Linux has been exposed to a critical vulnerability that affects systems running the 6.8.0-60-generic kernel version of Ubuntu 24.04.2. Local attackers can exploit this vulnerability to escalate privileges and ultimately gain root access on the affected systems. This vulnerability arises from an imbalance in reference counting within the af_unix subsystem, leading to a use-after-free … Read more

CVE-2025-32463: Local Privilege Escalation Vulnerability in Linux sudo (POC)

CVE-2025-32463: Local Privilege Escalation Vulnerability in Linux sudo (POC)

0x00 Introduction The Linux system is anopen-source Unix-like operating system kernel,which, due to its powerful customizability and stability, has been widely used in various fields such as servers, mobile devices, and IoT devices. Throughout its development, the Linux system has attracted developers from around the world, forming a strong community. It is licensed under the … Read more

Reflections on Safety Incidents in the Robotics Industry: Foreign Media Reveals High-Risk Vulnerability UniPwn in Unitree Robotics, Enabling Worm-like Attacks for Cluster Control

Reflections on Safety Incidents in the Robotics Industry: Foreign Media Reveals High-Risk Vulnerability UniPwn in Unitree Robotics, Enabling Worm-like Attacks for Cluster Control

Registration: European Humanoid Robot Summit 2025 Abstract:The Andreas team discovered the UniPwn vulnerability in Unitree Robotics, which allows worm-like attacks to gain root access, affecting devices in multiple scenarios. In conjunction with IEEE/ISO standards, experts recommend disabling Bluetooth and implementing network isolation, while manufacturers need to reconstruct their security systems. 1. Core Information on the … Read more

Linux Kernel ksmbd Vulnerability Allows Remote Attackers to Execute Arbitrary Code (CVE-2025-38561)

Linux Kernel ksmbd Vulnerability Allows Remote Attackers to Execute Arbitrary Code (CVE-2025-38561)

Part01 Vulnerability Overview A high-risk vulnerability has been disclosed in the ksmbd SMB server implementation of the Linux kernel, which may allow authenticated remote attackers to execute arbitrary code on affected systems. This vulnerability is identified as CVE-2025-38561, with a CVSS score of 8.5, posing a significant security risk to Linux systems utilizing kernel-based SMB … Read more

High-Risk Vulnerability Alert: Linux Kernel DRM Vulnerability CVE-2025-39882

High-Risk Vulnerability Alert: Linux Kernel DRM Vulnerability CVE-2025-39882

Vulnerability Description: In the Linux kernel, the following vulnerability has been fixed in drm/mediatek: a potential use-after-free issue in the for_each_child_of_node() helper function, which releases each node reference it acquires while traversing child nodes. The explicit call to of_node_put() is only required when exiting the loop prematurely, removing the recently introduced unnecessary reference count decrement … Read more

Operation Triangulation: The Last (Hardware) Mystery

Operation Triangulation: The Last (Hardware) Mystery

Disclaimer:The programs (methods) mentioned in this article may be offensive and are intended for security research and educational purposes only. Readers assume all legal and joint responsibilities for any other use of this information; the author of the article bears no legal or joint responsibility. This article was first published on the author’s personal blog:https://mybeibei.net, … Read more

Linux Kernel Netfilter Vulnerability Allows Privilege Escalation for Attackers

Linux Kernel Netfilter Vulnerability Allows Privilege Escalation for Attackers

Source: freebuf Part01 Vulnerability Overview A critical vulnerability has been discovered in the ipset subsystem of the Linux kernel netfilter, allowing local attackers to escalate their privileges to root level. This vulnerability exists in the bitmap:ip implementation of the ipset framework, stemming from insufficient range validation when processing CIDR format IP address ranges. Due to … Read more