Just got slotted in for BSidesLV on talking about (you guessed it) #CVE:

https://bsideslv.org/talks#what-should-cve-be-when-it-grows-up

Hang out with me and @jayjacobs and @boblord and @taladrane and @securityledger and @lzxdc on Tuesday at 13:00.

And of course keep an eye on all of @runZeroInc's other Vegas haps at https://www.runzero.com/summer-camp-2025/ . We're freakin' everywhere this year.

From Check Point Research: SharePoint Servers’ Wide Targeting

Check Point Research updated on the wide exploitation wave using a critical zero-day remote code execution vulnerability (CVE-2025-53770), affecting on-premises Microsoft SharePoint servers. On July 24, Check Point Research found wide exploitation of the CVE, with more than 4600 compromise attempts on over 300 organizations, worldwide.

https://blog.checkpoint.com/research/sharepoint-zero-day-cve-2025-53770-actively-exploited-what-security-teams-need-to-know/

In the scope of GCVE and @circl we couldn't find a practical, publicly available, and accessible document that outlines best practices for vulnerability handling and disclosure.

So we created a new one, released under an open-source license, to which everyone can freely contribute.

PDF: https://gcve.eu/bcp/gcve-bcp-02/
HTML: https://gcve.eu/bcp/gcve-bcp-02/
Contributing: https://github.com/gcve-eu/gcve.eu/blob/main/content/bcp/gcve-bcp-02.md

New HIGH CVE detected in AWS Lambda
CVE-2025-49796 impacts libxml2 in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/312
More: https://lambdawatchdog.com/

New HIGH CVE detected in AWS Lambda
CVE-2025-49796 impacts libxml2 in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/312
More: https://lambdawatchdog.com/

New HIGH CVE detected in AWS Lambda
CVE-2025-49795 impacts libxml2 in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/311
More: https://lambdawatchdog.com/

New HIGH CVE detected in AWS Lambda
CVE-2025-49795 impacts libxml2 in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/311
More: https://lambdawatchdog.com/

New HIGH CVE detected in AWS Lambda
CVE-2025-49794 impacts libxml2 in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/310
More: https://lambdawatchdog.com/

New HIGH CVE detected in AWS Lambda
CVE-2025-49794 impacts libxml2 in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/310
More: https://lambdawatchdog.com/

New MEDIUM CVE detected in AWS Lambda
CVE-2025-5917 impacts libarchive in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/309
More: https://lambdawatchdog.com/

New MEDIUM CVE detected in AWS Lambda
CVE-2025-5917 impacts libarchive in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/309
More: https://lambdawatchdog.com/

New MEDIUM CVE detected in AWS Lambda
CVE-2025-5915 impacts libarchive in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/308
More: https://lambdawatchdog.com/

New MEDIUM CVE detected in AWS Lambda
CVE-2025-5915 impacts libarchive in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/308
More: https://lambdawatchdog.com/

New LOW CVE detected in AWS Lambda
CVE-2025-30258 impacts gnupg2-minimal in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/307
More: https://lambdawatchdog.com/

New LOW CVE detected in AWS Lambda
CVE-2025-30258 impacts gnupg2-minimal in 16 Lambda base images.

Details: https://github.com/aws/aws-lambda-base-images/issues/307
More: https://lambdawatchdog.com/

Lambda Watchdog CVE Report
Latest AWS Lambda image scan detected 18 CVEs across 25 images:
• Critical: 0
• High: 12
• Medium: 4
• Low: 2

Check the full report https://lambdawatchdog.com/
#AWS #Lambda #CVE #CloudSecurity #Serverless

Lambda Watchdog CVE Report
Latest AWS Lambda image scan detected 18 CVEs across 25 images:
• Critical: 0
• High: 12
• Medium: 4
• Low: 2

Check the full report https://lambdawatchdog.com/
#AWS #Lambda #CVE #CloudSecurity #Serverless

Severe Vulnerability in AI Vibe Lets Attackers Access Private User Applications https://gbhackers.com/severe-vulnerability-in-ai-vibe/ #CVE/vulnerability #CyberSecurityNews #Vulnerability #cybersecurity #AI

Arteche is now a CVE Numbering Authority (CNA) assigning CVE IDs for Arteche issues only

https://cve.org/Media/News/item/news/2025/07/29/Arteche-Added-as-CNA

#cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity

Seit 8 Jahren bin ich als Advisor im #CERT@#VDE tätig – und freue mich deshalb umso mehr darüber, dass es jetzt Deutschlands erste Root-#CNA geworden ist – herzliche Glückwünsche!

Mit dem #CVE-System werden seit über 25 Jahren Schwachstellen erfasst und mit einer eindeutigen Kennung versehen, um sie zur Mitigation zuordnen zu können. Root-CNAs haben die Aufgabe, die CVE Numbering Authorities (CNAs) zu koordinieren - eine verantwortungsvolle Position in der Cybersecurity:
https://www.heise.de/news/Security-CERT-VDE-wird-erste-deutsche-Schaltzentrale-fuer-Sicherheitsluecken-10502241.html