New #KDE apps, critical #CVEs, kernel updates, ethical #AI debates, #Linux tips, and seamless Windows apps on Tumbleweed. Don’t miss the latest roundup from Planet #openSUSE. https://news.opensuse.org/2026/01/09/planet-roundup/

The illustrious Greg KH finally reveals the mystical sorcery behind Linux kernel #security 🎩✨, because who doesn't love a riveting saga about #CVEs that nobody asked for 🤷‍♂️? Watch as he valiantly attempts to explain the unknowable to the already uninterested—again. 💤🔐
http://www.kroah.com/log/blog/2026/01/02/linux-kernel-security-work/ #LinuxKernel #GregKH #OpenSource #TechHumor #HackerNews #ngated

Qualcomm has detailed six high-priority vulnerabilities — including a critical secure boot flaw (CVE-2025-47372). Additional issues affect TZ Firmware, HLOS components, DSP, audio, and camera modules.

OEMs are receiving patches and users may need to check manufacturer timelines for deployment.
Follow us for more non-sensationalized security reporting.

Source: https://gbhackers.com/qualcomm-alerts-users-to-critical-flaws/

#Infosec #Qualcomm #SecureBoot #FirmwareSecurity #ThreatIntel #TechNadu #CVEs #DeviceSecurity

#OBS 2.10.29 is out. There are #security updates you shouldn’t skip. Multiple #CVEs were addressed in #RubyGem. If you’re running your own instance, update as soon as possible. https://openbuildservice.org/download/

NVD Delays Leave Defenders in the Dark — Early Visibility is Key
Tenable’s recent analysis shows a worrying pattern in vulnerability disclosure timing:
- 63,862 CVEs from 2024–2025
- 56% of PoCs released within 7 days
- NVD lagging by ~15 days
- Exploitation confirmed in as little as 5 days
This gap between CVE assignment, PoC publication, and NVD visibility creates exploitable blind spots for enterprises relying on traditional patch cycles.
💬 Security leaders - how do you bridge these gaps? Do you trust vendor advisories, exploit feeds, or telemetry-driven signals more?

👍 Like and follow @technadu for continuous coverage of emerging vulnerability management insights.

#InfoSec #CyberSecurity #VulnerabilityManagement #ThreatIntel #NVD #Exploit #RiskIntel #Tenable #CVEs #CyberDefense #ZeroDay #CVETracking #VulnDisclosure #TechNadu

Ally Petitt: Youngest OSCP at 16yo. Over 11 CVEs by 18

https://ally-petitt.com/en/posts/2024-05-07_how-i-became-a-hacker-before-i-finished-high-school/

#HackerNews #AllyPetitt #YoungestOSCP #Cybersecurity #CVEs #HackerNews

https://bun.com/docs/install/security-scanner-api - use #Bun's package scanner to protect against known #CVEs during `bun add` and `bun install`

this whole time i could of downloaded all the #cves lol

#memes
me:

August Tumbleweed includes fixes for several #CVEs. This like #GnuTLS heap overflows, and #PostgreSQL code execution. Roll and stay protected. https://news.opensuse.org/2025/09/02/tw-monthly-update-august/

Patch-aware and why you should care! Yes, it rhymes, and yes, it matters. Check out my new #TuxCare blog about Radar vulnerability scanning! https://tuxcare.com/blog/what-is-patch-aware-and-why-should-you-care/
#TuxCareRadar #CVEs

Regolith – Regex library that prevents ReDoS CVEs in TypeScript

https://github.com/JakeRoggenbuck/regolith

#HackerNews #Regolith #Regex #TypeScript #ReDoS #CVEs #OpenSource

Did you know?

The average cost of a data breach in the U.S. hit $9.36 million in 2024. Secure OS or not, no system survives poor patch hygiene.

#CVEs (Common Vulnerabilities and Exposures) aren’t just random codes floating on the internet.

But the fix is simple — Timely updates. Swift #patchmanagement Zero excuses.

Check out the blog to uncover:
Why delayed #macOS CVE updates lead to breaches

https://blog.scalefusion.com/macos-cve-updates/

Palo Alto: “LOL, we fixed 24 vulns in a random Tuesday update with no CVE alert. Why are you panicking?”

https://security.paloaltonetworks.com/PAN-SA-2025-0012

• No alerts
• No heads-up

Just a stealth patch buried in the advisory feed.

The stats:

• 24 total CVEs
• 11 High, 11 Medium
• 100% discovered externally
• Average patch delay: 4 FUCKING years for high severity

All bundled into one advisory.
Welcome to the Patch Gacha Machine:
Spin once, fix 24 vulnerabilities (maybe).

PAN CVEs age like wine… and compromise like whiskey.

#PANOS #CyberSecurity #CVEs #PatchAndPray #SilentFixes #PSIRTFail #MemeSec #BlueTeamLife #TrustButVerify

CISA Adds One Known Exploited Vulnerability to Catalog https://www.cisa.gov/news-events/alerts/2025/07/18/cisa-adds-one-known-exploited-vulnerability-catalog

#KEV #CVEs

Discover the true cost of CVEs & why moving beyond vulnerabilities is a MUST for effective cybersecurity! https://jpmellojr.blogspot.com/2025/07/the-true-cost-of-cves-why-you-need-to.html #Cybersecurity #CVEs #SecurityPrioritization #DevSecOps #Vulnerabilities

June’s #Tumbleweed update addresses #CVEs in libsoup, Firefox, #Python, libssh, #ClamAV, GDM, Salt & more. Keeping your system safe. Ensure you update and use snapper for peace-of-mind rollbacks. Stay secure! #opensource #openSUSE #Linux https://news.opensuse.org/2025/07/03/tw-monthly-update-june/

June’s #Tumbleweed update addresses #CVEs in libsoup, Firefox, #Python, libssh, #ClamAV, GDM, Salt & more. Keeping your system safe. Ensure you update and use snapper for peace-of-mind rollbacks. Stay secure! #opensource #openSUSE #Linux https://news.opensuse.org/2025/07/03/tw-monthly-update-june/

#Router #Vulnerability #Discovery for #Overseas #Systems. This article covers a large range of vulnerabilities in routers including #hardcoded #default #passwords and #router #misconfigurations with available #CVEs as well. Check it out and don’t miss a thing. Click the link below to learn more about it:

https://medium.com/@brotheralameen/discovery-of-a-vulnerability-on-routers-through-collaboration-with-a-scam-baiter-ce3901a1983c

#CVE #Common #Vulnerability and #Exposures #Routers #Improper #Access #Control #Router #Hacking #Critical #Vulnerability #WhiteHat #Hacker #Penetration #Testing #SecurityResearcher #Security #Cybersecurity #InformationSecurity

Ah, the eternal struggle of transforming core dumps into a never-ending flow of #CVEs 😱. LWN.net bravely tackles this "urgent" issue with their subscriber-only content because nothing screams #exclusivity like bug reports 🤦‍♂️. Remember, dear reader, subscribing might just be the key to unlocking the secrets of dump management! 💼✨
https://lwn.net/SubscriberLink/1024160/f18b880c8cd1eef1/ #coreDumps #LWNnet #bugReports #subscriberContent #HackerNews #ngated

Slowing the flow of core-dump-related CVEs

https://lwn.net/SubscriberLink/1024160/f18b880c8cd1eef1/

#HackerNews #Slowing #the #flow #of #core-dump-related #CVEs #cybersecurity #CVEs #core-dump #security #vulnerabilities #HackerNews