We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

national security risks

Zero-Day Flaw in PostgreSQL Exploited to Target BeyondTrust Systems
Tech Optimizer
August 4, 2025

Zero-Day Flaw in PostgreSQL Exploited to Target BeyondTrust Systems

A significant PostgreSQL vulnerability, CVE-2025–1094, was identified during the investigation of another vulnerability, CVE-2024–12356, which was exploited in the BeyondTrust breach in December 2024. The breach involved unauthorized access to BeyondTrust's systems and was linked to the state-sponsored hacking group Silk Typhoon from China. The U.S. Treasury Department confirmed its network was compromised through a stolen BeyondTrust API key. CVE-2025–1094 is an SQL injection vulnerability that allows attackers to execute arbitrary SQL commands due to improper handling of invalid UTF-8 byte sequences. Rapid7 found that CVE-2024–12356's exploitation relied on CVE-2025–1094, and that CVE-2025–1094 could be exploited independently. BeyondTrust issued patches for these vulnerabilities, but the patch for CVE-2024–12356 did not directly address the underlying cause of CVE-2025–1094. The exploitation of these vulnerabilities underscores the need for timely patching and proactive security measures in organizations using PostgreSQL.
Kaspersky Rolls Back for US Customers, Makes Way for UltraAV
Tech Optimizer
September 24, 2024

Kaspersky Rolls Back for US Customers, Makes Way for UltraAV

Kaspersky has withdrawn its anti-malware software from US customers due to a ban by the US Department of Commerce and has partnered with UltraAV to provide automatic replacements. Following its addition to the Entity List in June, Kaspersky ceased US operations and laid off its workforce. The Biden administration's ban was based on national security concerns. In September, Kaspersky informed customers about the transition to UltraAV, but communication was unclear, leading to user confusion. Some users expressed dissatisfaction with UltraAV, citing trust issues and difficulties with system scans. The transition took effect on September 19, with Kaspersky assuring customers of maintained security standards. Users have shared instructions for removing UltraAV, but the effectiveness of these solutions is uncertain.
US bans this 27-year-old antivirus company: What Russia has to say - Times of India
Tech Optimizer
June 22, 2024

US bans this 27-year-old antivirus company: What Russia has to say – Times of India

The US government has banned Kaspersky software due to national security and privacy risks stemming from the company's Russian origins. The ban will come into effect on July 20, preventing Kaspersky from selling products to individual customers and businesses. Users who already have Kaspersky antivirus can continue using it until September 29, but are advised to find an alternative as software and services will degrade.
US bans Kaspersky antivirus software due to national security risks - Help Net Security
Tech Optimizer
June 21, 2024

US bans Kaspersky antivirus software due to national security risks – Help Net Security

The US has banned Kaspersky from entering into new agreements with US persons for cybersecurity and antivirus products and services, as well as providing updates and operating the Kaspersky Security Network in the US. The ban was not unexpected, as Kaspersky has been previously removed from federal information systems and listed as a threat to national security. The ban is based on concerns that Kaspersky's software could potentially transfer sensitive information to Russia and leave US persons vulnerable to malware and exploitation. Kaspersky intends to pursue legal options to preserve its operations.
Search