Infosec briefly A former US Military sergeant has admitted he tried to promote labeled information to China.

Joseph Daniel Schmidt final Friday pled guilty after the Feds charged him with utilizing his high secret clearance to steal labeled information that he retained till after he left the navy.

Schmidt later travelled overseas and whereas exterior the US contacted the Chinese language authorities.

As we reported when he was apprehended a pair years in the past, Schmidt’s tradecraft was amateurish as he despatched emails to the Chinese language authorities from electronic mail addresses registered in his identify and used Google to seek for subjects reminiscent of international locations that don’t extradite suspects to the USA, why telephone numbers for Chinese language consulates would not join, and which subreddits included helpful data on spying.

Schmidt faces as much as a decade behind bars and a $250,000 high quality.

Vital Libxml2 vulns reported

The widely-used XML parsing library libxml2 has a quintet of critical vulnerabilities – three of that are going to take some rewriting to repair.

Three of the vulnerabilities (CVE-2025-49794, CVE-2025-49795 and CVE-2025-49796) are all present in XML Schematron components of the library and might result in denial of service by pushing malformed XML paperwork to purposes utilizing the defective code, inflicting them to crash. As famous by lead libxml2 maintainer Nick Wellnhofer in an issue publish following the bug experiences, Schematron is “nearly unused as of late,” pushing him to name for elimination of Schematron assist to repair the problem.

“Such legacy code cannot be maintained indefinitely,” Wellnhofer famous.

The opposite two points, CVE-2025-6021 and CVE-2025-6170, might be answerable for buffer overflows and arbitrary code execution, respectively. Builders have mounted the buffer overflow concern, however Crimson Hat noted the code execution bug stays unresolved.

Extra important flaws to think about

Citrix final week patched its NetScaler ADC and NetScaler Gateway merchandise to handle a pair of important vulnerabilities. CVE-2025-5777, with a CVSS rating of 9.3, sees inadequate enter validation open a path for reminiscence overread. CVE-2025-5349, rated 8.7, entails improper entry management within the NetScaler Administration Interface.

It is time to revisit CVSS 8.8-rated CVE-2023-33538 as CISA final week added the flaw to its record of identified exploited vulnerabilities. The bug permits attackers to take advantage of a command injection flaw in a number of TP Hyperlink Wi-Fi routers. The insecure fashions are TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2.

AI improves spam

Spam emails now comprise fewer spelling and grammar errors, as a result of crooks have began utilizing AI to jot down them.

Barracuda Networks, Columbia College, and the College of Chicago teamed as much as analyze the content material of electronic mail spam from the November 2022 launch of ChatGPT to April 2025 and located that the share of spam written by a bot has steadily elevated to succeed in 51 %.

The researchers discovered spam written by AI comprises fewer errors than old-school spam messages, however the content material is essentially the identical. That, says Barracuda, suggests spammers are utilizing AI to enhance their writing, however to not provide you with new tips.

Barracuda additionally discovered that scammers wrote simply 14 % of emails despatched as a part of enterprise electronic mail compromise (BEC) campaigns utilizing AI. The community safety agency thinks that’s as a result of BEC assaults require customized emails to succeed, and AI shouldn’t be good at writing such focused texts.

Tens of millions of medical sufferers’ information uncovered

Unknown miscreants have stolen information describing round 5.4 million clients of healthcare know-how agency Episource.

The corporate, which gives a spread of tech providers within the healthcare sector, admitted to having data stolen in a breach notification letter revealed final week. Episource stated that the incident occurred someday between January 27 and February 6 of this yr, although it did not specify precisely how “a cybercriminal was in a position to see and take copies of some information in our laptop system.”

Whoever made off with the data accessed victims’ Social Safety numbers, dates of start, plus well being care information together with diagnoses, prescriptions, medical photographs, and therapy plans. The attackers additionally stole medical insurance information.

Exploit chain can crack common Linux distros

Menace researchers from cybersecurity agency Qualys have found a pair of vulnerabilities that, when chained collectively, may give an attacker full root entry on Ubuntu, Debian, Fedora and openSUSE Leap 15 programs.

Qualys researchers discovered the vulnerabilities. One impacts Pluggable Authentication Module (PAM) configuration and the opposite focusing on libblockdev through the udisks daemon widespread in lots of Linux programs, allowed them to raise an unprivileged attacker to full root standing.

Attackers can exploit the issues “with minimal effort” and utilizing nothing however built-in Linux elements, Qualys added.

“Given the ubiquity of udisks and the simplicity of the exploit, organizations should deal with this as a important, common threat and deploy patches at once,” Qualys stated. Proof-of-concept exploits to validate the vulnerability can be found on Qualys’ web site for those who need to see if their programs are in danger.

Fortunately, a easy configuration change is all that is obligatory to repair this concern – simply modify the polkit rule for “org.freedesktop.udisks2.modify-device” by setting “allow_active” to “auth_admin” as a substitute of merely “sure.” ®


Source link