Privacy Trust

on July 18, 2025 at 7:00 am — CVE-2025-49747 Azure Machine Learning Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-49747 Azure Machine Learning Elevation of Privilege Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-49746 Azure Machine Learning Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-49746 Azure Machine Learning Elevation of Privilege Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-47995 Azure Machine Learning Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-47995 Azure Machine Learning Elevation of Privilege Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-47158 Azure DevOps Server Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-47158 Azure DevOps Server Elevation of Privilege Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-53762 Microsoft Purview Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-53762 Microsoft Purview Elevation of Privilege Vulnerability Read More »

on July 17, 2025 at 10:00 am — MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities

Leave a Comment / Uncategorized / Privacy Trust

In April 2025 Cisco Talos identified a Malware-as-a-Service (MaaS) operation that utilized Amadey to deliver payloads. The MaaS operators used fake GitHub accounts to host payloads, tools and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use. Several operator tactics, techniques and procedures (TTPs) overlap with a SmokeLoader phishing

on July 17, 2025 at 10:00 am — MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities Read More »

on July 16, 2025 at 7:00 am — CVE-2024-36350 AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Corrected CVE number. This is an informational change only.

on July 16, 2025 at 7:00 am — CVE-2024-36350 AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue Read More »

on July 16, 2025 at 4:31 pm — Chromium: CVE-2025-7657 Use after free in WebRTC

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.

on July 16, 2025 at 4:31 pm — Chromium: CVE-2025-7657 Use after free in WebRTC Read More »