Geek-Guy.com

Category: Exploits

Exploits, Global Security News, Security Bloggers Network

Reality Bites: You’re Only as Secure as Your Last API Deployment

In agile and DevOps-driven environments, APIs are frequently updated to meet evolving business demands, from adding new features to addressing performance issues. However, each deployment introduces potential security risks, as new code, configurations, and endpoints can expose vulnerabilities. In an environment of continuous integration and continuous deployment (CI/CD), the security of an organization’s APIs hinges…

Read more →

Exploits, Global Security News

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below – CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF

Read more →

Exploits, Global Security News

NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems

A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focused software that’s used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability to backup, restore, and clone data resources. The vulnerability, tracked as

Read more →

Exploits, Global Security News, Security

Die 10 häufigsten IT-Sicherheitsfehler

srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?quality=50&strip=all 12500w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=300%2C200&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=768%2C512&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=1024%2C683&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=1536%2C1024&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=2048%2C1365&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=1240%2C826&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=150%2C100&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=1046%2C697&quality=50&strip=all 1046w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=252%2C168&quality=50&strip=all 252w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=126%2C84&quality=50&strip=all 126w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=720%2C480&quality=50&strip=all 720w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=540%2C360&quality=50&strip=all 540w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=375%2C250&quality=50&strip=all 375w” width=”1024″ height=”683″ sizes=”(max-width: 1024px) 100vw, 1024px”>Von ungepatchten Sicherheitslücken bis hin zu unzureichenden Backups: Lesen Sie, wie sich die häufigsten IT-Sicherheitsfehler vermeiden lassen.   eamesBot – Shutterstock.com Verschlüsselte…

Read more →

Blog, Exploits, Global Security News, Methodology, Security, Security Bloggers Network, services, Strategic

Generative AI: threat or opportunity? It depends on your adaptive speed!

Now that AI reasoning capabilities are blasting and becoming accessible, folks tend to argue that generative AI will bring us a new era of exploitation. More zero days, more vulnerabilities, more sophisticated, and in higher frequency. The emergence of more new exploitation techniques will significantly increase the number of new vulnerabilities. We have seen in…

Read more →

Cloud Security, Cybersecurity, Exploits, Global Security News, Kubernetes, Nginx, open source, open source software, Research, Threats

String of defects in popular Kubernetes component puts 40% of cloud environments at risk

More than 40% of cloud environments are at risk of an account takeover due to a series of five recently discovered vulnerabilities — one regarded critical — in the Ingress Ngnix Controller for Kubernetes, according to security research published this week. Upon discovering the string of vulnerabilities in one of most widely used ingress controllers…

Read more →

Exploits, Global Security News, Security Bloggers Network, zero day

Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 & CVE-2025-2747)

Recently, two critical security flaws were discovered in Kentico Xperience 13, a popular digital experience platform (CMS). Tracked as CVE-2025-2746 and CVE-2025-2747, these vulnerabilities allow unauthenticated attackers to bypass the Staging Sync Server’s authentication, potentially gaining administrative control over the CMS. Both issues carry a CVSS score of 9.8 (Critical) (Warning: Multiple Critical & High……

Read more →

Exploits, Global Security News

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and information stealers such as Rhadamanthys and StealC. “In this attack, the threat actor manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

VMware plugs a high-risk vulnerability affecting its Windows-based virtualization

Broadcom is warning customers of a high-severity, authentication bypass flaw, now fixed, affecting VMWare Tools for Windows. Tracked as CVE-2025-22230, the issue stems from improper access control and could allow privilege escalation on the affected system. “An authentication bypass vulnerability in VMware Tools for Windows was privately reported to VMware,” said Broadcom in a security…

Read more →

Exploits, Global Security News

Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia.  The vulnerability, tracked as CVE-2025-2783, has been described as a case of “incorrect handle provided in unspecified circumstances in Mojo on…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

Critical RCE flaws put Kubernetes clusters at risk of takeover

The Kubernetes project has released patches for five vulnerabilities in a widely used popular component called the Ingress NGINX Controller that’s used to route external traffic to Kubernetes services. If exploited, the flaw could allow attackers to completely take over entire clusters. “Based on our analysis, about 43% of cloud environments are vulnerable to these…

Read more →

Exploits, Global Security News, Technology

U.S. Officials Called Signal a Tool for Terrorists and Criminals. Now They’re Using It.

For years, U.S. officials villainized end-to-end encrypted messaging apps like Signal as the domain of criminals and terrorists and a threat to national security. As fallout over a Signal group chat about Yemen war plans ricocheted through Washington, however, CIA Director John Ratcliffe revealed at a Senate Intelligence Committee hearing on Tuesday that the app…

Read more →

Cybercrime, Email Security, Phishing, Security, Social Engineering, Exploits, Global Security News

11 ways cybercriminals are making phishing more potent than ever

Phishing has long been a primary source for security breaches — a major issue that, despite years of security awareness training, remains a top cybersecurity concern today. But thanks to refinements of tactics alongside malign repurposing of AI technologies, the longstanding social engineering technique continues to evolve, and cybercriminals are finding new ways to try…

Read more →

Exploits, Global Security News, Security Bloggers Network

CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare

Frequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare. Background The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding IngressNightmare. FAQ What is IngressNightmare? IngressNightmare is the name given to a series of vulnerabilities in the Ingress NGINX Controller…

Read more →

CVE, Cybersecurity, Exploits, Global Security News, Next.js, open source, open source software, Research, vulnerability, vulnerability disclosure

Researchers raise alarm about critical Next.js vulnerability

Researchers warn that attackers could exploit a recently discovered critical vulnerability in the open-source JavaScript framework Next.js to bypass authorization in middleware and gain access to targeted systems. Vercel, the San Francisco-based company that created and maintains Next.js, released a patch for CVE-2025-29927 in Next.js 15.2.3 on March 18 and published a security advisory on…

Read more →

23andMe, Bankruptcy, biometric data, Exploits, Global Security News, privacy

As 23andMe declares bankruptcy, privacy advocates sound alarm about DNA data

Genetic testing business 23andMe filed for bankruptcy Sunday, amplifying fears from privacy advocates that the DNA records and personal information of its 15 million customers could soon be up for sale to the highest bidder. 23andMe, which was once valued at $6 billion, has been experiencing financial distress and declining profits since going public in…

Read more →

Data Breach, Security, Exploits, Global Security News

Oracle Cloud breach may impact 140,000 enterprise customers

A threat actor has reportedly breached Oracle Cloud infrastructure, exfiltrating six million sensitive authentication records and potentially endangering more than 140,000 enterprise customers. The attacker is now demanding ransom payments while actively marketing the stolen data on underground forums, according to threat intelligence firm CloudSEK. Security researchers at CloudSEK’s XVigil team discovered the breach on…

Read more →

Exploits, Global Security News

Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks

A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions. The vulnerability, tracked as CVE-2025-29927, carries a CVSS score of 9.1 out of 10.0. “Next.js uses an internal header x-middleware-subrequest to prevent recursive requests from triggering infinite loops,” Next.js said in…

Read more →

Cybersecurity, Exploits, Global Security News, Government, Uncategorized

Despite challenges, the CVE program is a public-private partnership that has shown resilience

In 1999, Dave Mann and Steve Christey, two researchers from the nonprofit R&D corporation MITRE,  debuted a concept for security vulnerabilities that laid the groundwork for the common vulnerability and exposures framework (CVE) that organizes information around computer vulnerabilities. Twenty-five years later, the CVE program, which assigns a unique record to each reported vulnerability, is…

Read more →

Application Security, Exploits, Global Security News

Kubernetes Security: Wie Sie Ihre Cluster (besser) absichern

Anatoliy Eremin | shutterstock.com Kubernetes hat sich unter Enterprise-Softwareentwicklern zu einem durchschlagenden Erfolg entwickelt. Das veranlasst kriminelle Hacker zunehmend dazu, entsprechende Installationen mit speziell entwickelten Exploits anzugreifen. Dabei werden die Bedrohungsakteure immer besser darin, ihre Schadsoftware zu verstecken, (triviale) Sicherheitskontrollen zu umgehen und sich lateral durch Netzwerke zu bewegen, um weiteren Schaden anzurichten. Wie die…

Read more →

Exploits, Global Security News

GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets

The supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope. “The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for…

Read more →

Exploits, Global Security News, Network Security, Vulnerabilities

Attackers probing backdoor flaw in popular Cisco Smart Licensing Utility, warns SANS

Organizations running Cisco’s Smart Licensing Utility (CSLU) should update their software as soon as possible to fix two serious vulnerabilities, the SANS Technology Institute has urged. The CSLU is a tool used primarily in smaller, on-premises and air-gapped networks as a way to manage Cisco licenses without having to resort to the more complex cloud-based…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

CISA marks NAKIVO’s critical backup vulnerability as actively exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a patched, high-severity vulnerability affecting NAKIVO’s backup and replication software to its known exploited vulnerability (KEV) catalog. The flaw, tracked as CVE-2024-48248, is a path traversal issue that received a high severity rating with CVSS 8.6 out of 10 and was marked “critical” by NAKIVO in…

Read more →

Careers, Certifications, IT Skills, IT Training , Security, Exploits, Global Security News

11 hottest IT security certs for higher pay today

With change a constant, IT professionals looking to improve their careers can benefit from the latest insights into employers’ needs. Data from Foote Partners on the skills and certification most in demand today may provide helpful signposts. Analyzing more than 640 certifications as part of its 4Q 2024 “IT Skills Demand and Pay Trends Report,” Foote Partners…

Read more →

Exploits, Global Security News

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below –  CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in…

Read more →

Data and Information Security, Remote Access Security, Vulnerabilities, Exploits, Global Security News

Critical remote code execution flaw patched in Veeam backup servers

Data resilience solutions provider Veeam Software released a critical patch for its Veeam Backup & Replication product. The update fixes a deserialization issue that can result in remote code execution as the SYSTEM user on the underlying Windows server. The issue can be exploited by any authenticated account that’s part of the local users group…

Read more →

Exploits, Global Security News, Security Bloggers Network

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Artificial intelligence (AI) has rapidly shifted from buzz to business necessity over the past year—something Zscaler has seen firsthand while pioneering AI-powered solutions and tracking enterprise AI/ML activity in the world’s largest security cloud.As enterprises embrace AI to boost productivity, accelerate decision-making, and automate workflows, to name a few benefits, cybercriminals are using the same…

Read more →

APT37, APT43, china, Cybercrime, Cybersecurity, Evil Corp, Exploits, Global Security News, Government, India, Iran, Microsoft, microsoft windows, nation state threats, nation-state hackers, North Korea, pakistan, Ransomware, Research, Russia, Stanford University, Threats, trend micro, vulnerability, Windows, Zero Day Initiative, zero days

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day

Cybercriminals working on behalf of at least six nation-states are actively exploiting a zero-day vulnerability in Microsoft Windows to commit espionage, steal data and cryptocurrency, according to Trend Micro researchers. The vulnerability, which Trend Micro tracks as ZDI-CAN-25373, allows attackers to execute hidden malicious commands due to the way Windows displays the contents of shortcut…

Read more →

cyberattacks, Cybersecurity, exploit, Exploits, Global Security News, Security Bloggers Network, Threats, vulnerability, zero day

Application Detection and Response Analysis: Why ADR? How ADR Works, and ADR Benefits

Two highly respected technology analysts from different cybersecurity disciplines are coming together to recommend that companies consider Application Detection and Response. Organizations face a constant barrage of cyber threats, including zero-day vulnerabilities that can exploit unknown weaknesses in software. Traditional security solutions often fall short in detecting and responding to these attacks, leaving organizations vulnerable.…

Read more →

Exploits, Global Security News, Security, Zero-Day Vulnerabilities

New Windows zero-day feared abused in widespread espionage for years

A zero-day vulnerability stemming from how Windows User Interface handles its shortcut (.lnk) files has been exploited by at least 11 nation-state actors in widespread threat campaigns. According to an analysis by Trend Zero Day Initiative (ZDI), the bug bounty and vulnerability disclosure program that first found and reported the flaw to Microsoft, the vulnerability…

Read more →

Exploits, Global Security News, Security

Hacker nutzen alte Windows-Sicherheitslücke aus – Microsoft tut nichts

Timepopo – shutterstock.com Experten des Sicherheits-Unternehmens Trend Micro haben eine als ZDI-CAN-25373 bezeichnete Sicherheitslücke in Windows entdeckt, die Angreifer seit mindestens 2017 ausnutzen. Über die Lücke können die Angreifer Schadcode auf den betroffenen Windows-Rechnern ausführen, sofern der Benutzer eine verseuchte Webseite besucht oder eine infizierte Datei öffnet. Die Lücke steckt in der Vorgehensweise, wie Windows .lnk-Dateien (Verknüpfungsdateien) verarbeitet.…

Read more →

Exploits, Global Security News

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to

Read more →

Access Control, Cloud Security, Identity and Access Management, Security Practices, Exploits, Global Security News

DOGE’s cost-cutting database dives offer cybersecurity pros vital lessons in cloud security

Cybersecurity has been politically agnostic until recently, but with the many rapid changes introduced by the Trump administration, it has become somewhat politicized and fraught with questions and self-examination. Claims on social media, rumors, and information disseminated by questionable sources are having a palpable impact on the security world, even at the highest of levels…

Read more →

Exploits, Global Security News, News Alerts, SBN News, Security Bloggers Network, Top Stories

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

Austin, TX, Ma. 19, 2025, CyberNewswire — The average corporate user now has 146 stolen records linked to their identity, an average 12x increase from previous estimates, reflecting a surge in holistic identity exposures. SpyCloud, the leading identity threat … (more…) The post News alert: SpyCloud study shows Darknet identity exploitation arising to become a…

Read more →

Exploits, Global Security News

Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners

Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code. Cybersecurity company

Read more →

Exploits, Global Security News

Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia

The recently leaked trove of internal chat logs among members of the Black Basta ransomware operation has revealed possible connections between the e-crime gang and Russian authorities. The leak, containing over 200,000 messages from September 2023 to September 2024, was published by a Telegram user @ExploitWhispers last month. According to an analysis of the messages…

Read more →

Data Breach, Security, Zero-Day Vulnerabilities, Exploits, Global Security News

About 22k WAB customers impacted by a zero-day attack on a third-party vendor

Western Alliance Bank (WAB) has disclosed that a data breach at its third-party vendor’s secure file transfer software has compromised personal information for nearly 22,000 customers. In a letter to potentially affected customers, the Arizona-based regional bank–operating over 50 branches with $80 billion in assets–disclosed that forensic analysis indicated unauthorized access to financial data, social…

Read more →

Exploits, Global Security News

Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems

Cybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT) environments, that could allow malicious actors to take control of susceptible systems. “These vulnerabilities, if exploited, could grant unauthorized access to industrial control networks, potentially

Read more →

Exploits, Global Security News

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog. The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote

Read more →

Authentication, Vulnerabilities, Exploits, Global Security News

Critical vulnerability in AMI MegaRAC BMC allows servers’ takeover

Researchers found a critical vulnerability in the AMI MegaRAC baseband management controller (BMC) used by multiple server manufacturers. The vulnerability could allow attackers to bypass authentication and take control of the vulnerable server over the Redfish management interface. “Exploitation of this vulnerability allows an attacker to remotely control the compromised server, remotely deploy malware, ransomware,…

Read more →

Exploits, Global Security News

New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking

A critical security vulnerability has been disclosed in AMI’s MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity. “A local or remote attacker can exploit the vulnerability by accessing the

Read more →

Exploits, Global Security News, vulnerabilities

Tomcat PUT to active abuse as Apache deals with critical RCE flaw

Apache Software’s open-source web container for handling Java-based web applications, Tomcat, is under active attacks through a critical RCE flaw the company disclosed last week. According to API security vendor, Wallarm, threat actors are using a public proof-of-concept (PoC) exploit released for the flaw, CVE-2025-24813, just 30 hours after it was publicly disclosed. “A devastating…

Read more →

Exploits, Global Security News, Politics, Technology

DEA Insiders Warned About Legality of Phone Tracking Program. Their Concerns Were Kept Secret.

When the Drug Enforcement Administration’s access to a secret trove of billions of American phone records was exposed in 2013, the Obama administration said the data had been collected under a perfectly legal program. Civil liberties advocates, however, were not convinced about that the data collection program — which let the DEA see who you…

Read more →

Cyberattacks, Malware, Vulnerabilities, Exploits, Global Security News

Attack time frames are shrinking rapidly. Here’s how cyber teams can cope.

Times are tough for cyber pros, quite literally. Two common malware time scale metrics — dwell time and time to exploit — are rapidly shortening, making it harder for defenders to find and neutralize threats. What is malware dwell time and time to exploit The two metrics are somewhat related. Malware’s dwell time refers to…

Read more →

Exploits, Global Security News

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure

A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions – Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat 10.1.0-M1 to 10.1.34 Apache Tomcat 9.0.0-M1 to…

Read more →

Cybersecurity, Exploits, Global Security News, Security Bloggers Network, Social Engineering

Immutable Cybersecurity Law #12

  “Never underestimate the simplicity of the attackers, nor the gullibility of the victims.” Cyberattacks don’t always rely on sophisticated exploits or advanced malware. In reality, many of the most successful breaches stem from simple tactics like phishing emails, social engineering, and exploiting basic security misconfigurations. Complexity isn’t a prerequisite for effectiveness — attackers often favor the…

Read more →

Exploits, Global Security News

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year

An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on…

Read more →

Exploits, Global Security News

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions

Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users’ actions. That’s according to new findings from Cisco Talos, which said such malicious activities can compromise a victim’s security and privacy. “The features available in CSS allow attackers…

Read more →

Exploits, Global Security News

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source

Read more →

Application Security, DevSecOps, Risk Management, Software Development, Exploits, Global Security News

AI development pipeline attacks expand CISOs’ software supply chain risk

Widespread flaws in open-source and third-party commercial software along with malicious campaigns targeting AI development pipelines are exacerbating software supply chain security problems. Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL). A scan of 30 of the most popular open-source packages found…

Read more →

Exploits, Global Security News, Network Security, Ransomware

Report on ransomware attacks on Fortinet firewalls also reveals possible defenses

A new ransomware gang is quickly exploiting two authentication bypass vulnerabilities in Fortinet firewalls, researchers say. The researchers at Forescout outlined recent attacks by the gang in a report this week, saying the gang, which it dubs Mora_001, takes advantage of unpatched firewalls to deploy a new ransomware strain, nicknamed SuperBlack, that closely resembles  LockBit…

Read more →

Arctic Wolf, booking.com, ClickFix, Exploits, Facebook, Global Security News, Google Chrome, Microsoft Office, microsoft windows, mshta.exe, Other, proofpoint, U.S. Department of Health and Human Services

ClickFix: How to Infect Your PC in Three Easy Steps

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ClickFix,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. ClickFix attacks mimic the…

Read more →

API security, Application Security, Exploits, Global Security News, owasp, Security Bloggers Network, waf, WAF evaluation

One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild

A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers. The exploit, originally published by a Chinese forum user iSee857, is already available online: CVE-2025-24813 PoC by iSee857. Exploit Breakdown: How a Simple PUT Request…

Read more →

business, channel, Exploits, Global Security News, Security, services

CyberArk Report Points to Machine Identity Security Risks

Security vendor CyberArk today released its 2025 State of Machine Identity Security Report. The research, based on a survey of 1,200 security leaders across the USA, UK, Australia, France, Germany and Singapore, shows the growing gap between machine identity creation and appropriate security measures accounting for those identities. CyberArk’s SVP of Innovation Kevin Bocek shared…

Read more →

Exploits, Global Security News

Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk

Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution…

Read more →

Exploits, Generative AI, Hacking, Penetration Testing, Threat and Vulnerability Management, Global Security News

Generative AI red teaming: Tips and techniques for putting LLMs to the test

Red teaming is a time-proven approach to testing and bolstering cybersecurity systems, but it has always needed to evolve alongside technology. The explosion of generative AI and large language models (LLMs) in recent years is only the latest innovation to come along and force the red-teaming world to adapt. Its importance is underscored by the…

Read more →

ACLU, Cybercrime, Cybersecurity, Electronic Frontier Foundation, encryption, Exploits, Global Security News, Government, National Center for Missing and Exploited Children, Section 230, Stop CSAM Act

Legislative push for child online safety runs afoul of encryption advocates (again)

Two members of the Senate Judiciary Committee are preparing to introduce  a bipartisan bill that would mandate tech companies to more swiftly report and remove child sexual abuse material hosted on their platforms, but critics warn it could result in the weakening or elimination of encrypted messaging services that many Americans rely on. The Stop…

Read more →

Cybersecurity, Exploits, Global Security News, Microsoft, Microsoft Office, microsoft windows, remote desktop service, Security, security administration, security patches, Software, windows dns server, windows subsystem for linux

Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days

Microsoft’s March 2025 Patch Tuesday includes six actively exploited zero-day vulnerabilities. Learn about the critical vulnerabilities and why immediate updates are essential.

Read more →

Application Security, Patch Management Software, Vulnerabilities, Exploits, Global Security News

SAP patches severe vulnerabilities in NetWeaver and Commerce apps

SAP has patched high-severity vulnerabilities in its Commerce and NetWeaver enterprise software packages. The updates came as part of 25 security patches released on Tuesday for the latest edition of SAP’s monthly patch release cycle. SAP Security Note #3563927 addresses a critical vulnerability in transaction SA38 SAP NetWeaver Application Server ABAP. If successfully exploited, the…

Read more →

Advanced Persistent Threats, Hacker Groups, Network Security, Security Hardware, Exploits, Global Security News

Chinese cyberespionage group deploys custom backdoors on Juniper routers

A Chinese cyberespionage group with a history of exploiting proprietary network-edge devices and developing custom malware for them has also been targeting enterprise and ISP-grade Juniper MX Series routers, according to a report by Google’s Mandiant team. The attackers were able to bypass the file integrity protections of Junos OS, the FreeBSD-based operating system used…

Read more →

Exploits, Global Security News

Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack

Threat intelligence firm GreyNoise is warning of a “coordinated surge” in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. “At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” the company said, adding it observed the activity on March 9, 2025. The countries…

Read more →

Browser Security, Security, Vulnerabilities, Exploits, Global Security News

Apple patches zero-day bugs used in targeted iPhone attacks

Apple has rolled out emergency patches for a bug affecting Webkit, the open-source web browser engine used primarily in Safari, against active exploitations in the wild. The vulnerability, CVE-2025024201, was reportedly exploited in zero-day attacks against targeted individuals. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated…

Read more →

Exploits, Global Security News

Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks

Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in “extremely sophisticated” attacks. The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component. It has been described as an out-of-bounds write issue that could allow an attacker…

Read more →

Exploits, Global Security News, Vulnerabilities, Windows Security, Zero-Day Vulnerabilities

Microsoft patches privilege escalation flaw exploited since 2023

Microsoft has released fixes for 57 vulnerabilities in this month’s patch cycle, including for six flaws that have signs of in-the-wild exploitation or disclosure. One of the zero-day exploits has been used in attacks since 2023 as part of a campaign with a backdoor called PipeMagic. None of the six zero-day flaws are rated as…

Read more →

Exploits, Global Security News, Security, Vulnerabilities, Zero-Day Vulnerabilities

March Patch Tuesday warnings: Act fast to plug zero day holes in Windows, VMware

CISOs need to lean on their admins to plug zero day vulnerabilities in Windows and VMware products as soon as possible, before they are widely exploited. In addition, Windows admins need to be aware of a vulnerability that already has a publicly-available proof of concept exploit that threat actors are sure to jump on. Finally,…

Read more →

Adam Barnett, CVE-2025-24983, CVE-2025-24984, CVE-2025-24985, CVE-2025-24991, CVE-2025-24993, CVE-2025-26633, eset, Exploits, Filip Jurčacko, Global Security News, Rapid7, Security Tools, Time to Patch

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993, both vulnerabilities in NTFS, the default file system for Windows and Windows Server. Both require the attacker to…

Read more →

Action1, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Microsoft, Patch Tuesday, Rapid7, Threats, vulnerabilities, zero days

Microsoft patches 57 vulnerabilities, including 6 zero-days

Microsoft patched 57 vulnerabilities affecting its foundational systems and core products, including six actively exploited zero-day vulnerabilities, the company said in its latest security update Tuesday. Four of the six zero-days, which were all added to the Cybersecurity and Infrastructure Security Agency’s known exploited vulnerabilities catalog, are high-severity on the CVSS scale.  The software defects…

Read more →

Exploits, Global Security News, Patch Management Software, Security, Vulnerabilities

Ivanti EPM vulnerabilities actively exploited in the wild, CISA warns

The US Cybersecurity and Infrastructure Security agency has added three vulnerabilities in Ivanti Endpoint Manager (EPM) to its known exploited vulnerabilities (KEV) catalog signaling they’ve seen in-the-wild exploitation. The flaws received patches in January after being reported privately to Ivanti by the researcher who found them. The three vulnerabilities, tracked as CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161…

Read more →

Apple, Cybersecurity, Exploits, Global Security News, iOS, mac, patching, Safari, Technology, Threats, zero days

Apple discloses zero-day vulnerability, releases emergency patches

Apple released emergency software patches Tuesday that address a newly identified zero-day vulnerability in the company’s WebKit web browser engine.  Tracked as CVE-2025-24201, an attacker can potentially escape the constraints of Webkit’s Web Content sandbox, potentially leading to unauthorized actions. The sandbox is a security feature that isolates untrusted web content in order to prevent…

Read more →

WordPress Appliance - Powered by TurnKey Linux