Tag: exploit
-
CISA Urges Patching For ‘Critical’ Ivanti VPN Flaw Exploited In Attacks
by
in SecurityNewsExploitation of a critical-severity Ivanti Connect Secure vulnerability prompted CISA to issue an advisory Friday, urging organizations to implement patches to fix the issue. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-urges-patching-for-critical-ivanti-vpn-flaw-exploited-in-attacks
-
CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers
by
in SecurityNewsResearchers attributed exploitation of the vulnerability to a suspected China-based cyberespionage group tracked as UNC5221. First seen on therecord.media Jump to article: therecord.media/cisa-ivanti-firewall-bug-exploitation
-
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
by
in SecurityNewsApril 5, 2025 Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow has been actively exploited since mid-March 2025, posing a severe risk to organizations using these […]…
-
Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials
by
in SecurityNewsA surge in phishing text messages claiming unpaid tolls has been linked to a massive phishing-as-a-service (PhaaS) operation. These scams, which have been hitting users’ phones in waves, are part of a sophisticated campaign leveraging a platform called Lucid. Cybercriminals behind this scheme are exploiting legitimate communication technologies like Apple iMessage and Android RCS to…
-
Hackers Use URL Shorteners and QR Codes in Tax-Themed Phishing Attacks
by
in SecurityNewsAs the United States approaches Tax Day on April 15, cybersecurity experts have uncovered a series of sophisticated phishing campaigns leveraging tax-related themes to exploit unsuspecting users. Microsoft has identified these campaigns as employing advanced redirection techniques such as URL shorteners and QR codes embedded in malicious attachments to evade detection. By abusing legitimate services…
-
Beware of Clickfix: ‘Fix Now’ and ‘Bot Verification’ Lures Deliver and Execute Malware
A sophisticated browser-based malware delivery method, dubbed ClickFix, has emerged as a significant threat to cybersecurity. Leveraging deceptive prompts like >>Fix Now>Bot Verification,
-
New Credit Card Skimming Campaign Uses Browser Extensions to Steal Financial Data
by
in SecurityNewsA newly discovered credit card skimming campaign, dubbed >>RolandSkimmer,
-
Chinese Hackers Exploit Ivanti VPN Vulnerability to Deliver Malware Payloads
by
in SecurityNewsIvanti disclosed a critical security vulnerability, CVE-2025-22457, affecting its Connect Secure (ICS) VPN appliances, particularly versions 22.7R2.5 and earlier. This buffer overflow vulnerability enables attackers to achieve remote code execution when exploited successfully. Security researchers from Mandiant and Ivanti have confirmed active exploitation of this vulnerability in the wild, targeting ICS 9.X (end-of-life) and earlier…
-
Ivanti warns customers of new critical flaw exploited in the wild
Remediation: Organizations are urged to immediately update their Ivanti Connect Secure appliances to version 22.7R2.6 released in February or later to address CVE-2025-22457. Customers should also use the external version of the Integrity Checker Tool and look for web server crashes.”If your ICT result shows signs of compromise, you should perform a factory reset on…
-
Hackers Exploit Fast Flux to Evade Detection and Obscure Malicious Servers
by
in SecurityNews
Tags: advisory, control, cyber, cybersecurity, detection, exploit, hacker, infrastructure, malicious, threatCybersecurity agencies worldwide have issued a joint advisory warning against the growing threat posed by >>fast flux,
-
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE
by
in SecurityNewsNo known exploits yet: Neither Endor Labs nor NIST’s NVD entry reported any exploit attempts using CVE-2025-30065 as of publication of this article. Apache silently pushed a fix with the release of 1.15.1 on March 16, 2025, with a GitHub redirect to changes made in the update.Endor Labs advised prompt patching of the vulnerability, which…
-
Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses
by
in SecurityNewsA joint cybersecurity advisory warns organizations globally about the defense gap in detecting and blocking fast flux techniques, which are exploited for malicious activities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cyber-agencies-warn-of-fast-flux/
-
Malicious PDFs Responsible for 22% of All Email-Based Cyber Threats
by
in SecurityNewsMalicious PDF files have emerged as a dominant threat vector in email-based cyberattacks, accounting for 22% of all malicious email attachments, according to a recent report by Check Point Research. With over 87% of organizations relying on PDFs for business communication, the ubiquitous file format has become a prime target for cybercriminals, who exploit its…
-
China-Linked Threat Group Exploits Ivanti Bug
The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/china-linked-threat-group-exploits-ivanti-bug
-
Critical Apache Parquet Vulnerability Leads to Remote Code Execution
by
in SecurityNewsA critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-apache-parquet-vulnerability-leads-to-remote-code-execution/
-
Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw
by
in SecurityNews
Tags: china, espionage, exploit, flaw, hacker, ivanti, mandiant, remote-code-execution, vulnerabilityMandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-state-hackers-ivanti-flaw/
-
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
by
in SecurityNewsIvanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild.The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems.”A stack-based buffer overflow in Ivanti Connect…
-
Apache Traffic Server Flaw Allows Request Smuggling Attacks
by
in SecurityNewsA critical vulnerability has been discovered in Apache Traffic Server (ATS), an open-source caching proxy server. Identified as CVE-2024-53868, this flaw enables attackers to exploit request smuggling via malformed chunked messages. Users of Apache Traffic Server are urged to upgrade to secure versions of the software immediately to mitigate potential risks. CVE-2024-53868 Details The vulnerability was…
-
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
by
in SecurityNewsA maximum severity security vulnerability has been disclosed in Apache Parquet’s Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances.Apache Parquet is a free and open-source columnar data file format that’s designed for efficient data processing and retrieval, providing support for complex data, high-performance First seen…
-
Surge in threat actors scanning Juniper, Cisco, and Palo Alto Networks devices
by
in SecurityNewsScanning for Palo Alto Networks portals: Meanwhile, researchers at GreyNoise this week reported seeing a recent significant surge in login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect portals. GlobalProtect is an endpoint application that allows employees to access a company’s resources remotely.Over the last 30 days, nearly 24,000 unique IP addresses have attempted to access…
-
China-backed espionage group hits Ivanti customers again
by
in SecurityNewsUNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant. First seen on cyberscoop.com Jump to article: cyberscoop.com/china-espionage-group-ivanti-vulnerability-exploits/
-
Attacks exploiting critical Cisco Smart Licensing Utility bug ongoing
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/attacks-exploiting-critical-cisco-smart-licensing-utility-bug-ongoing
-
Ongoing Attacks Exploit Critical Cisco CSLU
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ongoing-attacks-exploit-critical-cisco-cslu
-
How attackers exploit Microsoft 365 from the inside and what to do about it
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/how-attackers-exploit-microsoft-365-from-the-inside-and-what-to-do-about-it
-
China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March
by
in SecurityNews
Tags: china, exploit, flaw, group, ivanti, remote-code-execution, threat, update, vulnerability, zero-dayIvanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457. The vulnerability has been exploited by a China-linked threat actor since at least mid-March 2025. Ivanti did not disclose…
-
Disclosure Drama Clouds CrushFTP Vulnerability Exploitation
by
in SecurityNewsCrushFTP CEO Ben Spink slammed several cybersecurity companies for creating confusion around a critical authentication bypass flaw that’s currently under attack. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/disclosure-drama-clouds-crushftp-vulnerability-exploitation
-
Ivanti patches Connect Secure zero-day exploited since mid-March
by
in SecurityNews
Tags: china, espionage, exploit, ivanti, malware, remote-code-execution, update, vulnerability, zero-dayIvanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/
-
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
by
in SecurityNewsA suspected Chinese APT group has exploited CVE-2025-22457 a buffer overflow bug that was previously thought not to be exploitable to compromise appliances … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/ivanti-vpn-customers-targeted-via-unrecognized-rce-vulnerability-cve-2025-22457/
-
Cisco confirms cyberattacks on Smart Licensing Utility flaw
by
in SecurityNewsCISA earlier this week added CVE-2024-20439, a static credential vulnerability in the license management app, to its known exploited vulnerabilities catalog. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-confirms-attacks-smart-licensing-utility-vulnerability/744352/