Tag: exploit
-
Ongoing Attacks Exploit Critical Cisco CSLU
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ongoing-attacks-exploit-critical-cisco-cslu
-
How attackers exploit Microsoft 365 from the inside and what to do about it
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/how-attackers-exploit-microsoft-365-from-the-inside-and-what-to-do-about-it
-
Attacks exploiting critical Cisco Smart Licensing Utility bug ongoing
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/attacks-exploiting-critical-cisco-smart-licensing-utility-bug-ongoing
-
China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March
by
in SecurityNews
Tags: china, exploit, flaw, group, ivanti, remote-code-execution, threat, update, vulnerability, zero-dayIvanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457. The vulnerability has been exploited by a China-linked threat actor since at least mid-March 2025. Ivanti did not disclose…
-
Disclosure Drama Clouds CrushFTP Vulnerability Exploitation
by
in SecurityNewsCrushFTP CEO Ben Spink slammed several cybersecurity companies for creating confusion around a critical authentication bypass flaw that’s currently under attack. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/disclosure-drama-clouds-crushftp-vulnerability-exploitation
-
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
by
in SecurityNewsA suspected Chinese APT group has exploited CVE-2025-22457 a buffer overflow bug that was previously thought not to be exploitable to compromise appliances … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/ivanti-vpn-customers-targeted-via-unrecognized-rce-vulnerability-cve-2025-22457/
-
Ivanti patches Connect Secure zero-day exploited since mid-March
by
in SecurityNews
Tags: china, espionage, exploit, ivanti, malware, remote-code-execution, update, vulnerability, zero-dayIvanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/
-
Oracle quietly admits data breach, days after lawsuit accused it of cover-up
by
in SecurityNews
Tags: access, attack, authentication, breach, cloud, compliance, credentials, crime, cve, cybersecurity, data, data-breach, endpoint, exploit, finance, fraud, hacker, identity, infrastructure, intelligence, law, oracle, resilience, risk, service, strategy, supply-chain, technology, theft, threat, vulnerabilityLawsuit challenges Oracle’s response: The reports of Oracle’s acknowledgement of the breach come just days after the company was hit with a class action lawsuit over its handling of the security breach.The lawsuit specifically addresses a major security breach discovered in March that reportedly compromised 6 million records containing sensitive authentication-related data from Oracle Cloud…
-
Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
by
in SecurityNewsCybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy… First seen on hackread.com Jump to article: hackread.com/hackers-exploit-stripe-api-web-skimming-card-theft/
-
Halo ITSM Vulnerability Exposed Organizations to Remote Hacking
by
in SecurityNewsAn unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data. The post Halo ITSM Vulnerability Exposed Organizations to Remote Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/halo-itsm-vulnerability-exposed-organizations-to-remote-hacking/
-
Qilin Operators Imitate ScreenConnect Login Page to Deploy Ransomware and Gain Admin Access
by
in SecurityNews
Tags: access, attack, cyber, cyberattack, exploit, group, login, monitoring, msp, phishing, ransomware, service, sophos, threatIn a recent cyberattack attributed to the Qilin ransomware group, threat actors successfully compromised a Managed Service Provider (MSP) by mimicking the login page of ScreenConnect, a popular Remote Monitoring and Management (RMM) tool. The attack, which occurred in January 2025, highlights the growing sophistication of phishing campaigns targeting MSPs to exploit downstream customers. Sophos’…
-
Major Online Platform for Child Exploitation Dismantled
by
in SecurityNewsAn international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/online-platform-child-exploitation/
-
Cisco confirms cyberattacks on Smart Licensing Utility flaw
by
in SecurityNewsCISA earlier this week added CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, to its known exploited vulnerabilities catalog. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-confirms-attacks-smart-licensing-utility-vulnerability/744352/
-
Oracle quietly admits data breach, days after lawsuit accused it of cover-up
by
in SecurityNews
Tags: access, attack, authentication, breach, cloud, compliance, credentials, crime, cve, cybersecurity, data, data-breach, endpoint, exploit, finance, fraud, hacker, identity, infrastructure, intelligence, law, oracle, resilience, risk, service, strategy, supply-chain, technology, theft, threat, vulnerabilityLawsuit challenges Oracle’s response: The reports of Oracle’s acknowledgement of the breach come just days after the company was hit with a class action lawsuit over its handling of the security breach.The lawsuit specifically addresses a major security breach discovered in March that reportedly compromised 6 million records containing sensitive authentication-related data from Oracle Cloud…
-
Halo ITSM Vulnerability Exposed Organizations to Remote Hacking
by
in SecurityNewsAn unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data. The post Halo ITSM Vulnerability Exposed Organizations to Remote Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/halo-itsm-vulnerability-exposed-organizations-to-remote-hacking/
-
Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
by
in SecurityNewsCybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy… First seen on hackread.com Jump to article: hackread.com/hackers-exploit-stripe-api-web-skimming-card-theft/
-
Qilin Operators Imitate ScreenConnect Login Page to Deploy Ransomware and Gain Admin Access
by
in SecurityNews
Tags: access, attack, cyber, cyberattack, exploit, group, login, monitoring, msp, phishing, ransomware, service, sophos, threatIn a recent cyberattack attributed to the Qilin ransomware group, threat actors successfully compromised a Managed Service Provider (MSP) by mimicking the login page of ScreenConnect, a popular Remote Monitoring and Management (RMM) tool. The attack, which occurred in January 2025, highlights the growing sophistication of phishing campaigns targeting MSPs to exploit downstream customers. Sophos’…
-
Major Online Platform for Child Exploitation Dismantled
by
in SecurityNewsAn international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/online-platform-child-exploitation/
-
Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests
by
in SecurityNewsAn international law enforcement operation shuts down Kidflix, a child sexual abuse material (CSAM) streaming platform with 1.8M users. An international operation, codenamed Operation Stream, against child sexual exploitation shuts down one of the largest streaming platforms that offered child sexual abuse material (CSAM) in the world, Kidflix. The investigation was led by the State…
-
CrushFTP Vulnerability Exploited Following Disclosure Issues
by
in SecurityNewsA critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crushftp-flaw-exploited-disclosure/
-
Two CVEs, One Critical Flaw: Inside the CrushFTP Vulnerability Controversy
by
in SecurityNewsTwo CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’. The post Two CVEs, One Critical Flaw: Inside the CrushFTP Vulnerability Controversy appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/details-emerge-on-cve-controversy-around-exploited-crushftp-vulnerability/
-
Neun von zehn Gesundheitseinrichtungen sind höchst gefährdet
by
in SecurityNews89 Prozent der Einrichtungen des Gesundheitswesens weisen Internet of Medical Things (IoMT)-Geräte in ihren Netzwerken auf, die zum gefährdetsten Prozent gehören. Diese verfügen über bereits bekannte ausgenutzte Schwachstellen (Known Exploited Vulnerability, KEV), die zudem von Ransomware-Gruppen genutzt werden, sowie über unsichere Verbindungen zum Internet. Dies ist eins der Ergebnisse des neuen Reports ‘State of CPS…
-
Why is someone mass-scanning Juniper and Palo Alto Networks products?
Espionage? Botnets? Trying to exploit a zero-day? First seen on theregister.com Jump to article: www.theregister.com/2025/04/03/unknown_scanners_probing_juniper_paloalto/
-
Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)
by
in SecurityNewsCVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, is being exploited by attackers in the wild, CISA has confirmed on Monday by adding the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/attackers-are-leveraging-cisco-smart-licensing-utility-static-admin-credentials-cve-2024-20439/
-
AI-Powered Gray Bots Target Web Applications with Over 17,000 Requests Per Hour
by
in SecurityNewsWeb applications are facing a growing challenge from >>gray bots,
-
Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS
by
in SecurityNewsCisco has disclosed a significant vulnerability in itsAnyConnect VPN Serverfor Meraki MX and Z Series devices, allowing authenticated attackers to triggerdenial-of-service (DoS)conditions. The flaw (CVE-2025-20212) stems from an uninitialized variable during SSL VPN session establishment and affects over 20 hardware models across enterprise networks. Vulnerability Overview Exploiting this bug requires valid VPN credentials. Attackers can…
-
Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials
by
in SecurityNews
Tags: apache, attack, botnet, credentials, cyber, data-breach, exploit, flaw, hacker, linux, vulnerability, windowsA newly discovered attack campaign has exposed vulnerabilities in Apache Tomcat servers, allowing hackers to hijack resources and steal SSH credentials. Researchers from Aqua Nautilus revealed that these attacks, which weaponized botnets within 30 hours of discovery, employ encrypted payloads and advanced persistence mechanisms to infiltrate systems running both Windows and Linux platforms. The attackers…
-
New Web Skimming Attack Exploits Legacy Stripe API to Validate Stolen Card Data
by
in SecurityNewsA sophisticated web-skimming campaign has been discovered, leveraging a deprecated Stripe API to validate stolen credit card data before exfiltration. This novel strategy ensures that only valid and usable card details are exfiltrated, making the operation highly efficient and harder to detect. Detailed insights into the attack have revealed alarming trends and vulnerabilities affecting numerous…
-
Hackers Actively Scanning for Juniper Smart Routers Using Default Passwords
by
in SecurityNewsRecent cybersecurity findings reveal an alarming increase in malicious activity targeting Juniper’s Session Smart Networking Platform (SSR). According to SANS tech reports, Attackers are focusing their efforts on exploiting devices using the default credentials, >>t128>128tRoutes
-
Google’s Quick Share for Windows Vulnerability Allows Remote Code Execution
by
in SecurityNews
Tags: cyber, cybersecurity, exploit, flaw, google, remote-code-execution, risk, vulnerability, windowsCybersecurity researchers from SafeBreach Labs have revealed new vulnerabilities in Google’s Quick Share file-transfer utility for Windows, including a critical flaw that allows attackers to execute code on targeted devices. The findings, disclosed this week, highlight risks in the widely used tool”, even after Google patched earlier issues reported in 2024. The QuickShell Exploit Chain…