Tag: exploit
-
Malware Campaign Exploits ESET Software Vulnerability
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/malware-campaign-exploits-eset-software-vulnerability
-
New ToddyCat attacks involve ESET software vulnerability exploit
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-toddycat-attacks-involve-eset-software-vulnerability-exploit
-
2 Android Zero-Day Bugs Under Active Exploit
by
in SecurityNewsNeither security issue requires user interaction, and one of the vulnerabilities was used to unlock a student activist’s device in an attempt to install spyware. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/android-zero-day-bugs-active-exploit
-
Microsoft April 2025 Patch Tuesday: Fixing 121 Vulnerabilities, Including a Critical Zero-Day
by
in SecurityNews
Tags: cyber, exploit, flaw, microsoft, remote-code-execution, software, update, vulnerability, zero-dayMicrosoft has rolled out its April 2025 Patch Tuesday update, addressing 121 security vulnerabilities across its software ecosystem. This comprehensive update includes fixes for critical issues such as the elevation of privilege, remote code execution, and information disclosure vulnerabilities. Among the patched flaws is a zero-day vulnerability actively exploited in the wild, underscoring the urgency…
-
Hackers Conceal NFC Carders Behind Apple Pay and Google Wallet
by
in SecurityNews
Tags: apple, cyber, cybercrime, exploit, finance, fraud, google, hacker, mobile, nfc, password, technology, vulnerabilityIn a disturbing evolution of financial fraud, cybercriminals are leveraging advanced techniques to exploit mobile payment systems such as Apple Pay and Google Wallet. Once reliant on magnetic stripe card cloning, fraudsters have adapted to breakthroughs in card security technology like chip cards and one-time passwords, exploiting vulnerabilities in contactless payments and digital wallets. By…
-
Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day
by
in SecurityNewsPatch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-patches-125-windows-vulns-including-exploited-clfs-zero-day/
-
Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)
by
in SecurityNewsApril 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/08/patch-tuesday-microsoft-zero-day-cve-2025-29824/
-
Windows CLFS zero-day exploited by ransomware gang
by
in SecurityNewsMicrosoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims’ systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-windows-clfs-zero-day-exploited-by-ransomware-gang/
-
Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
Today is Microsoft’s April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-april-2025-patch-tuesday-fixes-exploited-zero-day-134-flaws/
-
Attackers Exploit SourceForge Platform to Distribute Malware
by
in SecurityNews
Tags: attack, cyber, cybercrime, cybersecurity, exploit, infection, malicious, malware, russia, softwareA recent malware distribution scheme has been uncovered on SourceForge, the popular software hosting and distribution platform. Cybercriminals have leveraged SourceForge’s subdomain feature to deceive users with fake downloads of software applications, embedding malicious files into the infection chain. This attack, primarily targeting Russian-speaking users, has raised alarms within the cybersecurity community for its level…
-
Vidar Stealer Uses New Deception Technique to Hijack Browser Cookies and Stored Credentials
by
in SecurityNewsVidar Stealer a notorious information-stealing malware has adopted a deceptive method to disguise itself as Microsoft’s BGInfo application. By exploiting a legitimate tool widely used by IT professionals to display system details, attackers have demonstrated advanced techniques to evade detection and execute malicious code designed to compromise sensitive data. BGInfo, part of Microsoft’s Sysinternals Suite,…
-
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
by
in SecurityNewsCybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution.The vulnerability could permit an attacker to create directories in unintended locations on the filesystem, execute arbitrary scripts with root privileges, First…
-
Over 5K Ivanti VPNs vulnerable to critical bug under attack
by
in SecurityNewsChina-linked threat actors last month began exploiting CVE-2025-22457, a critical stack buffer-overflow flaw. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/5k-ivanti-vpns-vulnerable-critical-flaw-under-attack/744748/
-
New Mirai botnet behind surge in TVT DVR exploitation
by
in SecurityNewsA significant spike in exploitation attempts targeting TVT NVMS9000 DVRs has been detected, peaking on April 3, 2025, with over 2,500 unique IPs scanning for vulnerable devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-mirai-botnet-behind-surge-in-tvt-dvr-exploitation/
-
Ivanti Released Security Update With The Fixes for Critical Endpoint Manager RCE Vulnerabilities
by
in SecurityNewsIvanti, a prominent enterprise software provider, has issued an urgent security advisory today addressing multiple vulnerabilities in its Endpoint Manager (EPM) products. The updates for EPM 2024 SU1 and EPM 2022 SU7 resolve six critical and medium-severity flaws that could allow attackers to gain remote access, escalate privileges, or disrupt systems. While no exploitation has…
-
ESET Vulnerability Exploited for Stealthy Malware Execution
by
in SecurityNewsA sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery. The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/eset-vulnerability-exploited-for-stealthy-malware-execution/
-
Over 5,000 Ivanti Connect Secure Devices Exposed to RCE Vulnerabilities
by
in SecurityNewsOver 5,000 Ivanti Connect Secure devices remain vulnerable to a critical remote code execution (RCE) flaw, according to data from the Shadowserver Foundation. The vulnerability, tracked as CVE-2025-22457, stems from a stack-based buffer overflow issue, enabling unauthenticated attackers to execute arbitrary code remotely. The flaw has already been exploited in the wild, raising alarms across the…
-
CISA Alerts on Actively Exploited CrushFTP Authentication Bypass Vulnerability
by
in SecurityNewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an actively exploited vulnerability in CrushFTP, a popular file transfer server solution. Identified as CVE-2025-31161, the vulnerability allows attackers to bypass authentication, posing significant risks to organizations relying on CrushFTP for secure file sharing and transfer. CISA has added this critical vulnerability to…
-
HellCat Ransomware Hits 4 Firms using Infostealer-Stolen Jira Credentials
by
in SecurityNewsHellCat ransomware hits 4 companies by exploiting Jira credentials stolen through infostealer malware, continuing their global attack spree. First seen on hackread.com Jump to article: hackread.com/hellcat-ransomware-firms-infostealer-stolen-jira-credentials/
-
CISA Warns of CrushFTP Exploit Letting Attackers Bypass Authentication
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has recently added a new vulnerability to its Known Exploited Vulnerabilities Catalog. The vulnerability, identified as CVE-2025-31161, is an Authentication Bypass Vulnerability in CrushFTP, a widely used FTP server software. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-adds-cve-2025-31161-to-kev-catalog/
-
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk
by
in SecurityNewsMore than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/exploited-vulnerability-puts-5000-ivanti-vpn-appliances-at-risk/
-
CISA Warns of CrushFTP Vulnerability Exploitation in the Wild
by
in SecurityNewsThe US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crushftp-vulnerability-cisa-kev/
-
Android Update Patches Two Exploited Vulnerabilities
by
in SecurityNewsAndroid’s latest security update resolves two exploited Kernel vulnerabilities, as well as critical-severity bugs. The post Android Update Patches Two Exploited Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/android-update-patches-two-exploited-vulnerabilities/
-
Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks
by
in SecurityNewsHuntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability. The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/threat-actors-set-up-persistent-access-to-hosts-hacked-in-crushftp-attacks/
-
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation
by
in SecurityNewsA recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild.The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. It…
-
Google fixed two actively exploited Android zero-days
by
in SecurityNewsGoogle addressed 62 vulnerabilities with the release of Android ‘s April 2025 security update, including two actively exploited zero-days. Google released Android ‘s April 2025 security updates to address 62 vulnerabilities, including two zero-day vulnerabilities (CVE-2024-53197, CVE-2024-53150) exploited in targeted attacks. The vulnerability CVE-2024-53197 is a Linux kernel issue affecting ALSA USB audio. Malicious devices…
-
Google Patches Actively Exploited Android 0-Day Vulnerability
by
in SecurityNewsGoogle has issued critical security updates to address a recently discovered zero-day vulnerability actively exploited in Android devices. The Android Security Bulletin for April 2025 highlights the details of multiple security vulnerabilities, including high-profile issues such asCVE-2024-53150andCVE-2024-53197, which have reportedly been exploited in targeted attacks. These vulnerabilities are addressed in the security patch levels of2025-04-05or…