Geek-Guy.com

Category: Exploits

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet   Predator Still Active, with New Client and Corporate Links Identified Threat Group Targets Companies in Taiwan  Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion  Anubis: A…

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses…

GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos

A threat group dubbed “Banana Squad,” active since April 2023, has trojanized more than 60 GitHub repositories in an ongoing campaign, offering Python-based hacking kits with malicious payloads. Discovered by ReversingLabs, the malicious public repos each imitate a well-known hacking tool to look legitimate but inject hidden backdoor logic. “At first glance (they) appear to…

Linux flaws chain allows Root access across major distributions

Researchers discovered two local privilege escalation flaws that could let attackers gain root access on systems running major Linux distributions. Qualys researchers discovered two local privilege escalation (LPE) vulnerabilities, an attacker can exploit them to gain root privileges on machines running major Linux distributions. The two vulnerabilities are: CVE-2025-6018: LPE from unprivileged to allow_active in…

Understanding EchoLeak: What This Vulnerability Teaches Us About Application Security | Impart Security

Understanding EchoLeak: What This Vulnerability Teaches Us About AI Security The recent disclosure of EchoLeak by Aim Labs marks a significant milestone in AI security research. As the first documented zero-click exploit targeting a production AI system, it offers valuable insights into the emerging threat landscape that security professionals need to understand and prepare for.…

Researchers discovered the largest data breach ever, exposing 16 billion login credentials

Researchers discovered the largest data breach ever, exposing 16 billion login credentials, likely due to multiple infostealers. Researchers announced the discovery of what appears to be the largest data breach ever recorded, with an astonishing 16 billion login credentials exposed. The ongoing investigation, which began earlier this year, suggests that the credentials were collected through…

Foreign aircraft, domestic risks

Disclaimer: The content presented in this article is based exclusively on publicly available, unclassified information and open-source research. It does not draw upon any classified or proprietary data. The analysis is intended solely as a technical thought exercise to explore potential cybersecurity considerations in the context of legacy aircraft systems and industrial control system analogies.…

Secure Vibe Coding: The Complete New Guide

DALL-E for coders? That’s the promise behind vibe coding, a term describing the use of natural language to create software. While this ushers in a new era of AI-generated code, it introduces “silent killer” vulnerabilities: exploitable flaws that evade traditional security tools despite perfect test performance. A detailed analysis of secure vibe coding practices is…

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS, using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 million…

New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions

Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities, discovered by Qualys, are listed below – CVE-2025-6018 – LPE from unprivileged to allow_active in SUSE 15’s Pluggable Authentication Modules (PAM) CVE-2025-6019 – LPE from allow_active to root in

Asana’s MCP AI connector could have exposed corporate data, CSOs warned

CSOs with Asana’s Model Context Protocol (MCP) server in their environment should scour their logs and metadata for data leaks after the discovery of a serious vulnerability. Asana, a software-as-a-service workplace management platform allowing employees to set company-wide goals, manage strategic plans and keep teams connected, said this week that its MCP server had been…

Hackers lean into social engineering to attack Apple security — Jamf

Every Mac, iPhone, or iPad user should do everything they can to protect themselves against social engineering-based phishing attacks, a new report from Jamf warns. In a time of deep international tension, the digital threat environment reflects the zeitgeist, with hackers and attackers seeking out security weaknesses on a scale that continues to grow.  Based…

Over 1M Cock.li user records compromised via Roundcube exploits

BleepingComputer reports that all users of the German free privacy-focused email hosting server Cock.li since 2016 amounting to more than 1 million individuals were confirmed to have had their information compromised following a breach stemming from the exploitation of vulnerabilities impacting its deprecated Roundcube webmail platform.

Watch out, Veeam fixed a new critical bug in Backup & Replication product

Veeam addressed a new critical flaw in Backup & Replication product that could potentially result in remote code execution. Veeam has rolled out security patches to address a critical security vulnerability, tracked CVE-2025-23121 (CVSS score of 9.9) in its Backup & Replication solution that can allow remote attackers to execute arbitrary code under certain conditions.…

Addressed Google Chrome zero-day leveraged to spread Trinper backdoor

GBHackers News reports that attacks exploiting the already-fixed high-severity Google Chrome zero-day flaw, tracked as CVE-2025-2783, have been launched by the Team46 advanced persistent threat operation, also known as TaxOff, to spread the Trinper malware as part of a campaign that was initially observed in March.

WormGPT returns: New malicious AI variants built on Grok and Mixtral uncovered

Two new variants of WormGPT, the malicious large language model (LLM) from July 2023 that operated without restrictions to generate phishing emails, BEC messages, and malware scripts, have been uncovered, now riding on top of xAI’s Grok and Mistral’s Mixtral models. Cloud-native network security company CATO Networks analyzed the variants posted on the widely used…

U.S. CISA adds Linux Kernel flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, tracked as CVE-2023-0386, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership vulnerability in the Linux kernel that…

News Flodrix botnet targets vulnerable Langflow servers

Attackers exploit CVE-2025-3248 in Langflow servers to deliver Flodrix botnet via downloader scripts, Trend Research reports. Trend Research uncovered an ongoing campaign exploiting the vulnerability CVE-2025-3248 to deliver the Flodrix botnet. Attackers exploit the flaw to run scripts on Langflow servers, downloading and installing Flodrix malware. “If the vulnerability is successfully exploited, threat actors behind…

GitHub Actions attack renders even security-aware orgs vulnerable

Developers hosting code repositories on GitHub continue to use GitHub Actions insecurely, setting up automatic workflows that can be exploited to extract sensitive authentication tokens, researchers warn. Security risks associated with GitHub Actions workflows are not new. Still, researchers from Sysdig have identified dozens of vulnerable projects, including ones from high-profile security-aware organizations MITRE and…

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate…

LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents

Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security. LangSmith is an observability and evaluation platform…

Why Apple’s Foundation Models Framework matter

Look, it’s not just about Siri and ChatGPT; artificial intelligence will drive future tech experiences and should be seen as a utility. That’s the strategic imperative driving Apple’s WWDC introduction of the Foundation Models Framework for its operating systems. It represents a series of tools that will let developers exploit Apple’s own on-device AI large language models…

U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-43200 Apple Multiple Products Unspecified Vulnerability CVE-2023-33538 (CVSS score…

Phishing goes prime time: Hackers use trusted sites to hijack search rankings

Cybercriminals are exploiting a black-market search engine optimization (SEO) platform called Hacklink to hijack search engine results and promote phishing and other unscrupulous sites. According to a Netcraft research, the clandestine marketplace allows scammers to purchase access to high-reputation websites and stealthily plant links that boost the visibility of attacker-controlled pages in search results, especially…

Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets

A malicious Python package posing as a harmless add-on for the Chimera sandbox environment, an integrated machine learning experimentation and development tool, is helping threat actors steal sensitive corporate credentials. According to new research findings from software supply chain and DevOps company JFrog, the package “chimera-sandbox-extensions”, recently uploaded to the popular PyPI repository, contains a…

Attackers target Zyxel RCE vulnerability CVE-2023-28771

GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. “Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks. On June 16, GreyNoise observed…

New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. “Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.  The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet

This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data.

‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover

A newly discovered cross-site scripting (XSS) vulnerability in Grafana — a widely used open-source analytics and visualization platform for developers — has put thousands of servers at risk of complete account takeover. According to an OX Security analysis, the critical vulnerability, dubbed “Grafana Ghost,” exposes unpatched systems to client-side open-redirect and cross-site scripting attacks. “The…

Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub

The Trend Micro™ Managed Detection and Response team uncovered a threat campaign orchestrated by an active group, Water Curse. The threat actor exploits GitHub, one of the most trusted platforms for open-source software, as a delivery channel for weaponized repositories.

Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Palo Alto Networks fixed multiple privilege escalation flaws Unusual toolset used in recent Fog Ransomware attack…

Palo Alto Networks fixed multiple privilege escalation flaws

Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions. Palo Alto Networks fixed seven privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products. Palo Alto applied 11 Chrome fixes and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser. The most severe vulnerability, tracked…

Unusual toolset used in recent Fog Ransomware attack

Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn. In May 2025, attackers hit an Asian financial firm with Fog ransomware, using rare tools like Syteca monitoring software and pentesting tools GC2, Adaptix, and Stowaway. Symantec researchers pointed out that the use of these tools is unusual…

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan. “Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in a technical report. “The attackers combined…

Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks

Aim Security researchers found a zero-click vulnerability in Microsoft 365 Copilot that could have been exploited to have AI tools like RAG and AI agents hand over sensitive corporate data to attackers simply by issuing a request for the information in a specially worded email. Microsoft fixed the security flaw. The post Zero-Click Flaw in…

Microsoft’s Patch Tuesday updates: Keeping up with the latest fixes

Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are.  Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to…

For June’s Patch Tuesday, 68 fixes — and two zero-day flaws

Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) have led to a “Patch Now” recommendation for both Windows and Office.…

Apple’s AI Revolution: Insights from WWDC

After this year’s WWDC, I’m feeling a lot more positive about Apple’s efforts to weave artificial intelligence into its ecosystem. While a contextual Siri may not arrive until next year, the focus right now is on developing the inherent technologies rather than mass market AI interactions. At Apple’s big developer event, developers were served a feast of AI-related updates, including…

TeamFiltration pentesting tool harnessed in global Microsoft Entra ID attack campaign

Attacks exploiting the TeamFiltration penetration testing framework have been launched by the threat actor UNK_SneakyStrike to target over 80,000 Microsoft Entra ID accounts across hundreds of organizations worldwide, some of which were successfully taken over, as part of a campaign that commenced in December, BleepingComputer reports.

Fog ransomware gang abuses employee monitoring tool in unusual multi-stage attack

Fog ransomware hackers, known for targeting US educational institutions, are now using legitimate employee monitoring software Syteca, and several open-source pen-testing tools alongside usual encryption. While investigating a May 2025 attack on an unnamed financial institution in Asia, Symantec researchers spotted hackers using Syteca (formerly Ekran) and several pen-testers, including GC2, Adaptix, and Stowaway, a…

Apple confirmed that Messages app flaw was actively exploited in the wild

Apple confirmed that a security flaw in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. Apple confirmed that a now-patched vulnerability, tracked as CVE-2025-43200, in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. The IT giant addressed the flaw…

Trend Micro fixes critical bugs in Apex Central and TMEE PolicyServer

Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. Trend Micro address remote code execution and authentication bypass vulnerabilities impacting its Endpoint Encryption (TMEE) PolicyServer and Apex Central solutions. Trend Micro Endpoint Encryption PolicyServer is a centralized management server used in Trend Micro’s Endpoint Encryption solution. It acts…

Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware

Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS…

Penetration Testing for SaaS Providers: Building Trust and Security

In today’s rapidly evolving digital landscape, SaaS (software as a service) providers face increasing scrutiny regarding the security of their platforms. And with increasing numbers of customers entrusting sensitive data to Cloud-based solutions, penetration testing has become an essential component of a comprehensive security strategy. In a recent webinar, Penetration Testing for SaaS Providers, our…

OffensiveCon25 – Keynote: Automating Your Job? The Future Of AI and Exploit Development

Author/Presenter: Perri Adams Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…

Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider

Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp…

First-ever zero-click attack targets Microsoft 365 Copilot

Imagine an attack so stealthy it requires no clicks, no downloads, no warning – just an email sitting in your inbox. This is EchoLeak, a critical vulnerability in Microsoft 365 Copilot that lets hackers steal sensitive corporate data without a single action from the victim.  Discovered by Aim Security, it’s the first documented zero-click attack…

FIN6 exploits HR workflows to breach corporate defenses

The financially motivated cybercrime group FIN6, also known as Skeleton Spider, is targeting human resources professionals with an elaborate social engineering scheme that uses fake job applications to deliver malware, according to new research from security analysts. The campaign begins with attackers posing as job seekers on professional platforms like LinkedIn and Indeed, building rapport…

SinoTrack GPS device flaws allow remote vehicle control and location tracking

Two vulnerabilities in SinoTrack GPS devices can allow remote vehicle control and location tracking by attackers, US CISA warns. U.S. CISA warns of two vulnerabilities in SinoTrack GPS devices that remote attackers can exploit to access a vehicle’s device profile without permission. The researchers warn that potential exploitation could allow attackers to track its location…

U.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-24016 (CVSS score 9.9) Wazuh Server Deserialization…

Smaller organizations nearing cybersecurity breaking point

Limited budgets, overstretched IT teams, and a rapidly evolving threat landscape mean smaller organizations are approaching a “cybersecurity tipping point.” The World Economic Forum’s (WEF) Global Cybersecurity Outlook 2025 report noted that “71% of cyber leaders say small organizations have already reached a critical tipping point where they can no longer adequately secure themselves against…

June Patch Tuesday advice for CSOs: Defense-in-depth needed to stop RCEs

This month’s Patch Tuesday fixes highlight a troubling pattern of remote code execution (RCE) holes being found in Microsoft’s core enterprise products, says an expert. “This trend reinforces the need for defense-in-depth strategies that extend well beyond patching,” says Mike Walters, president of patch management provider Action1. He pointed to several RCE vulnerabilities in this…

Dems want watchdog study of two troubled federally-funded vulnerability tracking initiatives

Two House Democratic leaders are asking a government watchdog to dig into two federally-funded initiatives to catalog software flaws and vulnerability data in light of their recent troubles. Mississippi Rep. Bennie Thompson, the top Democrat on the Homeland Security Committee, and California Rep. Zoe Lofgren, who serves as top Democrat on the Science and Technology…

Neues GenAI-Tool soll Open-Source-Sicherheit erhöhen

srcset=”https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?quality=50&strip=all 5666w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Ein neu entwickeltes GenAI-Tool soll helfen, Schwachstellen in großen Open-Source-Repositories zu erkennen und zu patchen. Teerachai Jampanak – Shutterstock.com Niederländische und iranische Sicherheitsforscher haben ein neues Tool auf…

Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited

A critical remote code execution (RCE) vulnerability in Roundcube was exploited days after patch, impacting over 80,000 servers. Threat actors exploited a critical remote code execution (RCE) flaw in Roundcube, tracked as CVE-2025-49113, just days after the patch was released, targeting over 80,000 servers. Roundcube is a popular webmail platform and has been repeatedly targeted…

SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

Two security vulnerabilities have been disclosed in SinoTrack GPS devices that could be exploited to control certain remote functions on connected vehicles and even track their locations. “Successful exploitation of these vulnerabilities could allow an attacker to access device profiles without authorization through the common web management interface,” the U.S. Cybersecurity and Infrastructure

Is Microsoft really axing Windows 10? Here’s what you need to know

“Stay on the right side of risk.” That’s what a new advertisement from Microsoft says, urging businesses and consumers to upgrade their Windows 10 PCs in the coming months. After all, Windows 10 will stop getting security updates in October. That’s now only four months away. Microsoft has spent a lot of time talking about…

A flaw could allow recovery of the phone number associated with any Google account

A vulnerability could allow recovery of the phone number associated with a Google account by carrying out a brute force attack. The security researcher who goes online with the moniker “brutecat” discovered that it is possible to brute force the phone number of any Google abusing an issue in the company’s account recovery feature. A…

8 things CISOs have learned from cyber incidents

When a cyber incident happens, it’s more than just an isolated event. For many CISOs, it reshapes their approach to resilience, risk management, and even their personal well-being in the job. Several security leaders reflect on the lessons from real-world incidents and why it’s vital to share them with the community to strengthen collective resilience,…

Patch Tuesday, June 2025 Edition

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public. The sole zero-day flaw this month is…

Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw

Researchers warn that several botnets built on the Mirai malware codebase are targeting outdated Wazuh XDR and SIEM management servers. For the past several months, the botnets have been exploiting a critical remote code execution vulnerability in Wazuh that was patched in February. Researchers from content delivery and security company Akamai first detected exploitation of…

Microsoft Patch Tuesday addresses 66 vulnerabilities, including an actively exploited zero-day

Microsoft addressed 66 vulnerabilities across its suite of products and systems, including a zero-day in WebDAV that allows unauthorized attackers to remotely execute code, the company said in its latest security update Tuesday.  The espionage group Stealth Falcon exploited the zero-day — CVE-2025-33053 — to execute malware on a defense company in Turkey in March,…

5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them

4 min readDiscover the emerging class of attacks involving software workloads and AI agents. The post 5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them appeared first on Aembit. The post 5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them appeared first on Security Boulevard.

OffensiveCon25 – Breaking The Sound Barrier: Exploiting CoreAudio Via Mach Message Fuzzing

Author/Presenter: Dillon Franke Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…

Microsoft’s June 2025 Patch Tuesday Addresses 65 CVEs (CVE-2025-33053)

9Critical 56Important 0Moderate 0Low Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild. Microsoft addresses 65 CVEs in its June 2025 Patch Tuesday release, with nine rated critical, and 56 rated as important. Our counts omitted one vulnerability reported by CERT CC. This month’s update includes patches for: .NET…

SAP June 2025 Security Patch Day fixed critical NetWeaver bug

SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch released in June 2025 Security Patch. SAP June 2025 Security Patch addressed a critical NetWeaver vulnerability, tracked as CVE-2025-42989 (CVSS score of 9.6), allowing threat actors to bypass authorization checks and escalate their privileges. “RFC inbound processing does not perform…

WordPress Appliance - Powered by TurnKey Linux