Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet Predator Still Active, with New Client and Corporate Links Identified Threat Group Targets Companies in Taiwan Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion Anubis: A…
Category: Exploits
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses…
Exploits, Global Security News, Security
WordPress Motors theme flaw mass-exploited to hijack admin accounts
Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme “Motors” to hijack administrator accounts and gain complete control of a targeted site. […]
aiml, Data Security, Exploits, Global Security News, identity, Threat Intelligence
Jira tickets become attack vectors in PoC ‘living off AI’ attack
Cato Networks’ prompt injection exploit highlights the risks of external input to internal AI services.
Citizen Lab, Cozy Bear, cyber attacks, Exploits, Global Security News, Phishing Scam, Security
Hackers Use Social Engineering to Target Expert on Russian Operations
Citizen Lab and Google uncovered a new, sophisticated cyberattack linked to Russian state actors that exploits App-Specific Passwords, bypassing Multi-Factor Authentication. Discover how to protect yourself from these evolving threats.
Exploits, Global Security News, malware, Threat Intelligence
More advanced ACR Stealer-based malware examined
Attacks with the more sophisticated ACR Stealer-based Amatera Stealer malware have been launched as part of ClearFake web injection campaigns involving EtherHiding, Binance Smart Chain contract, and ClickFix exploitation between April and May, according to GBHackers News.
Developer, Malware, Security, Exploits, Global Security News
GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos
A threat group dubbed “Banana Squad,” active since April 2023, has trojanized more than 60 GitHub repositories in an ongoing campaign, offering Python-based hacking kits with malicious payloads. Discovered by ReversingLabs, the malicious public repos each imitate a well-known hacking tool to look legitimate but inject hidden backdoor logic. “At first glance (they) appear to…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Linux flaws chain allows Root access across major distributions
Researchers discovered two local privilege escalation flaws that could let attackers gain root access on systems running major Linux distributions. Qualys researchers discovered two local privilege escalation (LPE) vulnerabilities, an attacker can exploit them to gain root privileges on machines running major Linux distributions. The two vulnerabilities are: CVE-2025-6018: LPE from unprivileged to allow_active in…
Exploits, Global Security News, Security Bloggers Network
Understanding EchoLeak: What This Vulnerability Teaches Us About Application Security | Impart Security
Understanding EchoLeak: What This Vulnerability Teaches Us About AI Security The recent disclosure of EchoLeak by Aim Labs marks a significant milestone in AI security research. As the first documented zero-click exploit targeting a production AI system, it offers valuable insights into the emerging threat landscape that security professionals need to understand and prepare for.…
Breaking News, cyber crime, data breach, Exploits, Global Security News, hacking, malware
Researchers discovered the largest data breach ever, exposing 16 billion login credentials
Researchers discovered the largest data breach ever, exposing 16 billion login credentials, likely due to multiple infostealers. Researchers announced the discovery of what appears to be the largest data breach ever recorded, with an astonishing 16 billion login credentials exposed. The ongoing investigation, which began earlier this year, suggests that the credentials were collected through…
Exploits, Global Security News
Banana Squad’s Stealthy GitHub Malware Campaign Targets Devs
Banana Squad exploited GitHub to distribute malicious Python code disguised as legitimate tools
Aerospace and Defense Industry, Cyberattacks, Government, Physical Security, Security, Threat and Vulnerability Management, Exploits, Global Security News
Foreign aircraft, domestic risks
Disclaimer: The content presented in this article is based exclusively on publicly available, unclassified information and open-source research. It does not draw upon any classified or proprietary data. The analysis is intended solely as a technical thought exercise to explore potential cybersecurity considerations in the context of legacy aircraft systems and industrial control system analogies.…
Exploits, Global Security News
Secure Vibe Coding: The Complete New Guide
DALL-E for coders? That’s the promise behind vibe coding, a term describing the use of natural language to create software. While this ushers in a new era of AI-generated code, it introduces “silent killer” vulnerabilities: exploitable flaws that evade traditional security tools despite perfect test performance. A detailed analysis of secure vibe coding practices is…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware
Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers
Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS, using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 million…
Exploits, Global Security News
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities, discovered by Qualys, are listed below – CVE-2025-6018 – LPE from unprivileged to allow_active in SUSE 15’s Pluggable Authentication Modules (PAM) CVE-2025-6019 – LPE from allow_active to root in
Artificial Intelligence, Data and Information Security, Vulnerabilities, Exploits, Global Security News
Asana’s MCP AI connector could have exposed corporate data, CSOs warned
CSOs with Asana’s Model Context Protocol (MCP) server in their environment should scour their logs and metadata for data leaks after the discovery of a serious vulnerability. Asana, a software-as-a-service workplace management platform allowing employees to set company-wide goals, manage strategic plans and keep teams connected, said this week that its MCP server had been…
Apple, iOS, MacOS Security, Security, Exploits, Global Security News
Hackers lean into social engineering to attack Apple security — Jamf
Every Mac, iPhone, or iPad user should do everything they can to protect themselves against social engineering-based phishing attacks, a new report from Jamf warns. In a time of deep international tension, the digital threat environment reflects the zeitgeist, with hackers and attackers seeking out security weaknesses on a scale that continues to grow. Based…
Exploits, Global Security News, government-regulations
Paddle faces $5M FTC fine over alleged tech support scam involvement
The U.S. Federal Trade Commission has ordered UK-based payment processor Paddle and its U.S. subsidiary to pay a $5 million penalty to resolve its alleged screening and fraud prevention lapses that allowed credit card system exploitation by tech support firms Restoro, Reimage, and PC Vark.
Data Security, email security, Exploits, Global Security News, Vulnerability Management
Over 1M Cock.li user records compromised via Roundcube exploits
BleepingComputer reports that all users of the German free privacy-focused email hosting server Cock.li since 2016 amounting to more than 1 million individuals were confirmed to have had their information compromised following a breach stemming from the exploitation of vulnerabilities impacting its deprecated Roundcube webmail platform.
Backup & Replication, Breaking News, Exploits, Global Security News, hacking, hacking news, Security
Watch out, Veeam fixed a new critical bug in Backup & Replication product
Veeam addressed a new critical flaw in Backup & Replication product that could potentially result in remote code execution. Veeam has rolled out security patches to address a critical security vulnerability, tracked CVE-2025-23121 (CVSS score of 9.9) in its Backup & Replication solution that can allow remote attackers to execute arbitrary code under certain conditions.…
Exploits, Global Security News, malware, Threat Intelligence
More sophisticated KimJongRAT stealer variants emerge
Weaponized Windows LNK files have been exploited by a pair of new advanced variants of the KimJongRAT information-stealing malware to facilitate multi-stage compromise of cryptocurrency wallets, browser credentials, and system information, GBHackers News reports.
Exploits, Global Security News, patchconfiguration-management, Threat Intelligence, Vulnerability Management
Addressed Google Chrome zero-day leveraged to spread Trinper backdoor
GBHackers News reports that attacks exploiting the already-fixed high-severity Google Chrome zero-day flaw, tracked as CVE-2025-2783, have been launched by the Team46 advanced persistent threat operation, also known as TaxOff, to spread the Trinper malware as part of a campaign that was initially observed in March.
Exploits, Generative AI, Malware, Security, Global Security News
WormGPT returns: New malicious AI variants built on Grok and Mixtral uncovered
Two new variants of WormGPT, the malicious large language model (LLM) from July 2023 that operated without restrictions to generate phishing emails, BEC messages, and malware scripts, have been uncovered, now riding on top of xAI’s Grok and Mistral’s Mixtral models. Cloud-native network security company CATO Networks analyzed the variants posted on the widely used…
Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds Linux Kernel flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, tracked as CVE-2023-0386, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership vulnerability in the Linux kernel that…
Breaking News, cyber crime, Exploits, Flodrix botnet, Global Security News, hacking, malware
News Flodrix botnet targets vulnerable Langflow servers
Attackers exploit CVE-2025-3248 in Langflow servers to deliver Flodrix botnet via downloader scripts, Trend Research reports. Trend Research uncovered an ongoing campaign exploiting the vulnerability CVE-2025-3248 to deliver the Flodrix botnet. Attackers exploit the flaw to run scripts on Langflow servers, downloading and installing Flodrix malware. “If the vulnerability is successfully exploited, threat actors behind…
DevSecOps, GitHub, Software Development, Vulnerabilities, Exploits, Global Security News
GitHub Actions attack renders even security-aware orgs vulnerable
Developers hosting code repositories on GitHub continue to use GitHub Actions insecurely, setting up automatic workflows that can be exploited to extract sensitive authentication tokens, researchers warn. Security risks associated with GitHub Actions workflows are not new. Still, researchers from Sysdig have identified dozens of vulnerable projects, including ones from high-profile security-aware organizations MITRE and…
Exploits, Global Security News, linux, Security
New Linux udisks flaw lets attackers get root on major Linux distros
Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions. […]
Exploits, Global Security News
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate…
Exploits, Global Security News
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper. The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3). Google addressed the flaw later that month…
Exploits, Global Security News
LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security. LangSmith is an observability and evaluation platform…
cyber attack, cyber crime, Cybersecurity, Exploits, Global Security News, Phishing Scam, Scams and Fraud
Hacklink Market Linked to SEO Poisoning Attacks in Google Results
Cybersecurity researchers at Netcraft have discovered a series of new SEO poisoning related attacks exploiting Google’s search results…
Exploits, Global Security News, Security
Hacker steals 1 million Cock.li user records in webmail data breach
Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over a million user records. […]
Exploits, Global Security News
Hackers Exploit Critical Langflow Flaw to Unleash Flodrix Botnet
A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data
Apple Photos, Artificial Intelligence, Developer, Generative AI, WWDC, Exploits, Global Security News
Why Apple’s Foundation Models Framework matter
Look, it’s not just about Siri and ChatGPT; artificial intelligence will drive future tech experiences and should be seen as a utility. That’s the strategic imperative driving Apple’s WWDC introduction of the Foundation Models Framework for its operating systems. It represents a series of tools that will let developers exploit Apple’s own on-device AI large language models…
Exploits, Global Security News, identity, patchconfiguration-management, Vulnerability Management
Windows privilege escalation possible with ASUS Armoury Crate flaw
Attackers could achieve escalated SYSTEM privileges on Windows machines through the exploitation of a high-severity ASUS Armoury Crate system management software vulnerability, tracked as CVE-2025-3464, BleepingComputer reports.
Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-43200 Apple Multiple Products Unspecified Vulnerability CVE-2023-33538 (CVSS score…
Exploits, Global Security News, malware, Threat Intelligence
HijackLoader, DeerStealer spread via ClickFix intrusion
Malicious actors have exploited the ClickFix attack technique to facilitate the deployment of the HijackLoader and DeerStealer payloads as part of a new campaign, Infosecurity Magazine reports.
Exploits, Global Security News, Phishing, Security
Phishing goes prime time: Hackers use trusted sites to hijack search rankings
Cybercriminals are exploiting a black-market search engine optimization (SEO) platform called Hacklink to hijack search engine results and promote phishing and other unscrupulous sites. According to a Netcraft research, the clandestine marketplace allows scammers to purchase access to high-reputation websites and stealthily plant links that boost the visibility of attacker-controlled pages in search results, especially…
Developer, Malware, Security, Exploits, Global Security News
Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets
A malicious Python package posing as a harmless add-on for the Chimera sandbox environment, an integrated machine learning experimentation and development tool, is helping threat actors steal sensitive corporate credentials. According to new research findings from software supply chain and DevOps company JFrog, the package “chimera-sandbox-extensions”, recently uploaded to the popular PyPI repository, contains a…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, internet of things
Attackers target Zyxel RCE vulnerability CVE-2023-28771
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. “Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks. On June 16, GreyNoise observed…
Exploits, Global Security News
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. “Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed
Exploits, Global Security News
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when
Exploits, Global Security News, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data.
Exploits, Global Security News
Threat Actors Target Victims with HijackLoader and DeerStealer
Cyber-attacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix
Exploits, Global Security News, patchconfiguration-management, Vulnerability Management
Remote hacking possible with patched critical Mitel MiCollab flaw
Organizations have been urged by Mitel to remediate a critical path traversal vulnerability in the MiCollab communications and collaboration platform, which could be exploited to compromise provisioning data, reports SecurityWeek.
Exploits, generative ai, Global Security News
Erster Zero-Click-Angriff auf Microsoft 365 Copilot
Eine Lücke in Microsoft 365 Copilot ermöglicht es, sensible Daten zu stehlen. Tada Images – shutterstock.com Stellen Sie sich einen Angriff vor, der so heimlich ist, dass er keine Klicks, keine Downloads und keine Warnungen erfordert – es reicht eine einzelne E-Mail, die in Ihrem Posteingang landet. Das ist der Fall bei EchoLeak, einer kritischen…
Developer, Security, Vulnerabilities, Exploits, Global Security News
‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover
A newly discovered cross-site scripting (XSS) vulnerability in Grafana — a widely used open-source analytics and visualization platform for developers — has put thousands of servers at risk of complete account takeover. According to an OX Security analysis, the critical vulnerability, dubbed “Grafana Ghost,” exposes unpatched systems to client-side open-redirect and cross-site scripting attacks. “The…
Exploits, Global Security News, Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Endpoints, Trend Micro Research : Expert Perspective, Trend Micro Research : Investigations, Trend Micro Research : Research
Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub
The Trend Micro™ Managed Detection and Response team uncovered a threat campaign orchestrated by an active group, Water Curse. The threat actor exploits GitHub, one of the most trusted platforms for open-source software, as a delivery channel for weaponized repositories.
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Palo Alto Networks fixed multiple privilege escalation flaws Unusual toolset used in recent Fog Ransomware attack…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Palo Alto Networks fixed multiple privilege escalation flaws
Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions. Palo Alto Networks fixed seven privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products. Palo Alto applied 11 Chrome fixes and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser. The most severe vulnerability, tracked…
Breaking News, Cybercrime, Exploits, Fog ransomware, Global Security News, malware, Security
Unusual toolset used in recent Fog Ransomware attack
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn. In May 2025, attackers hit an Asian financial firm with Fog ransomware, using rare tools like Syteca monitoring software and pentesting tools GC2, Adaptix, and Stowaway. Symantec researchers pointed out that the use of these tools is unusual…
Exploits, Global Security News
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan. “Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in a technical report. “The attackers combined…
Exploits, Global Security News
CISA Reveals ‘Pattern’ of Ransomware Attacks Against SimpleHelp RMM
A new Cybersecurity and Infrastructure Security Agency (CISA) advisory warned ransomware actors have been actively exploiting a critical SimpleHelp flaw since January.
encryption, Exploits, Global Security News, Vulnerability Management
Trend Micro patches four 9.8 bugs in encryption PolicyServer products
While there was still no evidence of exploitation, Trend Micro advises customers to patch right away.
Cloud Security, Cybersecurity, Data Privacy, Data Security, Exploits, Featured, Global Security News
Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks
Aim Security researchers found a zero-click vulnerability in Microsoft 365 Copilot that could have been exploited to have AI tools like RAG and AI agents hand over sensitive corporate data to attackers simply by issuing a request for the information in a specially worded email. Microsoft fixed the security flaw. The post Zero-Click Flaw in…
Exploits, Global Security News, Microsoft, Microsoft Office, Security, Windows, Windows 10, Windows 11
Microsoft’s Patch Tuesday updates: Keeping up with the latest fixes
Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are. Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to…
Exploits, Global Security News, Microsoft, Microsoft Office, Windows, Windows Security
For June’s Patch Tuesday, 68 fixes — and two zero-day flaws
Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) have led to a “Patch Now” recommendation for both Windows and Office.…
Apple, Artificial Intelligence, Operating Systems, WWDC, Exploits, Global Security News
Apple’s AI Revolution: Insights from WWDC
After this year’s WWDC, I’m feeling a lot more positive about Apple’s efforts to weave artificial intelligence into its ecosystem. While a contextual Siri may not arrive until next year, the focus right now is on developing the inherent technologies rather than mass market AI interactions. At Apple’s big developer event, developers were served a feast of AI-related updates, including…
critical-infrastructure-security, Exploits, Global Security News, Vulnerability Management
Report: Government system vulnerabilities often unresolved
Almost 80% of government agencies have failed to address software flaws for at least a year, while 55% had enduring vulnerabilities that could be exploited in attacks, indicating “critical” security debt, Cybersecurity Dive reports.
aiml, Exploits, Global Security News, Threat Intelligence
AI moderation guardrails circumvented by novel TokenBreak attack
Malicious actors could exploit the novel TokenBreak attack technique to compromise large language models’ tokenization strategy and evade implemented safety and content moderation protections, reports The Hacker News.
Exploits, Global Security News, Network Security, Threat Intelligence
Cyberattacks against public interest orgs spike, report finds
Cybersecurity threats, including distributed denial-of-service attacks and web exploits, against public interest organizations averted by Cloudflare’s Project Galileo reached 108.9 billion between May 2024 and March 2025, which was 241% higher than the previous year, SiliconANGLE reports.
Exploits, Global Security News, identity, Threat Intelligence
TeamFiltration pentesting tool harnessed in global Microsoft Entra ID attack campaign
Attacks exploiting the TeamFiltration penetration testing framework have been launched by the threat actor UNK_SneakyStrike to target over 80,000 Microsoft Entra ID accounts across hundreds of organizations worldwide, some of which were successfully taken over, as part of a campaign that commenced in December, BleepingComputer reports.
Cyberattacks, Ransomware, Security, Exploits, Global Security News
Fog ransomware gang abuses employee monitoring tool in unusual multi-stage attack
Fog ransomware hackers, known for targeting US educational institutions, are now using legitimate employee monitoring software Syteca, and several open-source pen-testing tools alongside usual encryption. While investigating a May 2025 attack on an unnamed financial institution in Asia, Symantec researchers spotted hackers using Syteca (formerly Ekran) and several pen-testers, including GC2, Adaptix, and Stowaway, a…
Breaking News, Cybercrime, Exploits, Global Security News, hacking, malware, Mobile
Apple confirmed that Messages app flaw was actively exploited in the wild
Apple confirmed that a security flaw in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. Apple confirmed that a now-patched vulnerability, tracked as CVE-2025-43200, in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. The IT giant addressed the flaw…
Breaking News, Exploits, Global Security News, hacking, information security news, IT Information Security, Security
Trend Micro fixes critical bugs in Apex Central and TMEE PolicyServer
Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. Trend Micro address remote code execution and authentication bypass vulnerabilities impacting its Endpoint Encryption (TMEE) PolicyServer and Apex Central solutions. Trend Micro Endpoint Encryption PolicyServer is a centralized management server used in Trend Micro’s Endpoint Encryption solution. It acts…
Exploits, Global Security News
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS…
cyber security, Exploits, Global Security News, penetration testing
Penetration Testing for SaaS Providers: Building Trust and Security
In today’s rapidly evolving digital landscape, SaaS (software as a service) providers face increasing scrutiny regarding the security of their platforms. And with increasing numbers of customers entrusting sensitive data to Cloud-based solutions, penetration testing has become an essential component of a comprehensive security strategy. In a recent webinar, Penetration Testing for SaaS Providers, our…
Binary Gecko, cybersecurity education, Exploits, Global Security News, Infosecurity Education, keynote, Security Bloggers Network
OffensiveCon25 – Keynote: Automating Your Job? The Future Of AI and Exploit Development
Author/Presenter: Perri Adams Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
Exploits, Global Security News
Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider
Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp…
Exploits, Global Security News, patchconfiguration-management, Vulnerability Management
CoreDNS addresses flaw enabling server crashes
Updates have been issued by CoreDNS to fix a high-severity flaw in its DNS-over-QUIC implementation, tracked as CVE-2025-47950, which could be exploited to disrupt DNS servers via stream amplification intrusions, GBHackers News reports.
Exploits, Global Security News, IoT, Vulnerability Management
CISA: Significant flaws impacting SinoTrack GPS devices
Hackread reports that users of SinoTrack GPS trackers have been warned by the Cybersecurity and Infrastructure Security Agency regarding a pair of high-severity vulnerabilities within the SinoTrack IoT PC Platform, which could be exploited to facilitate remote compromise.
Artificial Intelligence, Security, Vulnerabilities, Exploits, Global Security News
First-ever zero-click attack targets Microsoft 365 Copilot
Imagine an attack so stealthy it requires no clicks, no downloads, no warning – just an email sitting in your inbox. This is EchoLeak, a critical vulnerability in Microsoft 365 Copilot that lets hackers steal sensitive corporate data without a single action from the victim. Discovered by Aim Security, it’s the first documented zero-click attack…
Exploits, Global Security News, Malware, Security
FIN6 exploits HR workflows to breach corporate defenses
The financially motivated cybercrime group FIN6, also known as Skeleton Spider, is targeting human resources professionals with an elaborate social engineering scheme that uses fake job applications to deliver malware, according to new research from security analysts. The campaign begins with attackers posing as job seekers on professional platforms like LinkedIn and Indeed, building rapport…
Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security
SinoTrack GPS device flaws allow remote vehicle control and location tracking
Two vulnerabilities in SinoTrack GPS devices can allow remote vehicle control and location tracking by attackers, US CISA warns. U.S. CISA warns of two vulnerabilities in SinoTrack GPS devices that remote attackers can exploit to access a vehicle’s device profile without permission. The researchers warn that potential exploitation could allow attackers to track its location…
Breaking News, CISA, Cybercrime, Exploits, Global Security News, hacking, Security
U.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-24016 (CVSS score 9.9) Wazuh Server Deserialization…
Exploits, Global Security News, IT Strategy, Security Practices, Small and Medium Business
Smaller organizations nearing cybersecurity breaking point
Limited budgets, overstretched IT teams, and a rapidly evolving threat landscape mean smaller organizations are approaching a “cybersecurity tipping point.” The World Economic Forum’s (WEF) Global Cybersecurity Outlook 2025 report noted that “71% of cyber leaders say small organizations have already reached a critical tipping point where they can no longer adequately secure themselves against…
Exploits, Global Security News, Security, Threat and Vulnerability Management, Vulnerabilities
June Patch Tuesday advice for CSOs: Defense-in-depth needed to stop RCEs
This month’s Patch Tuesday fixes highlight a troubling pattern of remote code execution (RCE) holes being found in Microsoft’s core enterprise products, says an expert. “This trend reinforces the need for defense-in-depth strategies that extend well beyond patching,” says Mike Walters, president of patch management provider Action1. He pointed to several RCE vulnerabilities in this…
Bennie Thompson, CVE, Department of Homeland Security (DHS), Exploits, GAO, Global Security News, Government
Dems want watchdog study of two troubled federally-funded vulnerability tracking initiatives
Two House Democratic leaders are asking a government watchdog to dig into two federally-funded initiatives to catalog software flaws and vulnerability data in light of their recent troubles. Mississippi Rep. Bennie Thompson, the top Democrat on the Homeland Security Committee, and California Rep. Zoe Lofgren, who serves as top Democrat on the Science and Technology…
Exploits, Global Security News, Security
Hackers exploited Windows WebDav zero-day to drop malware
An APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. […]
Exploits, Global Security News, Patch Management Software, Security
Forgotten patches: The silent killer
Security breaches rarely come crashing through the front door. More often, they creep in through vulnerabilities that should have been closed long ago. The patch existed. It may have even been scheduled or approved. But it never landed, and no one noticed. In 2024, over half of breaches were tied to vulnerabilities that had known…
Exploits, Global Security News
Mirai Botnets Exploit Flaw in Wazuh Security Platform
The two campaigns are good examples of the ever-shrinking time-to-exploit timelines that botnet operators have adopted for newly published CVEs.
Exploits, generative ai, Global Security News
Neues GenAI-Tool soll Open-Source-Sicherheit erhöhen
srcset=”https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?quality=50&strip=all 5666w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2322281155.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Ein neu entwickeltes GenAI-Tool soll helfen, Schwachstellen in großen Open-Source-Repositories zu erkennen und zu patchen. Teerachai Jampanak – Shutterstock.com Niederländische und iranische Sicherheitsforscher haben ein neues Tool auf…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, IT Information Security
Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited
A critical remote code execution (RCE) vulnerability in Roundcube was exploited days after patch, impacting over 80,000 servers. Threat actors exploited a critical remote code execution (RCE) flaw in Roundcube, tracked as CVE-2025-49113, just days after the patch was released, targeting over 80,000 servers. Roundcube is a popular webmail platform and has been repeatedly targeted…
Exploits, Global Security News
SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords
Two security vulnerabilities have been disclosed in SinoTrack GPS devices that could be exploited to control certain remote functions on connected vehicles and even track their locations. “Successful exploitation of these vulnerabilities could allow an attacker to access device profiles without authorization through the common web management interface,” the U.S. Cybersecurity and Infrastructure
Exploits, Global Security News, Microsoft, Operating Systems, Productivity Software, Windows, Windows 10, Windows 11
Is Microsoft really axing Windows 10? Here’s what you need to know
“Stay on the right side of risk.” That’s what a new advertisement from Microsoft says, urging businesses and consumers to upgrade their Windows 10 PCs in the coming months. After all, Windows 10 will stop getting security updates in October. That’s now only four months away. Microsoft has spent a lot of time talking about…
Exploits, Global Security News
Two Microsoft Zero Days for Admins to Fix in June Patch Tuesday
Microsoft has patched two zero days this month, one of which is being exploited in the wild
Exploits, Global Security News
Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild
Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning (WEBDAV) that it said has come under active exploitation in the wild. Of the 67 vulnerabilities, 11 are rated Critical and 56 are rated Important in severity. This includes 26 remote code execution flaws, 17 information…
Breaking News, brute force, Exploits, Global Security News, Google, hacking, information security news
A flaw could allow recovery of the phone number associated with any Google account
A vulnerability could allow recovery of the phone number associated with a Google account by carrying out a brute force attack. The security researcher who goes online with the moniker “brutecat” discovered that it is possible to brute force the phone number of any Google abusing an issue in the company’s account recovery feature. A…
CSO and CISO, Cyberattacks, Incident Response, Exploits, Global Security News
8 things CISOs have learned from cyber incidents
When a cyber incident happens, it’s more than just an isolated event. For many CISOs, it reshapes their approach to resilience, risk management, and even their personal well-being in the job. Several security leaders reflect on the lessons from real-world incidents and why it’s vital to share them with the community to strengthen collective resilience,…
Acrobat Reader, Action1, Adam Barnett, Exploits, Global Security News, Security Tools, Time to Patch
Patch Tuesday, June 2025 Edition
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public. The sole zero-day flaw this month is…
Exploits, Global Security News, Network Security, patchconfiguration-management, Vulnerability Management
Microsoft fixes 66 bugs in latest Patch Tuesday, 10 rated ‘critical’
Two of the flaws have a CVSS score of 8.8, with one under active exploitation.
Application Security, Botnets, Vulnerabilities, Exploits, Global Security News
Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw
Researchers warn that several botnets built on the Mirai malware codebase are targeting outdated Wazuh XDR and SIEM management servers. For the past several months, the botnets have been exploiting a critical remote code execution vulnerability in Wazuh that was patched in February. Researchers from content delivery and security company Akamai first detected exploitation of…
cyber espionage, Cybersecurity, espionage, Exploits, Global Security News, Technology, Threats
Microsoft Patch Tuesday addresses 66 vulnerabilities, including an actively exploited zero-day
Microsoft addressed 66 vulnerabilities across its suite of products and systems, including a zero-day in WebDAV that allows unauthorized attackers to remotely execute code, the company said in its latest security update Tuesday. The espionage group Stealth Falcon exploited the zero-day — CVE-2025-33053 — to execute malware on a defense company in Turkey in March,…
Botnet, cyber attack, Cybersecurity, Exploits, Global Security News, malware, Security
Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw
Akamai’s latest report reveals two Mirai botnets exploiting the critical CVE-2025-24016 flaw in Wazuh. Learn about these fast-spreading IoT threats and urgent patching advice.
Exploits, Global Security News, identities, Industry Insights, Secrets, Security Bloggers Network, service accounts
5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them
4 min readDiscover the emerging class of attacks involving software workloads and AI agents. The post 5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them appeared first on Aembit. The post 5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them appeared first on Security Boulevard.
Binary Gecko, cybersecurity education, Exploits, Global Security News, Infosecurity Education, OffensiveCon25, Security Bloggers Network
OffensiveCon25 – Breaking The Sound Barrier: Exploiting CoreAudio Via Mach Message Fuzzing
Author/Presenter: Dillon Franke Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
Exploits, Global Security News, Security Bloggers Network
Microsoft’s June 2025 Patch Tuesday Addresses 65 CVEs (CVE-2025-33053)
9Critical 56Important 0Moderate 0Low Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild. Microsoft addresses 65 CVEs in its June 2025 Patch Tuesday release, with nine rated critical, and 56 rated as important. Our counts omitted one vulnerability reported by CERT CC. This month’s update includes patches for: .NET…
Exploits, Global Security News, Microsoft, Security
Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws
Today is Microsoft’s June 2025 Patch Tuesday, which includes security updates for 66 flaws, including one actively exploited vulnerability and another that was publicly disclosed. […]
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
SAP June 2025 Security Patch Day fixed critical NetWeaver bug
SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch released in June 2025 Security Patch. SAP June 2025 Security Patch addressed a critical NetWeaver vulnerability, tracked as CVE-2025-42989 (CVSS score of 9.6), allowing threat actors to bypass authorization checks and escalate their privileges. “RFC inbound processing does not perform…
Data Security, Exploits, Global Security News, identity, Vulnerability Management
Google vulnerability leaking phone numbers remediated
Independent security researcher brutecat was able to create an exploit that facilitated the exposure of targeted accounts’ full display names while circumventing Google’s anti-bot defense mechanism hindering password reset request spamming.