Geek-Guy.com

Category: Exploits

Explore the latest software exploits, zero-day vulnerabilities, and security PoCs. Geek-Guy provides expert analysis on emerging threats and how to stay protected.

APT, Breaking News, Exploits, Global Security News, hacking, intelligence, Security

China-linked group Fire Ant exploits VMware and F5 flaws since early 2025

China-linked group Fire Ant exploits VMware and F5 flaws to stealthily breach secure systems, reports cybersecurity firm Sygnia. China-linked cyberespionage group Fire Ant is exploiting VMware and F5 vulnerabilities to stealthily access secure, segmented systems, according to Sygnia. Since early 2025, the group has targeted virtualization and networking infrastructure, primarily VMware ESXi and vCenter environments.…

Read more →

Exploits, Global Security News

Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide

Cybersecurity researchers have discovered over a dozen security vulnerabilities impacting Tridium’s Niagara Framework that could allow an attacker on the same network to compromise the system under certain circumstances. “These vulnerabilities are fully exploitable if a Niagara system is misconfigured, thereby disabling encryption on a specific network device,” Nozomi Networks Labs said in a

Read more →

Exploits, Global Security News

Darkweb – das verkannte Security-Tool

Ein Besuch im Darkweb kann der IT-Sicherheit zuträglich sein. Postmodern Studio | shutterstock.com Ist vom Darkweb die Rede, weckt das bei den meisten Menschen dunkle Assoziationen von einem florierenden Cyberuntergrund, in dem (unter anderem) mit Waffen, Drogen und Zugangsdaten gehandelt wird. Das trifft zwar durchaus zu – allerdings eröffnet das Darkweb Unternehmen, beziehungsweise Security-Spezialisten und…

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran Conflict Uncovering a Stealthy WordPress Backdoor in mu-plugins      NPM package ‘is’ with 2.8M weekly downloads infected devs with malware Coyote in the Wild: First-Ever…

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, information security news

Security Affairs newsletter Round 534 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Law enforcement operations seized BlackSuit ransomware gang’s darknet sites Arizona woman sentenced for aiding North Korea…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, malware

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

An international law enforcement operation seized the dark web data leak site of the BlackSuit ransomware group. A banner on the BlackSuit ransomware group’s TOR data leak sites informs visitors that they were seized by U.S. Homeland Security Investigations in a global law enforcement operation. The notice features logos of 17 law enforcement agencies and…

Read more →

Exploits, Global Security News

AI-forged panda images hide persistent cryptomining malware ‘Koske’

A new malware strain named ‘Koske’ is delivering crypto-mining payloads through dropper files posing as benign panda pictures. According to Aqua Nautilus, the cybersecurity team at Aqua Security, the malware likely uses AI-assistance as its code appears shaped by large language models (LLMs). “Koske, a sophisticated Linux threat, shows clear signs of AI-assisted development, like…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware

Koske, a new AI-Generated Linux malware appears in the threat landscape

Koske is a new Linux malware designed for cryptomining, likely developed with the help of artificial intelligence. Koske is a new Linux AI-generated malware that was developed for cryptomining activities. Aquasec researchers reported that the malicious code uses rootkits and polyglot image file abuse to evade detection. Attackers exploit a misconfigured server to drop backdoors…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

Mitel patches critical MiVoice MX-ONE Auth bypass flaw

Mitel addressed a critical MiVoice MX-ONE flaw that could allow an unauthenticated attacker to conduct an authentication bypass attack. A critical authentication bypass flaw (CVSS score of 9.4) in Mitel MiVoice MX-ONE allows attackers to exploit weak access controls and gain unauthorized access to user or admin accounts. “An authentication bypass vulnerability has been identified…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, malware

Coyote malware is first-ever malware abusing Windows UI Automation

New Coyote malware uses Windows UI Automation to steal banking credentials, targeting Brazilian users across 75 banks and crypto platforms. Coyote malware is now the first to exploit Microsoft’s UI Automation framework in the wild, validating prior warnings from Akamai researchers in December 2024. The UI Automation (UIA) framework is a Microsoft accessibility framework that…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Government, Ransomware, Research

Microsoft SharePoint attacks ensnare 400 victims, including federal agencies

The fallout from an attack spree targeting defects in on-premises Microsoft SharePoint servers continues to spread nearly a week after zero-day exploits were discovered, setting off alarms across the globe. More than 400 organizations have been actively compromised across four waves of attacks, according to Eye Security. Multiple government agencies, including the Departments of Energy,…

Read more →

Exploits, Global Security News

Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems

Mitel has released security updates to address a critical security flaw in MiVoice MX-ONE that could allow an attacker to bypass authentication protections. “An authentication bypass vulnerability has been identified in the Provisioning Manager component of Mitel MiVoice MX-ONE, which, if successfully exploited, could allow an unauthenticated attacker to conduct an authentication bypass attack

Read more →

Exploits, Global Security News

Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices

Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution.  The two vulnerabilities impacting Sophos Firewall are listed below – CVE-2025-6704 (CVSS score: 9.8) – An arbitrary file writing vulnerability in the Secure PDF eXchange…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances. Experts warn customers to check their installs for Indicators of Compromise (IoCs) associated with Overstep malware attacks. The issue is an authenticated arbitrary…

Read more →

ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Exploits, Global Security News, Malware Analysis

Top Email Security Risks for Businesses and How to Catch Them Before They Cause Damage 

Even with all the new ways we stay in touch, Slack, Teams, DMs, email is still the backbone of business communication. That also makes it one of the easiest ways in for attackers.  A single message with the right subject line or attachment can lead to stolen logins, malware infections, or even full network access.…

Read more →

Exploits, Global Security News

Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems

Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targeted systems. The tech giant, in an update shared Wednesday, said the findings are based on an “expanded analysis and threat intelligence from our continued monitoring of exploitation activity by Storm-2603.” The threat actor…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, Security

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input…

Read more →

Android, Exploits, Global Security News, iOS, Law & order, Mobile, phishing

Smashing Security podcast #427: When 2G attacks, and a romantic road trip goes wrong

Graham warns why it is high time we said goodbye to 2G – the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, scammers are driving around cities like dodgy Uber drivers, spewing phishing texts to thousands at once. Meanwhile, Carole unpacks a painfully awkward tale of amour…

Read more →

AI, Compliance, Cybersecurity, Exploits, Global Security News, Network Security, privacy, Risk Management

When 2G attacks, and a romantic road trip goes wrong

In this episode, Graham warns why it is high time we said goodbye to 2G – the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, scammers are driving around cities like dodgy Uber drivers, spewing phishing texts to thousands at once. Meanwhile, Carole unpacks a painfully awkward…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706 Microsoft SharePoint Improper Authentication Vulnerability This…

Read more →

AI, Exploits, Global Security News, Government, privacy, Technology

Trump AI plan pushes critical infrastructure to use AI for cyber defense

The Trump administration’s new AI Action Plan calls for companies and governments to lean into the technology when protecting critical infrastructure from cyberattacks. But it also recognizes that these systems are themselves vulnerable to hacking and manipulation, and calls for industry adoption of “secure by design” technology design standards to limit their attack surfaces. The…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Technology, Threats

Cisco network access security platform vulnerabilities under active exploitation

A pair of maximum-severity vulnerabilities affecting Cisco’s network access security platform are under active exploitation, the enterprise networking and IT vendor warned in a security advisory Monday. The software defects in Cisco Identity Services Engine and Cisco ISE Passive Identity Connector — CVE-2025-20281 and CVE-2025-20337 — were disclosed and addressed by Cisco on June 25,…

Read more →

Exploits, Global Security News

Kandji helps secure Apple enterprise with Vulnerability Response

Apple device management vendor Kandji has introduced new tools designed to protect corporate devices from vulnerabilities. Dubbed Vulnerability Response, the software lets customers configure accelerated software updates for more than 200 Mac applications based on the severity of the vulnerabilities.  I caught up with Justin Safdie, the company’s general manager of endpoint security, and Weldon Dodd,…

Read more →

AI, Apps, china, Cybersecurity, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Government & Policy, Information Security, malware, vulnerabilities, vulnerability

Microsoft SharePoint Zero-Day EXPLAINED — How Hackers Got In Without a Password

Two previously unknown zero-day vulnerabilities in Microsoft SharePoint Server (on-premises) are being actively exploited in the wild as part of a highly coordinated espionage campaign. Microsoft has linked these attacks to China-based APT actors, and at least 75 organizations worldwide have confirmed breaches. The flaws, identified as CVE-2025-53770 and CVE-2025-53771, enable unauthenticated remote code execution…

Read more →

Exploits, Global Security News

New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials

The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework called UI Automation (UIA) to harvest sensitive information. “The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banking institutes’ web addresses and cryptocurrency exchanges,” Akamai security researcher…

Read more →

Exploits, Global Security News

Clorox sues Cognizant for $380M over alleged helpdesk failures in cyberattack

US bleach and cleaning product giant Clorox has filed a $380 million lawsuit against IT services provider Cognizant, alleging the company’s helpdesk staff handed over network passwords to cybercriminals who simply called and asked for them, no questions asked. The complaint filed Tuesday in Alameda County Superior Court includes actual recorded conversations that reveal the…

Read more →

ANYRUN, Cybersecurity, Exploits, Global Security News, Malware Analysis

Beating Supply Chain Attacks: DHL Impersonation Case Study  

ANY.RUN’s services processes data on current threats daily, including attacks affecting supply chains. In this case study, we analyze examples of DHL brand abuse. The company is a leading global logistic operator, and attackers exploit its recognition to send phishing emails, potentially targeting its partners.   We will demonstrate how ANY.RUN’s solutions can be used to…

Read more →

Exploits, Global Security News, Ransomware, Security

Interlock ransomware threat expands across the US and Europe, hits healthcare and smart cities

The FBI, CISA, Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint cybersecurity advisory warning of an emerging ransomware threat from Interlock, a group that uses double extortion tactics to target businesses and critical infrastructure organizations across the US. The Interlock ransomware variant was…

Read more →

Exploits, Global Security News

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. To that end, Federal Civilian Executive Branch (FCEB) agencies are required to remediate identified vulnerabilities by July 23, 2025. “CISA is

Read more →

Exploits, Global Security News

CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-2775 (CVSS score: 9.3) – An improper restriction of XML external entity (XXE) reference vulnerability in the

Read more →

Exploits, Global Security News

Warning to feds: US infrastructure is under silent attack

Threat actors have become craftier as they increasingly target critical infrastructure, including operational technology (OT) environments such as electric grids, Nate Gleason, program leader at Lawrence Livermore National Laboratory (LLNL), told regulators during a federal hearing Tuesday. “Our adversaries see our critical infrastructure as an attractive target,” he told the US Homeland Security subcommittee on…

Read more →

Breaking News, cisco, Exploits, Global Security News, hacking, hacking news

Cisco confirms active exploitation of ISE and ISE-PIC flaws

Cisco warns of active exploits targeting Identity Services Engine (ISE) and ISE-PIC flaws, first observed in July 2025. Cisco confirmed attempted exploitation in the wild of recently disclosed ISE and ISE-PIC flaws (CVE-2025-20281, CVE-2025-20282, CVE-2025-20337), updating its advisory after detecting attacks in July 2025. “Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE…

Read more →

Exploits, Global Security News

Microsoft Exploitation

GUEST OPINION:  On July 19, reports emerged that Microsoft SharePoint Servers worldwide were under active exploitation. Researchers at Eye Security published a blog post detailing their identification of an “active, large-scale exploitation” that was initially linked to a pair of vulnerabilities in SharePoint dubbed ToolShell. Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a…

Read more →

Breaking News, Cyber warfare, Exploits, Global Security News, hacking, hacking news, intelligence

SharePoint under fire: new ToolShell attacks target enterprises

While SentinelOne did not attribute the attack to a specific threat actor, The Washington Post linked it to China-nexus acors. On July 19, Microsoft confirmed active exploitation of a zero-day vulnerability, tracked as CVE-2025-53770 in on-prem SharePoint Servers. The IT giant issued emergency patches for SharePoint Subscription Edition and 2019, with 2016 updates pending. Microsoft…

Read more →

china, Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats

Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups

Microsoft said two China nation-state threat groups and a separate attacker based in China are exploiting the zero-day vulnerabilities that first caused havoc to SharePoint servers over the weekend. Linen Typhoon and Violet Typhoon — the Chinese government-affiliated threat groups — and an attacker Microsoft tracks as Storm-2603 are exploiting the pair of zero-day vulnerabilities…

Read more →

Exploits, Global Security News

Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access

Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. “In July 2025, the Cisco PSIRT [Product Security Incident Response Team], became aware of attempted exploitation of some of these vulnerabilities in the wild,” the company…

Read more →

Exploits, Global Security News

Dell demonstration platform breached by World Leaks extortion group

Dell Technologies has confirmed that cybercriminals breached its Customer Solution Centers platform earlier this month in an attack that highlights the evolving threat landscape where extortion groups target any accessible enterprise data, regardless of its actual value. The attack was carried out by World Leaks, a newly rebranded extortion group that emerged from the Hunters…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news

CrushFTP zero-day actively exploited at least since July 18

Hackers exploit CrushFTP zero-day, tracked as CVE-2025-54309, to gain admin access via HTTPS when DMZ proxy is off. Threat actors are exploiting a zero-day vulnerability, tracked as CVE-2025-54309 (CVSS score of 9.0), in the managed file transfer software CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. CrushFTP warned of a zero-day that has…

Read more →

Exploits, Global Security News

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said it observed first exploitation attempts targeting an unnamed major Western government, with the activity intensifying on July 18 and 19, spanning government, telecommunications, and software

Read more →

Breaking News, Exploits, Global Security News, hacking, HPE, HPE Aruba Instant On Wi-Fi, Security

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

Hardcoded credentials in HPE Aruba Instant On Wi-Fi devices, let attackers to bypass authentication and access the web interface. HPE disclosed hardcoded credentials in Aruba Instant On Wi-Fi devices that allow attackers to bypass login and access the web interface. The flaw tracked as CVE-2025-37103 (CVSS score of 9.8) impacts devices running firmware version 3.2.0.1…

Read more →

CISA, Exploits, Global Security News, Latest Warnings, The Coming Storm, Time to Patch

Microsoft Fix Targets Attacks on SharePoint Zero-Day

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.S. federal and state agencies, universities, and energy companies. Image: Shutterstock, by Ascannio. In…

Read more →

Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Research, Technology, Threats

Mass attack spree hits Microsoft SharePoint zero-day defect

Attackers are actively exploiting a critical zero-day vulnerability affecting on-premises Microsoft SharePoint servers, prompting industry heavyweights to sound the alarm over the weekend.  Researchers discovered the active, ongoing attack spree Friday afternoon and warnings were issued en masse by Saturday evening. Microsoft released urgent guidance Saturday, advising on-premises SharePoint customers to turn on and properly…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Uncategorized

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft SharePoint flaw, tracked as CVE-2025-53770 (“ToolShell”) (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft released emergency SharePoint updates for two zero-day flaws, tracked as CVE-2025-53770 and CVE-2025-53771,…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Uncategorized

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft SharePoint flaw, tracked as CVE-2025-53770 (“ToolShell”) (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft released emergency SharePoint updates for two zero-day flaws, tracked as CVE-2025-53770 and CVE-2025-53771,…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, information security news

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft SharePoint flaw, tracked as CVE-2025-53770 (“ToolShell”) (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft released emergency SharePoint updates for two zero-day flaws, tracked as CVE-2025-53770 and CVE-2025-53771,…

Read more →

Exploits, Global Security News, Multifactor Authentication, Security

PoisonSeed outsmarts FIDO keys without touching them

PoisonSeed, the notorious crypto-hacking attack group known for large-scale phishing campaigns, was seen cracking Fast Identity Online (FIDO) protections in a novel social engineering technique. In a campaign discovered by Expel, the infamous supply chain phishing attackers leveraged the cross-device sign-in feature available with FIDO keys. FIDO keys use hardware-based multi-factor authentication to address vulnerabilities…

Read more →

Exploits, Global Security News

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected. These attacks don’t depend on zero-days. They work by staying unnoticed—slipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious now…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

Microsoft SharePoint zero-day breach hits on-prem servers

Enterprise IT teams face an immediate crisis as Microsoft warned Saturday of active cyberattacks exploiting a previously unknown vulnerability in SharePoint Server, with security researchers confirming dozens of servers compromised globally since attacks began July 18. “Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July…

Read more →

Breaking News, Exploits, Global Security News, hacking, information security news, Security

Microsoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacks

Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers. Microsoft released emergency SharePoint updates for two zero-day flaws, tracked as CVE-2025-53770 and CVE-2025-53771, exploited since July 18 in attacks dubbed “ToolShell.” Both vulnerabilities only impact on-premises SharePoint Servers, threat actors could chain them for unauthenticated,…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

From hardcoded credentials to auth gone wrong: Old bugs continue to break modern systems

At a time when AI-powered cyber threats and sophisticated state-backed hacking groups dominate the headlines, the lack of elementary security continues to pose as the most consistent risk. A recent string of vulnerability disclosures highlights the vulnerability of “modern” infrastructure to the oldest tricks in the book. Cisco, for instance, was found shipping wireless controllers…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which is under active exploitation. Unfortunately, the flaw has yet to be addressed. The vulnerability is a deserialization of untrusted data in on-premises Microsoft SharePoint Server, an…

Read more →

Exploits, Global Security News

Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details of another vulnerability that it said has been addressed with “more robust protections.” The tech giant acknowledged it’s “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security

Read more →

Breaking News, CISA, Exploits, Fortinet FortiWeb, Global Security News, hacking, Security

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet FortiWeb flaw, tracked as CVE-2025-25257, to its Known Exploited Vulnerabilities (KEV) catalog. Hackers began exploiting the critical Fortinet FortiWeb flaw CVE-2025-25257 (CVSS score of 9.6) on the same day a proof-of-concept (PoC) exploit…

Read more →

Breaking News, data breach, Exploits, Global Security News, hacking, hacking news, malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 54

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape KongTuke FileFix Leads to New Interlock RAT Variant   Code highlighting with Cursor AI for $500,000 Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader Threat Analysis: SquidLoader – Still Swimming Under the…

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news

Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release Authorities released free decryptor for Phobos and…

Read more →

Exploits, Global Security News

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49704 (CVSS score: 8.8), a code injection and remote code execution bug in Microsoft SharePoint Server that was addressed by…

Read more →

Exploits, Global Security News

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2025-54309, the vulnerability carries a CVSS score of 9.0. “CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain…

Read more →

Breaking News, Exploits, Fortinet FortiWeb, Global Security News, hacking, hacking news

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

Hackers exploited a Fortinet FortiWeb flaw the same day a PoC was published, compromising dozens of systems. Hackers began exploiting a critical Fortinet FortiWeb flaw, tracked as CVE-2025-25257 (CVSS score of 9.6), on the same day a proof-of-concept (PoC) exploit was published, leading to dozens of compromised systems. Exploitation of Fortinet’s CVE-2025-25257 began on July…

Read more →

Exploits, Global Security News

Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks

Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure (ICS) appliances. According to a report published by JPCERT/CC today, the threat actors behind the exploitation of CVE-2025-0282 and CVE-2025-22457 in intrusions observed between December 2024 and July

Read more →

Exploits, Global Security News, Security, Vulnerabilities

Cisco warns of another critical RCE flaw in ISE, urges immediate patching

Cisco has dropped another maximum severity advisory detailing an unauthenticated remote code execution (RCE) flaw in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). The networking equipment giant warned that the flaw, much similar to a critical bug it fixed last month, stems from insufficient input validation in a public API. “Cisco’s…

Read more →

Breaking News, Exploits, Global Security News, hacking, information security news, IT Information Security, Security

Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025

VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them. Broadcom four vulnerabilities in VMware products demonstrated at Pwn2Own Berlin 2025. White hat hackers earned over $340,000 for VMware exploits, including $150,000 awarded to STARLabs SG for using an integer overflow flaw to compromise VMware ESXi. Below…

Read more →

Exploits, Global Security News

Ransomware actors target patched SonicWall SMA devices with rootkit

A group of hackers known for stealing enterprise data for extortion purposes has developed a persistent rootkit for SonicWall Secure Mobile Access (SMA) 100 series appliances. The rootkit was seen deployed on end-of-life but fully patched SMA 100 appliances with the help of administrative credentials likely obtained in past compromises. “GTIG assesses with high confidence…

Read more →

Exploits, Global Security News

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution. “The attacker leverages

Read more →

Exploits, Global Security News, vulnerabilities

Oracle-Lücke birgt Gefahr für RCE-Attacken

Oracle hat das Sicherheitsproblem im Code Editor bereits gefixt. sdx15 – shutterstock.com Forscher von Tenable Research haben eine Sicherheitslücke im Code-Editor von Oracle Cloud Infrastructure (OCI) entdeckt, die Unternehmen für Remote-Code-Execution-Angriffe (RCE) anfällig macht. Die webbasierte integrierte Entwicklungsumgebung (IDI) dient zur Verwaltung von Ressourcen wie Functions, Resource Manager und Data Science und sorgt für nahtlose…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

Cisco warns of CVE-2025-20337, a critical ISE flaw (CVSS 10) allowing remote code execution with root privileges. Cisco addressed a critical vulnerability, tracked as CVE-2025-20337 (CVSS score of 10), in Identity Services Engine (ISE) and Cisco Identity Services Engine Passive Identity Connector (ISE-PIC). An attacker could trigger the vulnerability to execute arbitrary code on the…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

UNC6148 targets SonicWall devices with Overstep malware, using a backdoor and rootkit for data theft, extortion, or ransomware. Google’s Threat Intelligence Group warns that a threat actor tracked as UNC6148 has been targeting SonicWall SMA appliances with new malware dubbed Overstep. Active since at least October 2024, the group uses a backdoor and user-mode rootkit…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats

SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices

A financially motivated threat group is attacking organizations using fully patched, end-of-life SonicWall Secure Mobile Access 100 series appliances, Google Threat Intelligence Group said in a report released Wednesday. The group, which Google identifies as UNC6148, is using previously stolen admin credentials to gain access to SonicWall SMA 100 series appliances, remote access VPN devices…

Read more →

Exploits, Global Security News, GPUs, Security

Nvidia-GPUs anfällig für Rowhammer-Angriffe

srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?quality=50&strip=all 5124w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=300%2C186&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=768%2C476&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=1024%2C635&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=1536%2C952&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=2048%2C1270&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=1124%2C697&quality=50&strip=all 1124w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=271%2C168&quality=50&strip=all 271w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=135%2C84&quality=50&strip=all 135w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=774%2C480&quality=50&strip=all 774w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=581%2C360&quality=50&strip=all 581w, https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?resize=403%2C250&quality=50&strip=all 403w” width=”1024″ height=”635″ sizes=”(max-width: 1024px) 100vw, 1024px”>Cyberkriminelle könnten über einen Rowhammer-Angriff auf Nvidia-GPUs zugreifen. gguy / Shutterstock Nvidia hat kürzlich eine Sicherheitswarnung an Anwendungsentwickler, Computerhersteller und IT-Verantwortliche herausgegeben, dass moderne Speicherchips in…

Read more →

Exploits, Global Security News, News and Trends

Scott Kuffer: CISA Cuts Show Need for Strategic MSP Offerings

Security teams across the channel have long utilized databases that collect vast amounts of data to help them identify, assess, and prioritize vulnerabilities; however, changes to external data feeds, such as the National Vulnerability Database (NVD), will impact vulnerability management (VM). Why CISA funding cuts matter for MSPs With the Cybersecurity and Infrastructure Security Agency…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE

A now-patched vulnerability in Oracle Cloud Infrastructure’s (OCI) Code Editor exposed users to remote code execution (RCE) attacks with just a single click. Discovered by Tenable Research, the flaw could allow attackers to upload malicious files to a victim’s Cloud Shell environment and potentially pivot to broader services. According to the researchers, the culprit was…

Read more →

Exploits, Global Security News, Hacking, Security

Salt Typhoon hacked the US National Guard for 9 months, and accessed networks in every state

Chinese-backed APT group Salt Typhoon extensively compromised a US state’s Army National Guard network for nine months, stealing sensitive military data and gaining access to networks in every other US state and at least four territories, according to a Department of Homeland Security memo that warned the breach could facilitate attacks on critical infrastructure nationwide.…

Read more →

Breaking News, Chrome, Exploits, Global Security News, Google, hacking, Security

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

Google released security patches to address multiple Chrome vulnerabilities, including one flaw that has been exploited in the wild. Google released fixes for six Chrome flaws, including one actively exploited in the wild tracked as CVE-2025-6558 (CVSS score of 8.8). CVE-2025-6558 stems from improper validation of untrusted input in Chrome’s ANGLE and GPU components. Clément…

Read more →

Exploits, Global Security News

Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild

Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser’s ANGLE and GPU components. “Insufficient…

Read more →

Exploits, Global Security News

Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act

Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by…

Read more →