Geek-Guy.com

Category: Exploits

Explore the latest software exploits, zero-day vulnerabilities, and security PoCs. Geek-Guy provides expert analysis on emerging threats and how to stay protected.

Exploits, Global Security News

AI disinformation didn’t upend 2024 elections, but the threat is very real

The 2024 election cycle was widely feared to be a watershed moment when artificial intelligence fundamentally changed the disinformation battlefield as deepfake videos, AI-generated propaganda, and hyper-personalized bot campaigns disrupted political systems at an unprecedented scale. The fear was not unfounded — hyper-realistic synthetic voices impersonating world leaders, AI-generated news websites seamlessly blending fabricated stories…

Read more →

Exploits, Global Security News

Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google’s Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target’s device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings…

Read more →

cyber security, Exploits, Global Security News, Good Practices, Network Security, Security Bloggers Network

How to defend against a password spraying attack?

Password spraying attacks are becoming a serious threat, especially targeting Active Directory environments. These attacks enable attackers to exploit weak passwords and gain unauthorised access by applying login attempts across multiple accounts, making them difficult to detect. They also bypass account lockout mechanisms, causing significant risk to organisations. In this blog, we will detail how…

Read more →

cyber security, Exploits, Global Security News, Good Practices, Network Security, Security Bloggers Network

How to Prevent Kerberoasting Attacks?

Kerberoasting attack targets the Active Directory environment to enable attackers to extract and crack service account credentials. Threat actors can gain elevated privileges by exploiting weak password policies and misconfiguration, which further results in lateral movement and deeper network compromise. In this article, we will learn about the harm that Kerberoasting causes, also its impact…

Read more →

Exploits, Global Security News, Security

Threat-informed defense for operational technology: Moving from information to action

As the threat landscape continues to evolve, critical infrastructure sectors face a growing wave of sophisticated cyber threats. Traditional security strategies that focus solely on indicators of compromise (IoCs) are proving insufficient against the scale and speed of modern cyberattacks. To address today’s challenges, organizations must adopt a threat-informed defense approach—one that shifts the focus…

Read more →

Check Point, cisco, Cybersecurity, Exploits, firewall, Forcepoint, Fortinet, Global Security News, google cloud, Juniper Networks, Microsoft Azure, Palo Alto Networks, Research, Technology, Versa Networks

Independent tests show why orgs should use third-party cloud security services

Businesses don’t always get what they pay for in cybersecurity. Some of the most expensive cloud network firewall vendors are among the worst performers against exploits and evasions, according to the most comprehensive, independent testing CyberRatings.org has conducted to date. Cisco, by far the most expensive cloud network firewall offering across the top 10 vendors…

Read more →

Exploits, Generative AI, Security, Vulnerabilities, Global Security News

Microsoft’s AI tool catches critical GRUB2, U-boot bootloader flaws

Microsoft’s Threat Intelligence team has leveraged its AI-driven Security Copilot tool to identify 20 critical vulnerabilities in widely used open-source bootloaders — GRUB2, U-Boot, and Barebox. These bootloaders are crucial for initializing operating systems, particularly in Linux-based environments and embedded systems. The newly discovered flaws affect systems utilizing Unified Extensible Firmware Interface (UEFI) Secure Boot,…

Read more →

Exploits, Global Security News

How SSL Misconfigurations Impact Your Attack Surface

When assessing an organization’s external attack surface, encryption-related issues (especially SSL misconfigurations) receive special attention. Why? Their widespread use, configuration complexity, and visibility to attackers as well as users make them more likely to be exploited.  This highlights how important your SSL configurations are in maintaining your web application security and

Read more →

Exploits, Global Security News

Malicious actors increasingly put privileged identity access to work across attack chains

Abuse of legitimate privileged access is on the rise, accounting for the majority of security breaches last year, with stolen user identities being leveraged by malicious actors across various parts of the attack chain. More effective and more challenging to detect, the breaches, including ransomware extortions, were achieved by stealing various types of identifiers, including…

Read more →

Exploits, Global Security News, Security Bloggers Network

Exploited: Critical Unauthenticated Access Vulnerability in CrushFTP (CVE-2025-2825)

In the ever-evolving landscape of web application vulnerabilities, a new critical flaw has emerged. CVE-2025-2825 is a high-severity vulnerability that allows attackers to bypass authentication on CrushFTP servers. This popular enterprise file transfer solution is often used in corporate environments to manage sensitive data, making this vulnerability particularly concerning. Attackers are actively exploiting this flaw……

Read more →

Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, FDA, Global Security News, Government, Medical Devices, Policy

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity

Witnesses at a House hearing on medical device cybersecurity Tuesday called out the need for more proactive tracking of products used across the country, saying the status quo leaves many health system owners and operators in the dark about vulnerabilities, exploitation and patching updates. Testifying before the House Energy and Commerce Subcommittee on Oversight and…

Read more →

Apple, CVE, Cybersecurity, Exploits, Global Security News, iOS, macOS, Safari, Technology, zero days

Apple issues fixes for vulnerabilities in both old and new OS versions

Apple released security updates Monday to address software defects in the latest version of the company’s Safari browser and other applications across iOS, iPadOS and macOS.  The security issues addressed across the latest versions of Apple’s most popular platforms include 62 vulnerabilities affecting iOS 18.4 and iPadOS 18.4, 131 vulnerabilities affecting macOS Sequoia 15.4 and…

Read more →

Exploits, Global Security News, Security

The urgent reality of machine identity security in 2025

The importance of machine identity security has reached a critical juncture in 2025. With machine identities now far outnumbering human ones, securing these digital credentials has become a top cybersecurity priority for enterprises. However, as the CyberArk 2025 State of Machine Identity Security Report shows, many of the 1,200 security leaders in organizations we surveyed—across the U.S., U.K., Australia,…

Read more →

Exploits, Global Security News

Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below – CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already…

Read more →

Exploits, Generative AI, Risk Management, Security, Global Security News

LLMs are now available in snack size but digest with care

As large language models (LLMs) gain mainstream, they are pushing the edges on AI-driven applications, adding more power and complexity. Running these massive models, however, comes at a price. The high costs and latency associated with them make them impractical for many real-world scenarios. Enter model distillation. A technique AI engineers are using to pack…

Read more →

cyber security, Exploits, Global Security News, Security Bloggers Network

Next.js Vulnerability Exposes Middleware Security Gaps

On March 21, 2025, a critical authorization bypass vulnerability in Next.js, identified as CVE-2025-29927, was disclosed with a CVSS score of 9.1. This framework’s middleware handling flaw enables attackers to bypass authentication and authorization, exposing sensitive routes to unauthorized access. Exploiting this vulnerability does not require authentication, providing attackers with direct access to protected routes.…

Read more →

Exploits, Global Security News

Volume of attacks on network devices shows need to replace end of life devices quickly

Two of the top three vulnerabilities that threat actors tried to leverage in 2024 were in end of life (EOL) network devices that manufacturers have stopped issuing patches for, says a new report. “This underscores the importance of decommissioning and replacing EOL components of an organization’s network as soon as possible,” says the 2024 annual…

Read more →

Exploits, Global Security News

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp

The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208. “The threat actor deploys payloads primarily…

Read more →

Exploits, Global Security News, Security Bloggers Network

UK Cybersecurity Weekly News Roundup – 31 March 2025

UK Cybersecurity Weekly News Roundup – 31 March 2025 Welcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Warned of Inadequate Readiness Against State-Backed Cyberattacks Cybersecurity experts have sounded the alarm over the UK’s growing vulnerability to state-sponsored cyber threats. A…

Read more →

Exploits, Global Security News

RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances. “RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, RESURGE contains distinctive commands that

Read more →

Exploits, Global Security News, OTM Platform, Security Bloggers Network

Babuk Locker 2.0 vs Seceon Platform: MITRE ATT&CK Mapping and Early-Stage Detection & Remediation

Overview of Babuk Locker 2.0 Babuk Locker 2.0 is a ransomware strain that employs double extortion, where attackers encrypt victim files and exfiltrate sensitive data for ransom. It targets organizations by exploiting RDP vulnerabilities, unpatched systems, weak credentials, and phishing attacks. MITRE ATT&CK Mapping of Babuk Locker 2.0 & Seceon’s Early Detection & Remediation MITRE…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

Ubuntu namespace vulnerability should be addressed quickly: Expert

Linux admins who have enabled the unprivileged user namespace restriction in their recent Ubuntu environments should take action to close three new vulnerabilities that allow a threat actor to bypass the supposed protection. This warning comes after researchers at Qualys found three different ways this hardening feature can, under certain circumstances, be bypassed.  “It needs…

Read more →

Exploits, Global Security News

Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA

Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids.  The vulnerabilities have been collectively codenamed SUN:DOWN by Forescout Vedere Labs. “The new…

Read more →

AI, Compliance, Exploits, Global Security News, Network Security, Risk Management

New security requirements adopted by HTTPS certificate industry

Posted by Chrome Root Program, Chrome Security Team The Chrome Root Program launched in 2022 as part of Google’s ongoing commitment to upholding secure and reliable network connections in Chrome. We previously described how the Chrome Root Program keeps users safe, and described how the program is focused on promoting technologies and practices that strengthen…

Read more →

AI, Compliance, Exploits, Global Security News, Network Security, Risk Management

New security requirements adopted by HTTPS certificate industry

Posted by Chrome Root Program, Chrome Security Team The Chrome Root Program launched in 2022 as part of Google’s ongoing commitment to upholding secure and reliable network connections in Chrome. We previously described how the Chrome Root Program keeps users safe, and described how the program is focused on promoting technologies and practices that strengthen…

Read more →

Exploits, Global Security News, Security Bloggers Network

CVE-2025-29927: Next.js Middleware Authorization Bypass Flaw

IntroductionOn March 21, 2025, a critical vulnerability, CVE-2025-29927, was publicly disclosed with a CVSS score of 9.1, signifying high severity. Discovered by security researcher Rachid Allam, the flaw enables attackers to bypass authorization checks in Next.js Middleware, potentially granting unauthorized access to protected resources. This poses a risk to applications that rely on Middleware to…

Read more →

Blog, Exploits, Global Security News, Security Bloggers Network

The Essential Role of Supply Chain Security in ASPM

Threat actors are continuously evolving their tactics to exploit vulnerabilities and gain unauthorized access. That increasingly involves attacks targeting the software supply chain. The post The Essential Role of Supply Chain Security in ASPM appeared first on Cycode. The post The Essential Role of Supply Chain Security in ASPM appeared first on Security Boulevard.

Read more →

Exploits, Global Security News, Security Bloggers Network

Reality Bites: You’re Only as Secure as Your Last API Deployment

In agile and DevOps-driven environments, APIs are frequently updated to meet evolving business demands, from adding new features to addressing performance issues. However, each deployment introduces potential security risks, as new code, configurations, and endpoints can expose vulnerabilities. In an environment of continuous integration and continuous deployment (CI/CD), the security of an organization’s APIs hinges…

Read more →

Exploits, Global Security News

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below – CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF

Read more →

Exploits, Global Security News

NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems

A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focused software that’s used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability to backup, restore, and clone data resources. The vulnerability, tracked as

Read more →

Exploits, Global Security News, Security

Die 10 häufigsten IT-Sicherheitsfehler

srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?quality=50&strip=all 12500w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=300%2C200&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=768%2C512&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=1024%2C683&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=1536%2C1024&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=2048%2C1365&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=1240%2C826&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=150%2C100&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=1046%2C697&quality=50&strip=all 1046w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=252%2C168&quality=50&strip=all 252w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=126%2C84&quality=50&strip=all 126w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=720%2C480&quality=50&strip=all 720w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=540%2C360&quality=50&strip=all 540w, https://b2b-contenthub.com/wp-content/uploads/2025/03/shutterstock_2491155871.jpg?resize=375%2C250&quality=50&strip=all 375w” width=”1024″ height=”683″ sizes=”(max-width: 1024px) 100vw, 1024px”>Von ungepatchten Sicherheitslücken bis hin zu unzureichenden Backups: Lesen Sie, wie sich die häufigsten IT-Sicherheitsfehler vermeiden lassen.   eamesBot – Shutterstock.com Verschlüsselte…

Read more →

Blog, Exploits, Global Security News, Methodology, Security, Security Bloggers Network, services, Strategic

Generative AI: threat or opportunity? It depends on your adaptive speed!

Now that AI reasoning capabilities are blasting and becoming accessible, folks tend to argue that generative AI will bring us a new era of exploitation. More zero days, more vulnerabilities, more sophisticated, and in higher frequency. The emergence of more new exploitation techniques will significantly increase the number of new vulnerabilities. We have seen in…

Read more →

Cloud Security, Cybersecurity, Exploits, Global Security News, Kubernetes, Nginx, open source, open source software, Research, Threats

String of defects in popular Kubernetes component puts 40% of cloud environments at risk

More than 40% of cloud environments are at risk of an account takeover due to a series of five recently discovered vulnerabilities — one regarded critical — in the Ingress Ngnix Controller for Kubernetes, according to security research published this week. Upon discovering the string of vulnerabilities in one of most widely used ingress controllers…

Read more →

Exploits, Global Security News, Security Bloggers Network

Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 & CVE-2025-2747)

Recently, two critical security flaws were discovered in Kentico Xperience 13, a popular digital experience platform (CMS). Tracked as CVE-2025-2746 and CVE-2025-2747, these vulnerabilities allow unauthenticated attackers to bypass the Staging Sync Server’s authentication, potentially gaining administrative control over the CMS. Both issues carry a CVSS score of 9.8 (Critical) (Warning: Multiple Critical & High……

Read more →

Exploits, Global Security News

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and information stealers such as Rhadamanthys and StealC. “In this attack, the threat actor manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

VMware plugs a high-risk vulnerability affecting its Windows-based virtualization

Broadcom is warning customers of a high-severity, authentication bypass flaw, now fixed, affecting VMWare Tools for Windows. Tracked as CVE-2025-22230, the issue stems from improper access control and could allow privilege escalation on the affected system. “An authentication bypass vulnerability in VMware Tools for Windows was privately reported to VMware,” said Broadcom in a security…

Read more →

Exploits, Global Security News

Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia.  The vulnerability, tracked as CVE-2025-2783, has been described as a case of “incorrect handle provided in unspecified circumstances in Mojo on…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

Critical RCE flaws put Kubernetes clusters at risk of takeover

The Kubernetes project has released patches for five vulnerabilities in a widely used popular component called the Ingress NGINX Controller that’s used to route external traffic to Kubernetes services. If exploited, the flaw could allow attackers to completely take over entire clusters. “Based on our analysis, about 43% of cloud environments are vulnerable to these…

Read more →

Exploits, Global Security News, Technology

U.S. Officials Called Signal a Tool for Terrorists and Criminals. Now They’re Using It.

For years, U.S. officials villainized end-to-end encrypted messaging apps like Signal as the domain of criminals and terrorists and a threat to national security. As fallout over a Signal group chat about Yemen war plans ricocheted through Washington, however, CIA Director John Ratcliffe revealed at a Senate Intelligence Committee hearing on Tuesday that the app…

Read more →

Exploits, Global Security News, Security Bloggers Network

CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare

Frequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare. Background The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding IngressNightmare. FAQ What is IngressNightmare? IngressNightmare is the name given to a series of vulnerabilities in the Ingress NGINX Controller…

Read more →

Exploits, Global Security News, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data.

Read more →

Exploits, Global Security News, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data.

Read more →

Exploits, Global Security News, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data.

Read more →

CVE, Cybersecurity, Exploits, Global Security News, Next.js, open source, open source software, Research, vulnerability, vulnerability disclosure

Researchers raise alarm about critical Next.js vulnerability

Researchers warn that attackers could exploit a recently discovered critical vulnerability in the open-source JavaScript framework Next.js to bypass authorization in middleware and gain access to targeted systems. Vercel, the San Francisco-based company that created and maintains Next.js, released a patch for CVE-2025-29927 in Next.js 15.2.3 on March 18 and published a security advisory on…

Read more →

23andMe, Exploits, Global Security News, privacy

As 23andMe declares bankruptcy, privacy advocates sound alarm about DNA data

Genetic testing business 23andMe filed for bankruptcy Sunday, amplifying fears from privacy advocates that the DNA records and personal information of its 15 million customers could soon be up for sale to the highest bidder. 23andMe, which was once valued at $6 billion, has been experiencing financial distress and declining profits since going public in…

Read more →

Exploits, Global Security News

Oracle Cloud breach may impact 140,000 enterprise customers

A threat actor has reportedly breached Oracle Cloud infrastructure, exfiltrating six million sensitive authentication records and potentially endangering more than 140,000 enterprise customers. The attacker is now demanding ransom payments while actively marketing the stolen data on underground forums, according to threat intelligence firm CloudSEK. Security researchers at CloudSEK’s XVigil team discovered the breach on…

Read more →

Exploits, Global Security News

Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks

A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions. The vulnerability, tracked as CVE-2025-29927, carries a CVSS score of 9.1 out of 10.0. “Next.js uses an internal header x-middleware-subrequest to prevent recursive requests from triggering infinite loops,” Next.js said in…

Read more →

Cybersecurity, Exploits, Global Security News, Government, Uncategorized

Despite challenges, the CVE program is a public-private partnership that has shown resilience

In 1999, Dave Mann and Steve Christey, two researchers from the nonprofit R&D corporation MITRE,  debuted a concept for security vulnerabilities that laid the groundwork for the common vulnerability and exposures framework (CVE) that organizes information around computer vulnerabilities. Twenty-five years later, the CVE program, which assigns a unique record to each reported vulnerability, is…

Read more →

Application Security, Exploits, Global Security News

Kubernetes Security: Wie Sie Ihre Cluster (besser) absichern

Anatoliy Eremin | shutterstock.com Kubernetes hat sich unter Enterprise-Softwareentwicklern zu einem durchschlagenden Erfolg entwickelt. Das veranlasst kriminelle Hacker zunehmend dazu, entsprechende Installationen mit speziell entwickelten Exploits anzugreifen. Dabei werden die Bedrohungsakteure immer besser darin, ihre Schadsoftware zu verstecken, (triviale) Sicherheitskontrollen zu umgehen und sich lateral durch Netzwerke zu bewegen, um weiteren Schaden anzurichten. Wie die…

Read more →

Exploits, Global Security News

GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets

The supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope. “The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for…

Read more →

Exploits, Global Security News, Network Security, Vulnerabilities

Attackers probing backdoor flaw in popular Cisco Smart Licensing Utility, warns SANS

Organizations running Cisco’s Smart Licensing Utility (CSLU) should update their software as soon as possible to fix two serious vulnerabilities, the SANS Technology Institute has urged. The CSLU is a tool used primarily in smaller, on-premises and air-gapped networks as a way to manage Cisco licenses without having to resort to the more complex cloud-based…

Read more →

Exploits, Global Security News, Security, Vulnerabilities

CISA marks NAKIVO’s critical backup vulnerability as actively exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a patched, high-severity vulnerability affecting NAKIVO’s backup and replication software to its known exploited vulnerability (KEV) catalog. The flaw, tracked as CVE-2024-48248, is a path traversal issue that received a high severity rating with CVSS 8.6 out of 10 and was marked “critical” by NAKIVO in…

Read more →

Exploits, Global Security News

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below –  CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in…

Read more →

Exploits, Global Security News, Security Bloggers Network

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Artificial intelligence (AI) has rapidly shifted from buzz to business necessity over the past year—something Zscaler has seen firsthand while pioneering AI-powered solutions and tracking enterprise AI/ML activity in the world’s largest security cloud.As enterprises embrace AI to boost productivity, accelerate decision-making, and automate workflows, to name a few benefits, cybercriminals are using the same…

Read more →