News Archives • Page 321 of 633 • Daily CyberSecurity

Xerox Versalink Printers Vulnerable to Pass-Back Attacks, Credentials at Risk CVE-2024-12510 and CVE-2024-12511

Xerox Versalink Printers Vulnerable to Pass-Back Attacks, Credentials at Risk

Ddos February 18, 2025

Rapid7 researchers have discovered vulnerabilities in Xerox Versalink C7025 multifunction printers that could allow attackers to steal...

New XELERA Ransomware Campaign Spreading Through Malicious Documents

Ddos February 18, 2025

A newly discovered ransomware campaign, dubbed XELERA, is targeting job seekers in India with fraudulent Food Corporation...

Exploit Code Published for Critical GatesAir Transmitter Vulnerabilities, No Patches Available Yet GatesAir Maxiva UAXT

Exploit Code Published for Critical GatesAir Transmitter Vulnerabilities, No Patches Available Yet

Ddos February 18, 2025

Security researcher Mohamed Shahat has disclosed three critical vulnerabilities affecting GatesAir Maxiva UAXT and VAXT transmitters. These...

Lumma Stealer Malware Campaign Targets Educational Institutions with Deceptive PDF Lures Lumma Stealer stealer

Lumma Stealer Malware Campaign Targets Educational Institutions with Deceptive PDF Lures

Ddos February 18, 2025

A new report from CloudSEK reveals an ongoing malware campaign distributing the Lumma Stealer information stealer, primarily...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

CVE-2025-0999 & CVE-2025-1426: Chrome’s Latest Update Patches Major Security Risks

Ddos February 18, 2025

The Google Chrome stable channel has just received a crucial update, bringing it to version 133.0.6943.126/.127 for...

90,000 Sites at Risk: Jupiter X Core RCE Vulnerability (CVE-2025-0366) CVE-2023-0291 CVE-2025-0366

90,000 Sites at Risk: Jupiter X Core RCE Vulnerability (CVE-2025-0366)

Ddos February 18, 2025

A vulnerability has been discovered and patched in the popular Jupiter X Core WordPress plugin, which boasts...

TRIPLESTRENGTH Threat Actor Group : Ransomware, Mining, and Server Hacks TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TRIPLESTRENGTH Threat Actor Group : Ransomware, Mining, and Server Hacks

Ddos February 18, 2025

Google’s Threat Analysis Group has unveiled information about a previously unknown threat actor group known as TRIPLESTRENGTH,...

OpenSSH Flaws CVE-2025-26465 & CVE-2025-26466 Expose Clients and Servers to Attacks CVE-2024-6409 - CVE-2025-26466 - CVE-2025-26465

OpenSSH Flaws CVE-2025-26465 & CVE-2025-26466 Expose Clients and Servers to Attacks

Ddos February 18, 2025

The Qualys Threat Research Unit (TRU) has disclosed two newly identified vulnerabilities in OpenSSH, affecting both clients...

PirateFi Removed: Malware Found in Steam Game Steam Store Redesign, Valve Update macOS Steam Game malware Chromebooks Steam

PirateFi Removed: Malware Found in Steam Game

Ddos February 18, 2025

Valve has removed the video game PirateFi from its Steam platform after the discovery of embedded malicious...

ZServers/XHost Bulletproof Hosting Down: 127 Servers Seized Davis Lu, Kill Switch

ZServers/XHost Bulletproof Hosting Down: 127 Servers Seized

Ddos February 18, 2025

Amsterdam police have dismantled the hosting provider ZServers/XHost, a platform that had been exploited as a hub...

Chinese Hackers Emperor Dragonfly Use Espionage Tools for Ransomware AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Chinese Hackers Emperor Dragonfly Use Espionage Tools for Ransomware

Ddos February 18, 2025

Cybersecurity experts at Symantec report that the Chinese threat actor Emperor Dragonfly has employed tools previously associated...

LibreOffice Vulnerabilities (CVE-2024-12425 & CVE-2024-12426): PoCs Released, Patch ASAP

Ddos February 17, 2025

Cybersecurity researchers at Codean Labs have discovered two vulnerabilities in LibreOffice, allowing arbitrary file writes and remote...

CVE-2023-20198 & CVE-2023-20273: RedMike Attacks 1,000+ Cisco Devices in Global Espionage Campaign

Ddos February 17, 2025

Cybersecurity researchers at Insikt Group have identified an ongoing cyber espionage campaign by RedMike (also tracked as...

Stealth Attack: EarthKapre Leverages Cloud and DLL Sideloading for Data Exfiltration RedCurl APT EarthKapre

Stealth Attack: EarthKapre Leverages Cloud and DLL Sideloading for Data Exfiltration

Ddos February 17, 2025

Researchers at eSentire Threat Response Unit (TRU) uncovered a sophisticated cyber espionage campaign by RedCurl/EarthKapre, a threat...

CVE-2025-21589 (CVSS 9.8): Critical Authentication Bypass Flaw in Juniper Session Smart Routers Juniper vLWC Vulnerability Default Password Exploit HPE, Juniper Networks CVE-2024-21611 & CVE-2024-21591 - CVE-2025-21589

Juniper vLWC Vulnerability Default Password Exploit HPE, Juniper Networks CVE-2024-21611 & CVE-2024-21591 - CVE-2025-21589

CVE-2025-21589 (CVSS 9.8): Critical Authentication Bypass Flaw in Juniper Session Smart Routers

Ddos February 17, 2025

Juniper Networks has released an out-of-cycle security bulletin addressing a critical authentication bypass vulnerability in its Session...

Earth Preta APT Group Evades Detection with Legitimate and Malicious Components

Ddos February 17, 2025

Researchers from Trend Micro’s Threat Hunting team have discovered a new campaign by the advanced persistent threat...

SonicWall Firewalls Under Attack: CVE-2024-53704 Exploited in the Wild, PoC Released CVE-2024-53704 vulnerability

SonicWall Firewalls Under Attack: CVE-2024-53704 Exploited in the Wild, PoC Released

Ddos February 17, 2025

A recently disclosed vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now under active attack. This high-severity...

AMD Patches Multi Vulnerabilities in Embedded Processors AMD AM5 platform support AMD Embedded Processors Vulnerabilities

AMD Patches Multi Vulnerabilities in Embedded Processors

Ddos February 17, 2025

AMD has released security updates addressing multiple vulnerabilities in its EPYC and Ryzen Embedded processors, some of...

CVE-2024-12562: Critical s2Member Pro Flaw Leaves Millions of WordPress Sites Vulnerable

Ddos February 17, 2025

A critical security vulnerability has been discovered in the popular s2Member Pro plugin for WordPress, potentially affecting...

Storm-2372: Russian-Linked Hackers Exploit Device Code Phishing in Global Campaign

Ddos February 17, 2025

Microsoft Threat Intelligence has uncovered an active and ongoing phishing campaign conducted by the threat actor Storm-2372,...