News Archives • Page 325 of 633 • Daily CyberSecurity

CVE-2024-12366: Prompt Injection in PandasAI Enables Full System Compromise

Ddos February 11, 2025

A newly disclosed security vulnerability in PandasAI, an open-source AI-powered data analysis library by SinaptikAI, exposes users...

Sandworm APT Exploits Trojanized KMS Tools to Target Ukrainian Users in Cyber Espionage Campaign Sandworm APT - APT44

Sandworm APT Exploits Trojanized KMS Tools to Target Ukrainian Users in Cyber Espionage Campaign

Ddos February 11, 2025

The notorious Sandworm APT (APT44), a Russian-state-sponsored threat actor affiliated with the GRU (Russia’s Main Intelligence Directorate),...

CVE-2025-24032, CVE-2025-24531, and More: Critical Flaws in PAM-PKCS#11 Expose Linux Authentication to Attackers

Ddos February 11, 2025

The PAM-PKCS#11 login module, a widely used tool for X.509 certificate-based user login on Linux systems, has...

Devolutions Warns of Severe RDM Vulnerabilities Allowing Encrypted Communication Interception axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Devolutions Warns of Severe RDM Vulnerabilities Allowing Encrypted Communication Interception

Ddos February 11, 2025

Devolutions, a leading provider of remote connection management solutions, has issued a security advisory addressing critical vulnerabilities...

CVE-2025-1143: Billion Electric Routers Vulnerable to Remote Takeover Due to Hard-coded Credentials

Ddos February 11, 2025

The Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) has issued a security advisory warning of...

Microsoft Releases Final Cumulative Update for Exchange Server 2019 – Here’s What’s New in CU15 Exchange Server EOL, ESU Program Cumulative Update for Exchange Server 2019

Exchange Server EOL, ESU Program Cumulative Update for Exchange Server 2019

Microsoft Releases Final Cumulative Update for Exchange Server 2019 – Here’s What’s New in CU15

Ddos February 11, 2025

Microsoft announced the release of the 2025 H1 Cumulative Update (CU15) for Exchange Server 2019, marking the...

US Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for Supporting LockBit Ransomware Attacks CVE-2024-3393 - Zservers sanctions

US Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for Supporting LockBit Ransomware Attacks

Ddos February 11, 2025

The U.S. Department of the Treasury, in a coordinated effort with Australia and the United Kingdom, has...

Microsoft Patches Actively Exploited Zero-Day Flaws – CVE-2025-21418 & CVE-2025-21391 Windows Wormable Exploit April 2026 Patch Tuesday Microsoft Patch Tuesday Zero-Day Vulnerabilities Microsoft, Patch Tuesday CVE-2025-55234 CVE-2024-43573 and CVE-2024-43572 Microsoft Patch Tuesday Security Vulnerabilities

Windows Wormable Exploit April 2026 Patch Tuesday Microsoft Patch Tuesday Zero-Day Vulnerabilities Microsoft, Patch Tuesday CVE-2025-55234 CVE-2024-43573 and CVE-2024-43572 Microsoft Patch Tuesday Security Vulnerabilities

Microsoft Patches Actively Exploited Zero-Day Flaws – CVE-2025-21418 & CVE-2025-21391

Ddos February 11, 2025

Microsoft has rolled out its February 2025 Patch Tuesday security updates, addressing 67 vulnerabilities across multiple products....

CVE-2024-12797 – High-Severity OpenSSL Flaw: Update Now to Prevent MITM Attacks OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

CVE-2024-12797 – High-Severity OpenSSL Flaw: Update Now to Prevent MITM Attacks

Ddos February 11, 2025

A high-severity vulnerability has been discovered in OpenSSL, a widely-used cryptography library that secures countless websites and...

CVE-2024-47908 (CVSS 9.1): Critical Ivanti CSA Flaw Enables Attackers to Run Arbitrary Code CVE-2023-39335 - CVE-2024-47908 - CVE-2024-11771

CVE-2024-47908 (CVSS 9.1): Critical Ivanti CSA Flaw Enables Attackers to Run Arbitrary Code

Ddos February 11, 2025

Ivanti has issued a security advisory regarding critical vulnerabilities in its Cloud Services Application (CSA). The vulnerabilities,...

SAP Security Patch Day February 2025: Multi Vulnerabilities Addressed CVE-2024-33006 - CVE-2025-0064 SAP Critical Patch, RMI-P4 RCE

SAP Security Patch Day February 2025: Multi Vulnerabilities Addressed

Ddos February 11, 2025

SAP has released its latest round of security patches, addressing 19 new vulnerabilities and updating 2 previous...

Robust Open Online Safety Tools (ROOST): Tech Giants Unite to Build AI-Era Security Infrastructure "ROOST" Robust Open Online Safety Tools

Robust Open Online Safety Tools (ROOST): Tech Giants Unite to Build AI-Era Security Infrastructure

Ddos February 11, 2025

Roblox, Discord, OpenAI, and Google have announced the formation of a non-profit organization called “ROOST” (Robust Open...

$16 Million Ransomware Operation Shut Down: 8Base Masterminds Apprehended 8Base ransomware down

$16 Million Ransomware Operation Shut Down: 8Base Masterminds Apprehended

Ddos February 10, 2025

The UK’s National Crime Agency (NCA), in conjunction with Europol, the US Federal Bureau of Investigation, the...

Google Chrome Tests AI-Driven Auto Password Change for Breached Accounts Chrome Automated password change

Google Chrome Tests AI-Driven Auto Password Change for Breached Accounts

Ddos February 10, 2025

Major web browsers have already integrated password breach alerts, automatically notifying users if their credentials have been...

Google’s reCAPTCHA Fails to Stop Bots—But It’s Great at Harvesting Your Data reCAPTCHA Data

Google’s reCAPTCHA Fails to Stop Bots—But It’s Great at Harvesting Your Data

Ddos February 10, 2025

Google’s reCAPTCHA verification system has drawn widespread criticism from users, who find tasks such as selecting traffic...

GitHub Enterprise SAML Bypass Flaw (CVE-2025-23369) Exposed – Technical Analysis and Exploit PoC CVE-2024-9487 - CVE-2025-23369 PoC

GitHub Enterprise SAML Bypass Flaw (CVE-2025-23369) Exposed – Technical Analysis and Exploit PoC

Ddos February 10, 2025

Security researcher Hakivvi has published an in-depth analysis of CVE-2025-23369 (CVSSv4 7.6), a vulnerability that allows attackers...

Multiple Security and Privacy Flaws Found in DeepSeek iOS App DeepSeek V3 App Store

Multiple Security and Privacy Flaws Found in DeepSeek iOS App

Ddos February 10, 2025

A recent security and privacy assessment by NowSecure has uncovered multiple severe vulnerabilities in the DeepSeek iOS...

Alabama Man Pleads Guilty in Bitcoin Price Manipulation Scheme Involving Hacked SEC X Account

Ddos February 10, 2025

Eric Council Jr., a 25-year-old from Athens, Alabama, has pleaded guilty to charges related to the January...

Malicious Models on Hugging Face: A New Threat to AI Development nullifAI

Malicious Models on Hugging Face: A New Threat to AI Development

Ddos February 10, 2025

New research from ReversingLabs has uncovered a novel technique for distributing malware on the Hugging Face platform,...

The Rise of Phishing-as-a-Service: How Cybercriminals are Outsourcing Attacks DocuSign-Themed Phishing Email

The Rise of Phishing-as-a-Service: How Cybercriminals are Outsourcing Attacks

Ddos February 10, 2025

Phishing attacks are no longer the domain of elite hackers. With the rise of Phishing-as-a-Service (PhaaS), cybercriminals...