News Archives • Page 328 of 633 • Daily CyberSecurity

HPE Aruba Networking Issues Security Updates for ClearPass Policy Manager CVE-2024-26305 _ CVE-2025-23058 Aruba 5G Core Open Redirect

HPE Aruba Networking Issues Security Updates for ClearPass Policy Manager

Ddos February 6, 2025

HPE Aruba Networking has released security updates to address multiple vulnerabilities in its ClearPass Policy Manager (CPPM)...

Cyberespionage Targets Aviation: ICAO and ACAO Breached

Ddos February 6, 2025

The aviation industry is facing a growing cyber threat, with recent attacks targeting the International Civil Aviation...

Vitest Vulnerability Exposes Developers to Remote Code Execution – CVE-2025-24964 (CVSS 9.7)

Ddos February 6, 2025

A critical security vulnerability (CVE-2025-24964) has been discovered in Vitest, a popular unit testing framework, which could...

Threat Actors Continue to Exploit Legitimate RMM Tool ScreenConnect KongTuke Microsoft Teams Phishing ModeloRAT Initial Access Broker CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect

KongTuke Microsoft Teams Phishing ModeloRAT Initial Access Broker CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect

Threat Actors Continue to Exploit Legitimate RMM Tool ScreenConnect

Ddos February 6, 2025

A recent report from Silent Push reveals that threat actors are still leveraging ScreenConnect, a legitimate remote...

ValleyRAT Returns: Silver Fox APT Deploys New Delivery Techniques for Multi-Stage Attacks DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

ValleyRAT Returns: Silver Fox APT Deploys New Delivery Techniques for Multi-Stage Attacks

Ddos February 6, 2025

Morphisec Threat Labs has uncovered a sophisticated multi-stage malware campaign attributed to the Silver Fox APT, leveraging...

GreenSpot APT Phishes 163.com Users with Spoofed Domains Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

GreenSpot APT Phishes 163.com Users with Spoofed Domains

Ddos February 6, 2025

A recent report from Threat Hunting Platform – Hunt.io has exposed an ongoing phishing campaign orchestrated by...

Windows 10 ESU Program: A Lifeline for Holdouts, But at What Cost? Windows 10 MSMQ Bug, KB5071546 Write Permissions Windows 10 Lawsuit Windows 10 ESU, Free Security Updates Windows 10 ESU program

Windows 10 MSMQ Bug, KB5071546 Write Permissions Windows 10 Lawsuit Windows 10 ESU, Free Security Updates Windows 10 ESU program

Windows 10 ESU Program: A Lifeline for Holdouts, But at What Cost?

Ddos February 6, 2025

If you’re a die-hard Windows 10 user dreading the impending end-of-support deadline, fear not! Microsoft has unveiled...

Gemini 2.0 Unleashed: Pro, Flash-Lite, & More Google Gemini, audio files Gemini AI, Google AI Google Gemini 2.0 Flash Thinking iOS

Gemini 2.0 Unleashed: Pro, Flash-Lite, & More

Ddos February 6, 2025

Google DeepMind’s Chief Technology Officer, Koray Kavukcuoglu, has officially announced the full-scale launch of the Gemini 2.0...

Arch Linux on WSL 2: Microsoft Confirms Official Support Arch Linux WSL2

Arch Linux on WSL 2: Microsoft Confirms Official Support

Ddos February 5, 2025

The popular open-source operating system Arch Linux has recently entered into a collaboration with Microsoft, following discussions...

CVE-2025-20124 (CVSS 9.9) & CVE-2025-20125 (CVSS 9.1): Cisco Patches Critical Flaws in Identity Services Engine CVE-2025-20124 CVE-2025-20125

CVE-2025-20124 (CVSS 9.9) & CVE-2025-20125 (CVSS 9.1): Cisco Patches Critical Flaws in Identity Services Engine

Ddos February 5, 2025

Cisco has issued a security advisory addressing two critical vulnerabilities in its Identity Services Engine (ISE), a...

F5 Warns of TLS Session Resumption Vulnerability in NGINX (CVE-2025-23419) NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

F5 Warns of TLS Session Resumption Vulnerability in NGINX (CVE-2025-23419)

Ddos February 5, 2025

F5 has issued a security advisory warning of a vulnerability in NGINX, a popular web server software....

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181 Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

XE Group Exploits Zero-Day Vulnerabilities in VeraCore – CVE-2024-57968 & CVE-2025-25181

Ddos February 5, 2025

Cybersecurity researchers from Intezer and Solis Security have uncovered a dramatic shift in tactics by XE Group,...

Malicious Go Package Exploits Caching for Stealthy Persistence

Ddos February 5, 2025

Socket researchers have discovered a malicious typosquatting package in the Go ecosystem that exploits the Go Module...

Zyxel Routers Under Attack: Default Credentials (CVE-2025-0890) and Code Injection (CVE-2024-40891), No Patch!

Ddos February 5, 2025

Security researchers at VulnCheck have identified critical vulnerabilities in Zyxel Customer Premises Equipment (CPE), leaving countless users...

Kubernetes Policy Enforcement at Risk: OPA Gatekeeper Bypass Exposes Security Flaws Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Kubernetes Policy Enforcement at Risk: OPA Gatekeeper Bypass Exposes Security Flaws

Ddos February 5, 2025

A recent report from Aqua Security has uncovered significant security risks in Kubernetes policy enforcement, particularly in...

Google Security Team Uncovers AMD Microcode Vulnerability (CVE-2024-56161) AMD Microcode Vulnerability - CVE-2024-56161

Google Security Team Uncovers AMD Microcode Vulnerability (CVE-2024-56161)

Ddos February 5, 2025

A recent disclosure from the Google Security Team has revealed a high-severity vulnerability in AMD Zen-based CPUs...

$50 for Your Data: NOVA Stealer Sold as Malware-as-a-Service Oracle EBS Zero-Day, GRACEFUL SPIDER Cracked Software, Supply Chain Attack Black Basta - NOVA stealer

$50 for Your Data: NOVA Stealer Sold as Malware-as-a-Service

Ddos February 5, 2025

The BI.ZONE Threat Intelligence team has reported a significant ongoing campaign distributing the NOVA stealer, a new...

Security Flaws Discovered in Apache Cassandra: Unauthorized Access, Privilege Escalation, and JMX Credential Theft

Ddos February 5, 2025

The popular open-source NoSQL database, Apache Cassandra, is facing a barrage of critical vulnerabilities, potentially exposing sensitive...

SmartApeSG Campaign Uncovered: A Deep Dive into NetSupport RAT Distribution and Suspected Threat Actor Connections CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

SmartApeSG Campaign Uncovered: A Deep Dive into NetSupport RAT Distribution and Suspected Threat Actor Connections

Ddos February 5, 2025

A recent investigation by Team Cymru has revealed an intricate web of malicious infrastructure linking the SmartApeSG...

North Korean-Linked Malware ‘FlexibleFerret’ Expands macOS Attack Surface North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean-Linked Malware ‘FlexibleFerret’ Expands macOS Attack Surface

Ddos February 5, 2025

Cybersecurity researchers at SentinelOne have uncovered new macOS malware variants attributed to North Korean threat actors, expanding...

Critical Alert 1 Active Exploit Detected Today