exploit

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) 2025-04-17 at 16:52 By Zeljka Zorz CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed […]

React to this headline:

Loading spinner

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) Read More »

Critical flaws fixed in Nagios Log Server

Critical flaws fixed in Nagios Log Server 2025-04-15 at 13:47 By Zeljka Zorz The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability

React to this headline:

Loading spinner

Critical flaws fixed in Nagios Log Server Read More »

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks 2025-03-31 at 13:37 By Ionut Arghire CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks Read More »

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) 2025-03-26 at 13:08 By Zeljka Zorz Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who discovered it being exploited by

React to this headline:

Loading spinner

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) Read More »

Russian Firm Offers $4 Million for Telegram Exploits

Russian Firm Offers $4 Million for Telegram Exploits 2025-03-24 at 17:19 By Ionut Arghire A Russian exploit acquisition firm says it is willing to pay up to $4 million for full-chain exploits targeting the popular messaging service Telegram. The firm, Operation Zero, is known for selling zero-day exploits exclusively to Russian government and private organizations.

React to this headline:

Loading spinner

Russian Firm Offers $4 Million for Telegram Exploits Read More »

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) 2025-03-19 at 16:00 By Zeljka Zorz State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for the last eight years, researchers with Trend Micro’s Zero Day Initiative

React to this headline:

Loading spinner

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) Read More »

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) 2025-02-13 at 13:17 By Zeljka Zorz Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation

React to this headline:

Loading spinner

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) Read More »

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) 2025-02-05 at 18:49 By Zeljka Zorz XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. According to Intezer and Solis Security

React to this headline:

Loading spinner

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) Read More »

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) 2024-12-04 at 13:38 By Zeljka Zorz Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-2024-8785 stems from the incorrect use of a

React to this headline:

Loading spinner

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) Read More »

CISA Releases New List of Known Exploited Vulnerabilities, Urges Immediate Actions 

CISA Releases New List of Known Exploited Vulnerabilities, Urges Immediate Actions  2024-12-02 at 14:15 By Cyble Overview  The Cybersecurity and Infrastructure Security Agency (CISA) has once again emphasized the critical importance of addressing IT vulnerabilities. This week, Cyble has reported multiple vulnerabilities across IT devices based on the findings published in the Known Exploited Vulnerabilities

React to this headline:

Loading spinner

CISA Releases New List of Known Exploited Vulnerabilities, Urges Immediate Actions  Read More »

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor 2024-11-26 at 12:18 By Zeljka Zorz Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chaining together two zero-day vulnerabilities armed

React to this headline:

Loading spinner

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor Read More »

Middle East Cybersecurity in 2024: From Zero-Day Exploits to Supply Chain Attacks 

Middle East Cybersecurity in 2024: From Zero-Day Exploits to Supply Chain Attacks  2024-11-19 at 15:49 By Cyble Overview  In 2024, the Middle East faces an escalating wave of cyberattacks amid its rapid digital transformation, with zero-day exploits and advanced attack techniques targeting critical infrastructure, government entities, and supply chains. Cybercriminals are increasingly exploiting vulnerabilities like

React to this headline:

Loading spinner

Middle East Cybersecurity in 2024: From Zero-Day Exploits to Supply Chain Attacks  Read More »

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million 2024-11-01 at 13:34 By Paul Shread Overview Cyble Research and Intelligence Labs (CRIL) researchers investigated 17 vulnerabilities and nine dark web exploits during the period of Oct. 23-29, and highlighted seven vulnerabilities that merit high-priority attention from security teams. This week’s IT vulnerability report affects

React to this headline:

Loading spinner

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million Read More »

Cyble Sensors Detect New Attacks on LightSpeed, GutenKit WordPress Plugins

Cyble Sensors Detect New Attacks on LightSpeed, GutenKit WordPress Plugins 2024-10-31 at 19:17 By Paul Shread Overview Cyble’s weekly sensor intelligence report for clients detailed new attacks on popular WordPress plugins, and IoT exploits continue to occur at very high rates. Two 9.8-severity vulnerabilities in LightSpeed Cache and GutenKit are under attack, as WordPress and

React to this headline:

Loading spinner

Cyble Sensors Detect New Attacks on LightSpeed, GutenKit WordPress Plugins Read More »

Inside console security: How innovations shape future hardware protection

Inside console security: How innovations shape future hardware protection 2024-10-29 at 08:00 By Mirko Zorz In this Help Net Security interview, security researchers Specter and ChendoChap discuss gaming consoles’ unique security model, highlighting how it differs from other consumer devices. They also share their thoughts on how advancements in console security could shape future consumer

React to this headline:

Loading spinner

Inside console security: How innovations shape future hardware protection Read More »

CISA Warns of Critical Vulnerabilities: CVE-2024-20481 and CVE-2024-37383 Require Immediate Attention

CISA Warns of Critical Vulnerabilities: CVE-2024-20481 and CVE-2024-37383 Require Immediate Attention 2024-10-25 at 16:34 By rohansinhacyblecom Overview The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent advisories regarding two vulnerabilities that pose substantial risks to organizations: CVE-2024-20481, a denial-of-service (DoS) vulnerability affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD), and CVE-2024-37383,

React to this headline:

Loading spinner

CISA Warns of Critical Vulnerabilities: CVE-2024-20481 and CVE-2024-37383 Require Immediate Attention Read More »

Exploited: Cisco, SharePoint, Chrome vulnerabilities

Exploited: Cisco, SharePoint, Chrome vulnerabilities 2024-10-25 at 13:33 By Zeljka Zorz Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few days, Cisco has released fixes for a slew of vulnerabilities affecting the software powering its

React to this headline:

Loading spinner

Exploited: Cisco, SharePoint, Chrome vulnerabilities Read More »

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) 2024-10-22 at 12:34 By Zeljka Zorz Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Roundcube Webmail versions 1.5.7 and

React to this headline:

Loading spinner

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) Read More »

Defenders must adapt to shrinking exploitation timelines

Defenders must adapt to shrinking exploitation timelines 2024-10-16 at 15:16 By Zeljka Zorz A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022. One reason for this is the fact that,

React to this headline:

Loading spinner

Defenders must adapt to shrinking exploitation timelines Read More »

Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors

Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors 2024-10-15 at 15:16 By rohansinhacyblecom Overview On September 10, 2024, a critical vulnerability, CVE-2024-45409, was identified by ahacker1 of SecureSAML. The vulnerability was then patched in the Ruby-SAML library, which is widely used for implementing SAML (Security Assertion Markup Language) authorization. This flaw affects Ruby-SAML

React to this headline:

Loading spinner

Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors Read More »

Scroll to Top