The Vim text editor vulnerability CVE-2025-27423 is a high-severity issue that allows for arbitrary code execution via malicious TAR archives. Affecting Vim versions prior to 9.1.1164, this flaw in the bundled tar.vim plugin exposes users to potential command injection attacks…
Category: Cyber Security News
Telegram EvilVideo Vulnerability Exploited to Execute Malicious Code on Victim Device
A critical evolution of the CVE-2024-7014 vulnerability, originally patched in July 2024, has resurfaced with updated tactics to bypass security measures. Dubbed Evilloader, this new exploit leverages Telegram’s multimedia handling mechanisms to execute malicious JavaScript code by disguising .htm files…
NVIDIA Warns of Multiple Vulnerabilities that Let Attackers Execute Malicious Code
NVIDIA has issued urgent security advisories addressing multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing (HMC) platforms, including a high-severity flaw (CVE-2024-0114, CVSS 8.1) that permits unauthorized code execution, privilege escalation, and systemic data compromise. A secondary medium-severity vulnerability…
Zoho ADSelfService Plus Vulnerability Let Attackers Gain Unauthorized Access
Zoho has patched a high-severity vulnerability (CVE-2025-1723) in its ADSelfService Plus software, a widely used self-service password management and single sign-on solution. The flaw, discovered in builds 6510 and earlier, could enable attackers to bypass authentication safeguards and access sensitive…
HPE Remote Support Tool Vulnerability Let Attackers Execute Arbitrary code – PoC Released
A newly disclosed vulnerability in Hewlett Packard Enterprise’s (HPE) Insight Remote Support tool enables unauthenticated attackers to execute arbitrary code on vulnerable systems, with proof-of-concept (PoC) exploit code now publicly available. Tracked as CVE-2024-53676, this critical remote code execution (RCE)…
GrassCall Malware Attacking Job Seekers To Steal Login Credentials
A sophisticated malware campaign named “GrassCall” was detected that specifically targets job seekers through deceptive tactics. The campaign, attributed to the threat group known as Crazy Evil, has been actively exploiting job hunters’ vulnerability by luring them with fake employment…
Researchers Detailed APT28’s HTA Trojan Multi-Layer Obfuscation Techniques
A security researcher known as “Seeker” has published an in-depth analysis of advanced obfuscation techniques employed by APT28, a threat actor known for sophisticated cyber espionage operations. The report provides a comprehensive examination of a heavily obfuscated HTA Trojan used…
Chrome 134 Released, Fixes 14 Vulnerabilities That Could Crash the Browser
Google has rolled out Chrome 134 to the stable channel, delivering critical security updates that resolve 14 vulnerabilities, including high-severity flaws that could enable browser crashes, data leaks, or arbitrary code execution. The update (versions 134.0.6998.35 for Linux, 134.0.6998.35/36 for…
AV Detection & Anti-Malware Scans Bypassed Using Red Team Tool SpecterInsight
A new report published recently, details how red team operators can use SpecterInsight 4.2.0 to successfully bypass Windows Defender and other antivirus solutions. The technique allows threat actors to evade detection while loading malicious .NET payloads into memory, presenting significant…
Windows KDC Proxy RCE Vulnerability Let Attackers Control The Server Remotely – Technical Analysis
Security researchers have uncovered a significant remote code execution vulnerability in Microsoft’s Windows Key Distribution Center (KDC) Proxy that could potentially allow attackers to gain complete control over affected servers. The vulnerability, tracked as CVE-2024-43639, stems from an integer overflow…
49,000+ Access Management Systems Worldwide Configured With Massive Security Gaps
Dutch IT security consultancy Modat has uncovered alarming security vulnerabilities in approximately 49,000 access management systems (AMS) deployed worldwide. These systems, designed to control building access through authentication methods like passwords, biometrics, and multi-factor authentication, have been found to contain…
Hackers Deliver XWorm via Malicious Registry Files in a New Stegocampaign Attack
Stegoсampaign, a complex attack that leverages phishing, a multi-functional RAT, а loader, and malicious scripts, got a new twist. ANY.RUN’s malware analysts discovered a Stegocampaign variant that uses a Windows registry file to add a malicious script to Autorun. While…
Hackers Hijacking Access to Cloud-based AI Models With Exposed Keys in 19 Minutes
New research reveals that threat actors are exploiting exposed cloud credentials to hijack enterprise AI systems within minutes of credential leakage. Recent incidents have demonstrated that attackers can compromise large language model (LLM) infrastructure in under 19 minutes. Dubbed LLMjacking,…
Google, Meta and Apple Fuel the World’s Largest Surveillance Machine
The exponential growth of government data requests to technology giants has transformed Silicon Valley into the backbone of modern surveillance infrastructure. Between 2014 and 2024, Apple, Google, and Meta collectively disclosed data from 3.16 million user accounts to U.S. authorities,…
U.S. Seizes $31 Million Funds Drained from Crypto Exchange
U.S. law enforcement announced the recovery of $31 million in cryptocurrency tied to the 2021 Uranium Finance exploit, marking one of the largest DeFi-related asset seizures. The operation, spearheaded by the Southern District of New York (SDNY) and Homeland Security…
Tata Technologies Allegedly Breached – Huntress Claim Leak of Sensitive data
Indian multinational tech giant Tata Technologies, a subsidiary of Tata Motors, is in the spotlight following allegations by ransomware group Hunters International of a major data breach. According to Huntress Group, the claim resulted in the theft of 1.4 TB…
VMware ESXi Vulnerabilities Exploited in Wild to Execute Malicious Code
VMware has issued a critical security advisory (VMSA-2025-0004) warning of active exploitation of three vulnerabilities in its ESXi, Workstation, and Fusion products. These flaws, CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, allow attackers to execute malicious code, escalate privileges, and leak sensitive memory…
New Android RAT Dubbed “AndroRAT” Attacking to Steal Pattern, PIN & Passcodes
A newly identified variant of the Android Remote Access Tool (RAT), AndroRAT, has emerged as a critical cybersecurity threat, leveraging sophisticated techniques to steal device unlock patterns, PINs, and passcodes. The malware, first documented in 2012 as an open-source university…
Docusnap for Windows Vulnerability Let Attackers Access Sensitive Data
A critical information disclosure vulnerability in Docusnap, a widely used IT inventory management solution, allows attackers to decrypt sensitive system data collected from Windows hosts. Designated as CVE-2025-26849, the flaw stems from the use of a static encryption key to…
Hackers Attacking 4000+ ISPs With New Malware for Remote Access
Researchers from Splunk have identified a sophisticated malware campaign targeting over 4,000 Internet Service Providers (ISPs) primarily located on the West Coast of the United States and in China. The campaign, which originated from Eastern Europe, uses a combination of…