Atlassian and Cisco have released patches for multiple high-severity vulnerabilities, including remote code execution bugs. The post Vulnerabilities Patched in Atlassian, Cisco Products appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Vulnerabilities Patched…
Category: EN
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)
CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed…
Harvest Ransomware Attack: Stolen Data Now Publicly Disclosed
French fintech leader Harvest SAS has become the latest high-profile victim of a sophisticated ransomware attack, culminating this week in the public release of a trove of sensitive stolen data. The breach, orchestrated by the rapidly emerging cybercriminal group known as Run Some…
Why ‘One Community’ Resonates in Cybersecurity
Our collective voices and one community will provide the intelligence we need to safeguard our businesses in today’s modern digital environment. The post Why ‘One Community’ Resonates in Cybersecurity appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Critical Erlang/OTP SSH Vulnerability Allow Hackers Execute Arbitrary Code Remotely
A major security flaw has been uncovered in the widely used Erlang/OTP SSH implementation, drawing urgent attention from the cybersecurity community worldwide. The vulnerability, tracked as CVE-2025-32433, exposes systems to unauthenticated remote code execution, potentially allowing hackers to fully compromise affected…
Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords
Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools, could the technology one day replace passwords? How blockchain works …
Tesla Whistleblower Wins Legal Ruling Against Elon Musk
Engineer Cristina Balan wins latest round in her long-running defamation claim against Elon Musk’s EV firm This article has been indexed from Silicon UK Read the original article: Tesla Whistleblower Wins Legal Ruling Against Elon Musk
This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops
Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.” This article has been indexed from Security Latest Read the original…
Brit soldiers tune radio waves to fry drone swarms for pennies
Truck-mounted demonstration weapon costs 10p a pop, says MOD British soldiers have successfully taken down drones with a radio-wave weapon.… This article has been indexed from The Register – Security Read the original article: Brit soldiers tune radio waves to…
CISA Issues Guidance After Oracle Cloud Hack
CISA is making recommendations for organizations and users in light of the recent Oracle legacy cloud environment hack. The post CISA Issues Guidance After Oracle Cloud Hack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Chinese Hacker Group Mustang Panda Bypass EDR Detection With New Hacking Tools
The China-sponsored hacking group, Mustang Panda, has been uncovered by Zscaler ThreatLabz to employ new techniques and tools, including the updated backdoor ToneShell and a novel tool named StarProxy, to evade endpoint detection and response (EDR) systems. Mustang Panda’s New…
CISA Warns of SonicWall Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical SonicWall vulnerability that is actively being exploited by threat actors. On April 16, 2025, CISA added CVE-2021-20035, a command injection vulnerability affecting SonicWall SMA100 appliances,…
Google Blocks 5 Billion Malicious Ads & Suspend 700,000+ Offending Advertiser
Google revealed a significant crackdown on malicious advertising activity across its platforms, blocking more than 5.1 billion bad ads and suspending upwards of 700,000 advertiser accounts involved in policy violations and scams. Google’s ability to detect and prevent malicious ads…
Researchers Uncovered Gamaredon’s PteroLNK VBScript Malware Infrastructure & TTP’s
A sophisticated malware campaign attributed to the Russia-linked Gamaredon threat group has been actively targeting Ukrainian entities since late 2024, according to new research published on April 16, 2025. Samples of the Pterodo malware family were identified on public malware…
SonicWall Flags Old Vulnerability as Actively Exploited
A SonicWall SMA 100 series vulnerability patched in 2021, which went unnoticed at the time of patching, is being exploited in the wild. The post SonicWall Flags Old Vulnerability as Actively Exploited appeared first on SecurityWeek. This article has been…
Trump’s Retaliation Against Chris Krebs — and the Cybersecurity Industry’s Deafening Silence
Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), was fired by Donald Trump in 2020 for publicly affirming that the presidential election was secure and free from widespread fraud. Fast-forward to April 2025: Trump, now…
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick…
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions. The vulnerability, tracked as CVE-2025-32433, has been given the maximum…
Unmasking the new XorDDoS controller and infrastructure
Cisco Talos observed the ongoing global spread of the XorDDoS malware, predominantly targeting the United States, with evidence suggesting Chinese-speaking operators are using sophisticated tools to orchestrate widespread attacks. This article has been indexed from Cisco Talos Blog Read the…
Microsoft Defender For Endpoint Now Isolates Undiscovered Endpoints
With recent updates, Microsoft took another step towards thwarting network threats with Defender. As announced,… Microsoft Defender For Endpoint Now Isolates Undiscovered Endpoints on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has…