Microsoft has recently published comprehensive guidance for developers working with Virtualization-Based Security (VBS) enclaves, highlighting critical security measures to strengthen the trust boundary between different virtual trust levels. The guidance by the Microsoft Security team, addresses fundamental security challenges that…
Tag: Cyber Security News
Microsoft Warns of Silk Typhoon Hackers Attacking IT Supply Chain
Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese state-sponsored espionage group that has begun targeting common IT solutions including remote management tools and cloud applications to gain initial access to organizational networks. This…
Hackers Leveraging Business Relationship To Attack Arab Emirates Aviation Sector
Security researchers at Proofpoint have uncovered a sophisticated cyber espionage campaign targeting aviation and satellite communications organizations in the United Arab Emirates. The campaign, attributed to a threat actor tracked as UNK_CraftyCamel, leveraged a compromised Indian electronics company to deliver…
Cisco Webex for BroadWorks Vulnerability Let Remote Attackers Access Data & Credentials
A newly disclosed vulnerability in Cisco Webex for BroadWorks Release 45.2 enables remote attackers to intercept sensitive credentials and user data when Session Initiation Protocol (SIP) communications lack encryption. This vulnerability, rated as low severity but with significant operational implications,…
WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks
A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote code execution (RCE) attacks. The vulnerability, scoring a maximum CVSS 9.8 (Critical) severity rating, originates from improper handling of…
U.S Treasury Sanctions Admin of Nemesis Darknet Marketplace
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sweeping sanctions today against Behrouz Parsarad, an Iran-based cybercriminal identified as the sole administrator of the Nemesis darknet marketplace. This move marks OFAC’s first recognition as a…
CISA Warns of Actively Exploited VMware Vulnerabilities, Urges Immediate Patching
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on March 4, 2025, adding three critical VMware vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following confirmed in-the-wild exploitation. The vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 allow attackers…
Microsoft To Remove DES Encryption from Windows 11 24H2 & Windows Server 2025
Microsoft has announced plans to enhance security measures by removing the Data Encryption Standard (DES) encryption algorithm from Kerberos authentication in upcoming Windows releases. This security change will affect Windows Server 2025 and Windows 11 version 24H2 computers after they…
Vim Editor Vulnerability Exploited Via TAR Files to Trigger Code Execution
The Vim text editor vulnerability CVE-2025-27423 is a high-severity issue that allows for arbitrary code execution via malicious TAR archives. Affecting Vim versions prior to 9.1.1164, this flaw in the bundled tar.vim plugin exposes users to potential command injection attacks…
Telegram EvilVideo Vulnerability Exploited to Execute Malicious Code on Victim Device
A critical evolution of the CVE-2024-7014 vulnerability, originally patched in July 2024, has resurfaced with updated tactics to bypass security measures. Dubbed Evilloader, this new exploit leverages Telegram’s multimedia handling mechanisms to execute malicious JavaScript code by disguising .htm files…
NVIDIA Warns of Multiple Vulnerabilities that Let Attackers Execute Malicious Code
NVIDIA has issued urgent security advisories addressing multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing (HMC) platforms, including a high-severity flaw (CVE-2024-0114, CVSS 8.1) that permits unauthorized code execution, privilege escalation, and systemic data compromise. A secondary medium-severity vulnerability…
Zoho ADSelfService Plus Vulnerability Let Attackers Gain Unauthorized Access
Zoho has patched a high-severity vulnerability (CVE-2025-1723) in its ADSelfService Plus software, a widely used self-service password management and single sign-on solution. The flaw, discovered in builds 6510 and earlier, could enable attackers to bypass authentication safeguards and access sensitive…
HPE Remote Support Tool Vulnerability Let Attackers Execute Arbitrary code – PoC Released
A newly disclosed vulnerability in Hewlett Packard Enterprise’s (HPE) Insight Remote Support tool enables unauthenticated attackers to execute arbitrary code on vulnerable systems, with proof-of-concept (PoC) exploit code now publicly available. Tracked as CVE-2024-53676, this critical remote code execution (RCE)…
GrassCall Malware Attacking Job Seekers To Steal Login Credentials
A sophisticated malware campaign named “GrassCall” was detected that specifically targets job seekers through deceptive tactics. The campaign, attributed to the threat group known as Crazy Evil, has been actively exploiting job hunters’ vulnerability by luring them with fake employment…
Researchers Detailed APT28’s HTA Trojan Multi-Layer Obfuscation Techniques
A security researcher known as “Seeker” has published an in-depth analysis of advanced obfuscation techniques employed by APT28, a threat actor known for sophisticated cyber espionage operations. The report provides a comprehensive examination of a heavily obfuscated HTA Trojan used…
Chrome 134 Released, Fixes 14 Vulnerabilities That Could Crash the Browser
Google has rolled out Chrome 134 to the stable channel, delivering critical security updates that resolve 14 vulnerabilities, including high-severity flaws that could enable browser crashes, data leaks, or arbitrary code execution. The update (versions 134.0.6998.35 for Linux, 134.0.6998.35/36 for…
AV Detection & Anti-Malware Scans Bypassed Using Red Team Tool SpecterInsight
A new report published recently, details how red team operators can use SpecterInsight 4.2.0 to successfully bypass Windows Defender and other antivirus solutions. The technique allows threat actors to evade detection while loading malicious .NET payloads into memory, presenting significant…
Windows KDC Proxy RCE Vulnerability Let Attackers Control The Server Remotely – Technical Analysis
Security researchers have uncovered a significant remote code execution vulnerability in Microsoft’s Windows Key Distribution Center (KDC) Proxy that could potentially allow attackers to gain complete control over affected servers. The vulnerability, tracked as CVE-2024-43639, stems from an integer overflow…
49,000+ Access Management Systems Worldwide Configured With Massive Security Gaps
Dutch IT security consultancy Modat has uncovered alarming security vulnerabilities in approximately 49,000 access management systems (AMS) deployed worldwide. These systems, designed to control building access through authentication methods like passwords, biometrics, and multi-factor authentication, have been found to contain…
Hackers Deliver XWorm via Malicious Registry Files in a New Stegocampaign Attack
Stegoсampaign, a complex attack that leverages phishing, a multi-functional RAT, а loader, and malicious scripts, got a new twist. ANY.RUN’s malware analysts discovered a Stegocampaign variant that uses a Windows registry file to add a malicious script to Autorun. While…