A critical vulnerability in Ivanti Connect Secure (CVE-2025-0282) is being actively exploited by multiple threat actors to deploy an advanced malware variant known as SPAWNCHIMERA. This vulnerability, disclosed in January 2025, is a stack-based buffer overflow that allows remote unauthenticated…
Tag: Cyber Security News
‘Wormable’ Windows LDAP Vulnerability Allow Attackers Arbitrary Code Remotely
A critical security vulnerability has been identified in Windows’ Lightweight Directory Access Protocol (LDAP) implementation, allowing attackers to execute arbitrary code remotely. This “wormable” vulnerability, designated as CVE-2025-21376, was disclosed on February 11, 2025, by Microsoft. The vulnerability is classified…
Hackers Trick You To Run PowerShell As Admin & Paste Their Code to Hack Windows
Microsoft Threat Intelligence has uncovered a new tactic employed by the North Korean state-sponsored hacking group Emerald Sleet, also known as Kimsuky or VELVET CHOLLIMA. The group is leveraging social engineering techniques to trick victims into running PowerShell commands as…
Windows Storage 0-Day Vulnerability Let Attackers Delete The Target Files Remotely
A significant security vulnerability has been identified in Windows, allowing attackers to remotely delete targeted files on affected systems. This vulnerability, tracked as CVE-2025-21391, was disclosed on February 11, 2025, and is classified as an Elevation of Privilege vulnerability with…
Hackers Exploit Prompt Injection to Tamper with Gemini AI’s Long-Term Memory
A sophisticated attack targeting Google’s Gemini Advanced chatbot. The exploit leverages indirect prompt injection and delayed tool invocation to corrupt the AI’s long-term memory, allowing attackers to plant false information that persists across user sessions. This vulnerability raises serious concerns…
Ivanti Connect Secure Vulnerabilities Let Attackers Execute Code Remotely
Ivanti has disclosed a critical vulnerability, CVE-2025-22467, impacting its Connect Secure (ICS) product. This stack-based buffer overflow vulnerability, rated 9.9 (Critical) on the CVSS v3.1 scale, allows remote authenticated attackers to execute arbitrary code on affected systems. The flaw is…
Google Chrome’s Safe Browsing Now Protect 1 Billion Users With 300,000 Deep Scans
In honor of Safer Internet Day, Google has announced a significant milestone in online security, more than 1 billion Chrome users are now safeguarded by the browser’s Enhanced Protection mode. This advanced security feature, introduced in 2020 as part of…
Remote Desktop Manager Vulnerabilities Let Attackers Intercept Encrypted Communications
Devolutions have disclosed critical vulnerabilities in its Remote Desktop Manager (RDM) software, which could allow attackers to intercept and modify encrypted communications through man-in-the-middle (MITM) attacks. These flaws stem from improper certificate validation across all platforms and have been assigned…
Microsoft Secure Boot Security 0-Day Lets Attackers Steal The Admin Credentials
A significant security vulnerability, identified as CVE-2023-24932, has been discovered in Microsoft’s Secure Boot feature. This vulnerability allows attackers to bypass Secure Boot, potentially leading to the theft of admin credentials. The vulnerability was first disclosed on May 9, 2023,…
Linux X.509 Certificate-Based User Login Flaws Let Attackers Bypass Authentication
Three critical vulnerabilities have been identified in the PAM-PKCS#11 module, a widely used Linux-PAM login module that facilitates X.509 certificate-based user authentication. These vulnerabilities, cataloged under CVE-2025-24032, CVE-2025-24531, and CVE-2025-24031, pose significant risks by allowing attackers to bypass authentication mechanisms,…
Critical OpenSSL Vulnerability Allow Hackers to Launch Man-in-the-Middle Attacks
The OpenSSL Project announced a high-severity vulnerability (CVE-2024-12797) affecting versions 3.2, 3.3, and 3.4 of the widely used cryptographic library. The vulnerability, discovered by Apple Inc. in December 2024, could potentially allow man-in-the-middle (MitM) attacks on TLS and DTLS connections…
Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities Fixed, 3 Zero-Day’s Actively Exploited
Microsoft released a security update as part of the February Patch Tuesday that addressed 61 vulnerabilities, including 25 classified as critical Remote Code Execution (RCE) vulnerabilities, including 3 zero-day vulnerabilities that were actively exploited in the wild. The update covers…
Fortinet 0-Day in FortiOS & FortiProxy Let Attackers Hijacks Firewall to Get Super Admin Access
Fortinet has issued an urgent warning about actively exploiting a new zero-day authentication bypass vulnerability (CVE-2025-24472) affecting its FortiOS and FortiProxy products. This critical flaw allows remote attackers to gain super-admin privileges by sending maliciously crafted CSF proxy requests. The…
Fortinet Addresses Critical Zero-Day & Multiple Vulnerabilities in Major Security Update
Fortinet has rolled out critical security updates to address a severe zero-day vulnerability (CVE-2025-24472) and multiple high-risk flaws across its product portfolio, including FortiOS, FortiProxy, FortiManager, and FortiAnalyzer. Fortinet warns of a new zero-day flaw (CVE-2025-24472), which allows attackers to…
Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities Fixed, 3 Actively Exploited in the Wild
Microsoft released a security update as part of the February Patch Tuesday that addressed 61 vulnerabilities, including 25 classified as critical Remote Code Execution (RCE) vulnerabilities, including 3 actively exploited in the wild. The update covers a wide range of…
Researcher Details Fortinet FortiOS Vulnerabilities Allowing DoS & RCE Attacks
A security audit of Fortinet’s FortiOS VPN conducted by Akamai researcher Ben Barnea has uncovered multiple vulnerabilities that could enable attackers to launch denial-of-service (DoS) attacks and potentially execute remote code (RCE). The findings, responsibly disclosed to Fortinet, prompted a…
Critical Ivanti CSA Vulnerability Let Attackers Execute Arbitrary Code Remotely
Ivanti has issued critical updates for its Cloud Services Application (CSA) to address two significant vulnerabilities, one of which could allow attackers to execute arbitrary code remotely. The vulnerabilities, identified as CVE-2024-47908 and CVE-2024-11771, affect CSA versions 5.0.4 and earlier.…
FortiOS Security Fabric Vulnerability Let Attackers Escalate Privileges to Super-admin
Fortinet has addressed a critical security flaw in its FortiOS Security Fabric that could allow authenticated administrators to elevate privileges to the super-admin level by connecting vulnerable devices to malicious upstream FortiGate systems. Tracked as an “incorrect privilege assignment” vulnerability,…
Hackers Newly Registering Valentine’s Day Themed Domains for Stealthy Cyber Attacks
Researchers have identified a surge in newly registered Valentine’s Day-themed domains, with threat actors leveraging terms like “love,” “gift,” and “Valentine” to orchestrate phishing, malware, and romance scams. This trend aligns with historical patterns where cybercriminals exploit seasonal events to…
UK Cracked Down Russian ZSERVERS Network Acts as Launchpad for Cyber Attacks
The UK government has imposed strict sanctions on ZSERVERS, a Russian-based cyber entity identified as a key enabler of global ransomware attacks. The sanctions target six members of the ZSERVERS network and its UK-based front company, XHOST Internet Solutions LP,…