136/68 Wednesday, April 9, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-22457 to its Known Exploited Vulnerabilities (KEV) Catalog, after confirming active exploitation of the flaw in Ivanti products, including Connect Secure, Policy Secure, and Neurons for ZTA Gateways. The vulnerability is a stack-based buffer overflow in Apache Tomcat, which can […]
135/68 Wednesday, April 9, 2025 Researchers have discovered that the APT group ToddyCat, suspected to be linked to China, is exploiting a now-patched vulnerability (CVE-2024-11859) in ESET antivirus software to stealthily load and execute malware on target systems. The vulnerability, fixed in January 2024, stems from insecure DLL search order handling, allowing attackers to trick […]
134/68 Tuesday, April 8, 2025 Oracle has confirmed a data breach incident and has begun privately notifying affected customers. While the company appears to be downplaying the severity of the breach, a hacker going by the alias rose87168 claims to have accessed millions of records from Oracle Cloud, including encrypted credentials for over 140,000 users. […]
133/68 Tuesday, April 8, 2025 A growing SMS phishing campaign is targeting users by impersonating E-ZPass and other toll collection agencies such as FasTrak and the Florida Turnpike. Victims are receiving fraudulent iMessages and SMS messages designed to steal personal and credit card information. The messages typically claim that the recipient has unpaid toll fees […]
132/68 Friday, April 4, 2025 Cybersecurity researchers at Kaspersky have issued a warning about a new version of the Triada trojan that has been found embedded in the firmware of counterfeit Android smartphones designed to imitate popular models. The malware activates as soon as the device is set up for the first time. According to […]
131/68 Friday, April 4, 2025 Cisco has released patches for two critical security vulnerabilities that could lead to Denial-of-Service (DoS) attacks targeting Meraki MX and Meraki Z devices, as well as the Enterprise Chat and Email (ECE) platform. The first flaw, CVE-2025-20212, affects the VPN AnyConnect server and allows an authenticated attacker to force the […]
130/68 Thursday, April 3, 2025 Microsoft’s MORSE (Microsoft Offensive Research and Security Engineering) team has discovered a critical vulnerability, tracked as CVE-2025-1268 (CVSS 9.4), affecting Canon printer drivers. The vulnerability is classified as an out-of-bounds issue that impacts various printer driver models, including those for production printers, office/small office multifunction printers, and laser printers—particularly during […]
129/68 Thursday, April 3, 2025 Cybersecurity researchers at Wiz have uncovered an ongoing campaign targeting externally accessible PostgreSQL servers, exploiting weak or easily guessable credentials to deploy fileless cryptocurrency mining malware. One of the key payloads used in this campaign is a malware strain called PG_MEM, which was first detected by Aqua Security in August […]
128/68 Wednesday, April 2, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-severity vulnerabilities in Cisco Smart Licensing Utility to its Known Exploited Vulnerabilities (KEV) Catalog: Although there was no evidence of active exploitation initially, once vulnerability details were published by researcher Nicholas Starke, associated attack activity began to surface. The […]
127/68 Wednesday, April 2, 2025 Researchers at Prodaft have uncovered that Lucid, a Phishing-as-a-Service (PhaaS) platform operated by the Chinese cybercriminal group XinXin, is behind a wave of targeted SMS phishing attacks affecting 169 victims across 88 countries. Lucid provides Telegram-registered members with access to automated phishing site generators, over 1,000 domains, and fake messaging […]
