Author: SecurityWeek

Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
Summary: Nvidia, Zoom, and Zyxel have released critical patches for multiple high-severity vulnerabilities affecting their products, urging users to update immediately. Nvidia’s vulnerabilities could allow for code execution and privilege escalation, while Zoom’s flaw could enable privilege escalation for authenticated attackers. Zyxel addressed an improper privilege management issue that could allow limited users to gain admin rights on certain devices.…
Read More
Chrome 132 Patches 16 Vulnerabilities
Summary: Google has released Chrome 132, addressing 16 security vulnerabilities, including 13 reported by external researchers. Among these, five high-severity flaws were identified, leading to significant bug bounty rewards for the researchers involved. Users are encouraged to update their browsers promptly to mitigate potential risks.

Threat Actor: N/A | N/A Victim: Google Chrome Users | Google Chrome Users

Keypoints :

Chrome 132 includes 16 security fixes, with five high-severity vulnerabilities addressed.…
Read More
Ivanti Patches Critical Vulnerabilities in Endpoint Manager
Summary: Ivanti has released patches for multiple critical and high-severity vulnerabilities in its Avalanche, Application Control Engine, and Endpoint Manager (EPM) products, addressing serious security flaws that could be exploited by remote attackers. The most severe issues include absolute path traversal vulnerabilities in EPM, with a CVSS score of 9.8, and several high-severity flaws in Avalanche and Application Control Engine.…
Read More
US, Japan, South Korea Blame North Korean Hackers for 0M Crypto Heists
Summary: In 2024, North Korean hackers stole approximately $660 million in cryptocurrency, with the funds allegedly supporting Pyongyang’s weapons programs. The US, Japan, and South Korea issued a joint statement warning the blockchain industry about the persistent threat posed by these cybercriminals.

Threat Actor: North Korean hackers | North Korean hackers Victim: Cryptocurrency exchanges and users | cryptocurrency exchanges

Key Point :

North Korean hackers conducted at least five major cryptocurrency heists in 2024.…
Read More
ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA
Summary: Schneider Electric, Siemens, Phoenix Contact, and CISA have issued security advisories for various ICS products in January 2025, addressing multiple vulnerabilities with varying severity levels. The advisories highlight critical issues that could lead to privilege escalation, remote code execution, and information disclosure among others.

Threat Actor: Unknown | unknown Victim: Various ICS Product Users | ICS product users

Key Point :

Schneider Electric released nine advisories, addressing high-severity vulnerabilities in multiple products including PowerLogic and Modicon systems.…
Read More
Microsoft Patches Trio of Exploited Windows Hyper-V Zero-Days
Summary: Microsoft is grappling with multiple zero-day vulnerabilities in its Windows Hyper-V platform, with attackers already exploiting these flaws for privilege escalation. The company has issued urgent advisories but has not provided technical details to assist defenders.

Threat Actor: Malicious attackers | malicious attackers Victim: Microsoft | Microsoft

Key Point :

Three zero-day vulnerabilities (CVE-2025-21334, CVE-2025-21333, CVE-2025-21335) in Windows Hyper-V have been exploited.…
Read More
Adobe: Critical Code Execution Flaws in Photoshop
Summary: Adobe has released critical security updates for multiple products, addressing vulnerabilities that could allow remote code execution by malicious hackers. The updates affect Adobe Photoshop, Substance 3D Stager, Illustrator for iPad, Adobe Animate, and Substance 3D Designer.

Threat Actor: Malicious Hackers | malicious hackers Victim: Adobe | Adobe

Key Point :

Adobe Photoshop update addresses two critical arbitrary code execution vulnerabilities (CVE-2025-21127 and CVE-2025-21122).…
Read More
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
Summary: The UK government is consulting on a proposed ban on ransomware payments by the public sector and critical national infrastructure operators, aiming to reduce the profitability of ransomware attacks. This initiative includes stricter reporting requirements for organizations that may still choose to pay ransoms.

Threat Actor: Ransomware Criminals | ransomware criminals Victim: UK Public Sector | UK Public Sector

Key Point :

The consultation period runs until April 8, 2025, with no guarantees on the final proposals.…
Read More
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
Summary: President Joe Biden has signed an executive order aimed at accelerating the development of AI infrastructure in the U.S., focusing on building data centers and clean power facilities while ensuring environmental standards are met.

Threat Actor: N/A | N/A Victim: N/A | N/A

Key Point :

The executive order mandates federal agencies to facilitate the construction of AI data centers and clean energy facilities.…
Read More
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
Summary: BforeAI, a provider of cyber threat prevention solutions, has raised $10 million in Series B funding, bringing its total funding to over $30 million. The company focuses on predictive attack intelligence and automated cyber defense to protect organizations from emerging threats.

Threat Actor: N/A | BforeAI Victim: N/A | BforeAI

Key Point :

BforeAI’s funding round was led by Titanium Ventures with participation from SYN Ventures, Karista, and Addendum Capital.…
Read More
SAP Patches Critical Vulnerabilities in NetWeaver
Summary: SAP has released 14 new security notes addressing critical vulnerabilities, including two with a CVSS score of 9.9, during its January 2025 Patch Day. Organizations are urged to apply these patches promptly to mitigate potential exploitation by threat actors.

Threat Actor: Unknown | unknown Victim: SAP | SAP

Key Point :

Two critical vulnerabilities (CVE-2025-0070 and CVE-2025-0066) could allow attackers to steal credentials and read decrypted information.…
Read More
Cyber Insights 2025: Cyber Threat Intelligence
Summary: SecurityWeek’s Cyber Insights 2025 explores expert predictions on the evolution of Cyber Threat Intelligence (CTI) over the next year, emphasizing its critical role in proactive cybersecurity strategies. The report highlights the need for accurate, actionable intelligence to combat increasingly sophisticated cyber threats.

Threat Actor: Various | threat actors Victim: Organizations globally | organizations globally

Key Point :

CTI is essential for understanding the nature of cyber threats and enabling proactive defense strategies.…
Read More
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
Summary: A threat actor known as Codefinger is exploiting compromised AWS keys to encrypt data in S3 buckets, demanding ransom for the decryption keys. This attack leverages AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) without exploiting any vulnerabilities in AWS itself.

Threat Actor: Codefinger | Codefinger Victim: AWS customers | AWS customers

Key Point :

The attack relies on stolen AWS credentials to encrypt data, making recovery impossible without the attacker’s AES-256 keys.…
Read More
Many Ivanti VPNs Still Unpatched as UK Domain Registry Emerges as Victim of Exploitation
Summary: A critical vulnerability in Ivanti VPNs, CVE-2025-0282, has been exploited in the wild, with Nominet, the UK domain registry, identified as a victim. Despite the attacks, Nominet reports no evidence of data breaches or backdoors in their network.

Threat Actor: Chinese cyberspies | Chinese cyberspies Victim: Nominet | Nominet

Key Point :

Ivanti released patches for the critical zero-day vulnerability CVE-2025-0282.…
Read More
Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments
Summary: A critical remote code execution vulnerability (CVE-2024-50603) in Aviatrix Controller is being actively exploited by threat actors to deploy malware, including cryptocurrency miners. This vulnerability allows unauthenticated attackers to execute arbitrary code with high privileges on the cloud networking platform.

Threat Actor: Unknown | unknown Victim: Aviatrix Controller | Aviatrix Controller

Key Point :

The vulnerability has a CVSS score of 10/10 and affects specific API endpoints implemented in PHP.…
Read More
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
Summary: An information stealer malware attack compromised the credentials of multiple Telefonica employees, allowing threat actors to access the company’s internal ticketing system and steal sensitive data. The Hellcat ransomware group claimed responsibility for the breach, which involved sophisticated social engineering techniques and custom malware.

Threat Actor: Hellcat Ransomware Group | Hellcat Ransomware Group Victim: Telefonica | Telefonica

Key Point :

Attackers used custom infostealer malware to compromise credentials of over 15 employees.…
Read More
AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming
Summary: Microsoft emphasizes the irreplaceable role of human expertise in AI red-teaming, highlighting the limitations of AI models in assessing nuanced security risks. Their research indicates that cultural awareness and emotional intelligence are critical for identifying vulnerabilities in generative AI systems.

Threat Actor: Microsoft AI Red Team | Microsoft AI Red Team Victim: Generative AI Systems | Generative AI Systems

Key Point :

Human ingenuity is essential for uncovering vulnerabilities in AI systems.…
Read More
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
Summary: Threat actors are exploiting a recent Windows LDAP vulnerability by distributing information stealer malware disguised as proof-of-concept (PoC) exploit code. This tactic poses significant risks as it targets a trending security issue that could affect numerous victims.

Threat Actor: Unknown | unknown Victim: Security Researchers | security researchers

Key Point :

Threat actors are using fake PoC exploits to deliver information stealer malware.…
Read More