Tag: PATCH

Hackers get 6,250 for 49 zero-days at Pwn2Own Automotive 2025
Summary: The Pwn2Own Automotive 2025 hacking contest concluded with researchers earning $886,250 by exploiting 49 zero-day vulnerabilities in various automotive software and products. The event highlighted security flaws in electric vehicle chargers, car operating systems, and in-vehicle infotainment systems. Summoning Team’s Sina Kheirkhah emerged as the winner, showcasing significant exploits against EV chargers and IVI systems.…
Read More
Cyber Insights 2025: Social Engineering Gets AI Wings
Summary: Cyber Insights 2025 highlights the evolution of social engineering as a significant cybersecurity threat, particularly with the rise of generative AI. Experts predict that AI will enhance social engineering tactics, making them more sophisticated and widespread, thereby increasing the risk of cyberattacks. The article emphasizes the inherent human nature of social engineering and the challenges in mitigating its effects on individuals and organizations.…
Read More
Multiple Cybersecurity Giants’ Account Credentials Leaked and Sold on Dark Web; Ministry of Industry and Information Technology Warns: Beware of Androxgh0st Botnet Risks | NiuLan – Security Niu
A recent report reveals that multiple cybersecurity firms have had their account credentials leaked and are being sold on the dark web. This poses risks not only to the companies involved but also to their customers. Additionally, the Ministry of Industry and Information Technology highlights the ongoing threat of the Androxgh0st botnet, which targets IoT devices and network infrastructure.…
Read More
North Korea Hacking Group Konni APT Advanced Persistent Threat Malware – Error Discovery Correction Report Submission Request Guidance (National Tax Collection Act Enforcement Rules).hwp.lnk (2025.1.7)
This article discusses a new malware developed by the North Korean hacking group Konni APT, which targets government agencies and organizations in Korea and the United States. The malware employs various techniques to evade detection, including file manipulation, remote control capabilities, and the use of .LNK…
Read More
CVE-2025-23006: SonicWall Secure Mobile Access SMA 1000 Zero-Day Reportedly Exploited
A zero-day vulnerability (CVE-2025-23006) affecting SonicWall’s Secure Mobile Access (SMA) 1000 has been actively exploited, potentially allowing unauthorized remote command execution. Although SonicWall provided a fix, the advisory warns of ongoing threats from malicious actors targeting this security flaw. Affected: SonicWall SMA 1000, SonicWall Firewall devices

Keypoints :

A zero-day vulnerability identified as CVE-2025-23006 was disclosed by SonicWall.…
Read More
CTI REPORT – LockBit 3.0
LockBit 3.0 ransomware primarily targets Windows systems, exploiting vulnerabilities in Active Directory and Microsoft Exchange Server. It employs various tactics for initial access, data encryption, and data exfiltration, threatening victims with public data leaks unless ransoms are paid. LockBit has been particularly active in sectors such as healthcare, finance, and critical infrastructure, leveraging advanced techniques to evade detection.…
Read More
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
Summary: SonicWall has issued a warning regarding a critical zero-day vulnerability (CVE-2025-23006) affecting its Secure Mobile Access (SMA) 1000 Series appliances, which could allow remote unauthenticated attackers to execute arbitrary OS commands. The vulnerability has a high CVSS score of 9.8 and has reportedly been exploited in the wild.…
Read More
SonicWall Learns From Microsoft About Potentially Exploited Zero-Day
Summary: SonicWall has acknowledged a critical remote command execution vulnerability (CVE-2025-23006) affecting its Secure Mobile Access (SMA) 1000 series products, which may have been actively exploited. The vulnerability allows unauthenticated attackers to execute arbitrary OS commands under specific conditions. SonicWall has released a patch and urges customers to update their systems immediately to mitigate the risk.…
Read More
Advanced Threat Detection: Exploitation Tactics from a CIRT Technical Interview
This article examines two scenarios wherein attackers exploit misconfigured Redis servers and utilize cloud storage resources to execute malicious scripts and gain unauthorized access. The sophisticated techniques employed emphasize the necessity for proactive defensive measures. Affected: Redis servers, macOS systems

Keypoints :

Attackers exploit misconfigurations in Redis services to execute remote commands.…
Read More
Four Critical Ivanti CSA Vulnerabilities Exploited, CISA and FBI Urge Mitigation
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory regarding the active exploitation of four critical vulnerabilities in Ivanti Cloud Service Appliances. These include CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380, which can lead to unauthorized access, remote code execution, and credential theft.…
Read More
Dark Web Profile: OilRig (APT34)
OilRig, also known as APT34, is a state-sponsored APT group linked to Iranian intelligence, primarily targeting sectors like government, energy, finance, and telecommunications. Their sophisticated cyber-espionage tactics include spear-phishing and custom malware, making them a persistent threat across the Middle East and beyond. Affected: government, energy, financial, telecommunications sectors

Keypoints :

OilRig is a state-sponsored APT group associated with Iranian intelligence.…
Read More
Critical zero-days impact premium WordPress real estate plugins
Summary: The RealHome theme and Easy Real Estate plugins for WordPress contain critical vulnerabilities that allow unauthenticated users to gain administrative privileges. Despite being reported in September 2024, the vendor has not addressed these issues, leaving them exploitable. Website owners are urged to disable the affected theme and plugin to mitigate risks.…
Read More
Flashpoint Weekly Vulnerability Insights and Prioritization Report
The article discusses the rising threat of vulnerabilities as organizations grapple with a staggering number of disclosed vulnerabilities in 2024, stressing the importance of effective prioritization. Key insights are provided on high-priority vulnerabilities identified by Flashpoint that warrant immediate attention due to their exploitability and impact on enterprise systems.…
Read More
Cisco warns of denial of service flaw with PoC exploit code
Summary: Cisco has issued security updates to address a denial-of-service (DoS) vulnerability in ClamAV, tracked as CVE-2025-20128, which could allow remote attackers to crash the antivirus scanning process. Although proof-of-concept exploit code is available, there is currently no evidence of active exploitation in the wild. The vulnerability affects the Secure Endpoint Connector software across various platforms, but overall system stability remains intact even if the vulnerability is exploited.…
Read More

In recent months, Indonesia has emerged as a significant hotspot in the global cybersecurity landscape, as cybercriminals exploit vulnerabilities in Internet of Things (IoT) devices to launch large-scale distributed denial-of-service (DDoS) attacks. A new variant of the infamous Mirai botnet, dubbed Murdoc Botnet, has been actively targeting IoT devices, including AVTECH IP cameras and Huawei HG532 routers, with Indonesia being one of the most affected countries.…

Read More
Oracle Patches 200 Vulnerabilities With January 2025 CPU
Summary: Oracle has released 318 new security patches in its January 2025 Critical Patch Update, addressing over 180 vulnerabilities that can be exploited remotely without authentication. Among these, 30 patches resolve critical-severity flaws, with Oracle Communications receiving the highest number of new patches. The update also includes security fixes for MySQL and various other Oracle applications, emphasizing the urgency of applying these patches to mitigate potential threats.…
Read More
Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products
Summary: Oracle has released its January 2025 Critical Patch Update (CPU) addressing 318 security vulnerabilities across its products, with the most severe being a critical flaw in the Oracle Agile PLM Framework that could allow attackers to take control of affected systems. The update includes patches for previously reported vulnerabilities and emphasizes the importance of applying these updates to mitigate risks.…
Read More
CVE-2025-21298 Detection: Critical Zero-Click OLE Vulnerability in Microsoft Outlook Results in Remote Code Execution
The article discusses the critical Microsoft Outlook vulnerability CVE-2025-21298, which allows remote code execution (RCE) through specially crafted emails. This zero-click flaw has a CVSS score of 9.8 and poses significant risks to email security. Immediate action is recommended, including applying patches and utilizing detection tools.…
Read More