Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft
Summary: Broadcom has issued security updates to address five vulnerabilities in VMware Aria Operations and Aria Operations for Logs, which could allow attackers to gain elevated access or obtain sensitive information. The identified flaws primarily affect versions 8.x of the software and include issues ranging from credential exposure to cross-site scripting (XSS).…
Read More
Dark Web Profile: Termite Ransomware
Termite Ransomware, identified in late 2024, has emerged as a significant cyber threat, leveraging advanced tactics and targeting specific vulnerabilities. Its operations include data theft, extortion, and encryption, with notable attacks such as the breach of Blue Yonder. The group is suspected to have links to Babuk and Cl0p, indicating a complex ransomware landscape.…
Read More
Backdoor found in two healthcare patient monitors, linked to IP in China
Summary: The US Cybersecurity and Infrastructure Security Agency (CISA) has identified a backdoor in Contec CMS8000 healthcare monitoring devices that transmits patient data to a remote IP address and allows external execution of files, posing significant security risks. This backdoor, discovered through an external research disclosure, enables remote access that can lead to the complete takeover of affected devices.…
Read More
Threat Actors Exploit Government Websites for Phishing
Summary: Cybercriminals are increasingly exploiting vulnerabilities in government websites to execute phishing campaigns, as revealed by recent research from Cofense Intelligence. Legitimate .gov domains are often misused for credential phishing and as open redirects, targeting users’ trust in government sites. The study highlights the need for better security measures and awareness to combat these evolving threats.…
Read More
VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products
Summary: VMWare has released critical patches for multiple security vulnerabilities in its Aria Operations and Aria Operations for Logs products, specifically addressing issues that could allow unauthorized admin access. The most severe vulnerabilities disclosed can lead to information disclosure and potential exploitation by non-admin users. Users are urged to apply these updates immediately, as no pre-patch workarounds exist for the outlined risks.…
Read More
Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response
Trend Micro’s Managed XDR team investigated a campaign distributing Lumma Stealer through GitHub, where attackers exploited the platform’s release infrastructure to deliver various malware, including SectopRAT, Vidar, and Cobeacon. The attackers used trusted URLs for initial access, leading to data exfiltration and command execution. The tactics displayed similarities to the Stargazer Goblin group.…
Read More
Summary: A severe zero-day vulnerability (CVE-2024-55591) affecting Fortinet’s FortiOS and FortiProxy products has been disclosed, posing a substantial risk to enterprise networks. The vulnerability, with a CVSS score of 9.8, allows attackers to create rogue administrative accounts and modify firewall policies, facilitating further attacks. Federal agencies are mandated by CISA to patch systems by January 21, 2025, due to the ongoing exploitation risks.…
Read More
Hackers Exploiting Flaws in SimpleHelp RMM to Breach Networks
Hackers are exploiting vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) software, leading to unauthorized access and significant security risks. The flaws, identified as CVE-2024–57726, CVE-2024–57727, and CVE-2024–57728, allow attackers to manipulate files and escalate privileges. Despite recent patches from SimpleHelp, active exploitation continues. Urgent action is encouraged for affected organizations to mitigate risks.…
Read More
Inside APT34 OilRig: Tools Techniques and Global Cyber Threats
APT34, a sophisticated Iranian cyber threat group, targets critical infrastructure in various sectors globally, particularly in the Middle East. The group employs advanced techniques and operates with support from state-sponsored entities, showcasing their adaptability and persistent threat. Affected: finance, energy, telecommunications, government, aviation, defense, education, oil and gas sectors

Keypoints :

APT34, also known as OilRig, has been active since 2012 and is believed to operate on behalf of the Iranian government.…
Read More
Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers
Summary: A command-injection vulnerability (CVE-2024-40891) in Zyxel CPE Series devices is actively being exploited, with no patch available even after its discovery six months ago. Vulnerable devices could allow attackers to execute arbitrary commands, leading to serious security risks. Researchers are urging users to take immediate protective measures while they await a resolution from Zyxel.…
Read More
CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors
Summary: GreyNoise reports an active exploitation of a critical zero-day vulnerability (CVE-2024-40891) in Zyxel CPE devices, allowing attackers to gain full system compromise through Telnet. With no patches available from Zyxel, over 1,500 devices are exposed to exploitation. GreyNoise urges immediate defensive measures, including restricting Telnet access and monitoring network logs.…
Read More
Hackers exploit critical unpatched flaw in Zyxel CPE devices
Summary: A critical command injection vulnerability (CVE-2024-40891) impacting Zyxel CPE Series devices has been exploited by hackers, allowing unauthenticated access to execute arbitrary commands. This vulnerability remains unpatched since it was identified in July 2023. Although technical details are not disclosed, exploitation activities have been observed targeting devices across multiple regions.…
Read More
Apple Fixes Critical Cyber Threats, Including Actively Exploited Zero-Day
Apple has released critical security updates to address multiple vulnerabilities, including a zero-day flaw that was actively exploited. The updates enhance memory management and fix security issues across apps. Affected: iOS, iPadOS, macOS, watchOS, tvOS

Keypoints :

Apple rolled out updates to address critical vulnerabilities, including CVE-2025-24085.…
Read More