Summary: Google has issued a critical security update for its Chrome web browser, addressing three vulnerabilities, two of which are classified as “High” severity. Users are strongly encouraged to update to the latest version (132.0.6834.110/111) to protect against potential exploits. The vulnerabilities involve the V8 JavaScript engine, which could allow attackers to execute arbitrary code or crash the browser.…
Read More
Tag: VULNERABILITY
Summary: Cisco has issued a security advisory regarding a vulnerability in ClamAV’s OLE2 file decryption routine, tracked as CVE-2025-20128. This vulnerability could allow unauthenticated remote attackers to cause a denial of service (DoS) condition on affected devices by exploiting an integer underflow during a bounds check.…
Read More
Summary: The modern workplace has shifted towards hybrid work, increasing reliance on cloud-based SaaS applications, which has led to heightened cyberthreats. The 2025 State of SaaS Backup and Recovery Report reveals alarming trends in data loss and recovery confidence among IT professionals. Organizations are urged to strengthen their data resilience strategies to navigate these challenges effectively.…
Read More
Victim: CONSULTANTS.COM
Country :
Actor: clop
Source: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/consultants-com
Discovered: 2025-01-24 08:44:59.282456
Published: 2025-01-24 08:44:59.282456
Description :
AI generated platform for professional consultancy services
Connects businesses with a global network of expert consultants
Expertise across various fields: management, finance, IT, marketing, etc.
Allows companies to post projects or consult with experts
Helps solve business issues through expert advice
Provides a marketing platform for consultants to reach worldwide clients
About Country: Cybersecurity Perspective and Ransomware Cases
Read More
– Cybersecurity Framework: The country has established a robust national cybersecurity framework aimed at enhancing overall digital security standards.…
Victim: JAKKS.COM
Country : US
Actor: clop
Source: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/jakks-com
Discovered: 2025-01-24 09:01:54.388351
Published: 2025-01-24 09:01:54.388351
Description :
JAKKS Pacific, Inc. is a multi-brand company.
Designs and markets a wide range of toys and consumer products.
Offers merchandise for franchises like Disney, Nintendo, and Star Wars.
Known for innovative technology in toy manufacturing.…
Read More
The CloudSEK Threat Research Team has identified a generic phishing page capable of impersonating various brands to steal user credentials. This phishing page, hosted on Cloudflare’s workers.dev, utilizes a generic login interface and can be customized to target specific organizations. Victims’ credentials are exfiltrated to a remote server after they log in.…
Read More
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a patched security flaw in the jQuery JavaScript library to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. The vulnerability, CVE-2020-11023, is a medium-severity cross-site scripting (XSS) bug that can lead to arbitrary code execution.…
Read More
A recent report reveals that multiple cybersecurity firms have had their account credentials leaked and are being sold on the dark web. This poses risks not only to the companies involved but also to their customers. Additionally, the Ministry of Industry and Information Technology highlights the ongoing threat of the Androxgh0st botnet, which targets IoT devices and network infrastructure.…
Read More
Recent vulnerabilities in Ivanti Cloud Service Appliances (CSA) pose significant risks, allowing adversaries to exploit them through various chains. The CISA and FBI alert highlights the need for immediate action, as attackers have been able to gain access, execute remote code, and compromise sensitive networks. Affected: Ivanti Cloud Service Appliances, Enterprise Security
Read More
Keypoints :
Ivanti Cloud Service Appliances (CSAs) face critical vulnerabilities tracked as CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380.…
A zero-day vulnerability (CVE-2025-23006) affecting SonicWall’s Secure Mobile Access (SMA) 1000 has been actively exploited, potentially allowing unauthorized remote command execution. Although SonicWall provided a fix, the advisory warns of ongoing threats from malicious actors targeting this security flaw. Affected: SonicWall SMA 1000, SonicWall Firewall devices
Read More
Keypoints :
A zero-day vulnerability identified as CVE-2025-23006 was disclosed by SonicWall.…
LockBit 3.0 ransomware primarily targets Windows systems, exploiting vulnerabilities in Active Directory and Microsoft Exchange Server. It employs various tactics for initial access, data encryption, and data exfiltration, threatening victims with public data leaks unless ransoms are paid. LockBit has been particularly active in sectors such as healthcare, finance, and critical infrastructure, leveraging advanced techniques to evade detection.…
Read More
Summary: Cybercriminals are increasingly targeting payment systems, with a significant rise in stolen card data and check fraud. The latest fraud report highlights a surge in Magecart e-skimmer infections due to a specific vulnerability, alongside a persistent issue of check fraud in the U.S. The report forecasts ongoing trends in digital skimming, dark web activity, and check fraud for 2025.…
Read More
Summary: A recent evaluation of three firewall models from Palo Alto Networks revealed significant security flaws in their firmware and misconfigurations that could be exploited by attackers. The identified vulnerabilities, collectively termed PANdora’s Box, include well-known issues that could allow for Secure Boot bypass and privilege escalation.…
Read More
Attacker: ./FreedomXploitTarget: esign.baritotimurkab.go.id/upl…Source: https://zone-xsec.com/mirror/id/703408
Attacker: KecotXplTarget: mtsn1mesuji.sch.idSource: https://zone-xsec.com/mirror/id/703400
Attacker: Mayat1337Target: smknbalimandara.sch.idSource: https://zone-xsec.com/mirror/id/703399
Attacker: Mayat1337Target: tkr.smknbalimandara.sch.idSource: https://zone-xsec.com/mirror/id/703398
Attacker: Mayat1337Target: tefa.smknbalimandara.sch.idSource: https://zone-xsec.com/mirror/id/703397
Attacker: Mayat1337Target: sas.smknbalimandara.sch.idSource: https://zone-xsec.com/mirror/id/703396
Attacker: Mayat1337Target: alumni.smknbalimandara.sch.idSource: https://zone-xsec.com/mirror/id/703395
Attacker: Mayat1337Target: akademik.smknbalimandara.sch.i…Source: https://zone-xsec.com/mirror/id/703394
Attacker: Mayat1337Target: ppdb.smknbalimandara.sch.idSource: https://zone-xsec.com/mirror/id/703393
Attacker: GelntTarget: jmc.gov.bd/spectre.htmlSource: https://zone-xsec.com/mirror/id/703386
Cybersecurity Attack Analysis Report: Website Defacement of Government Sectors IntroductionThis report analyzes recent cyberattacks focusing on website defacement affecting government entities across various countries.…
Summary: Researchers at the Pwn2Own Automotive hacking contest successfully hacked Tesla’s EV charger, revealing significant vulnerabilities in automotive technologies. The PHP Hooligans exploited a zero-day bug to take control of the charger, earning substantial rewards. The contest highlighted the ongoing security challenges in electric vehicle infrastructure, with multiple vulnerabilities discovered across various charging systems.…
Read More
Summary: A vulnerability in Cloudflare’s content delivery network (CDN) can expose users’ locations through images sent via apps like Signal and Discord. Discovered by a 15-year-old researcher named Daniel, this flaw allows attackers to deanonymize targets within a 250-mile radius using either one-click or zero-click methods.…
Read More
Summary: Cyber Insights 2025 explores expert predictions on the evolution of malware, focusing on ransomware, the influence of AI, and the impact of geopolitics. As cybercriminals adapt their tactics, ransomware remains a prevalent threat, while advancements in AI may lead to faster and more sophisticated attacks.…
Read More
Summary: Cyberattackers are exploiting multiple Ivanti vulnerabilities to compromise the company’s Cloud Service Appliance (CSA). CISA and the FBI have identified several critical vulnerabilities that allow attackers to gain initial access and execute remote code on victim networks. Organizations are urged to upgrade their systems and implement detection methods to mitigate these threats.…
Read More
Summary: A malicious campaign is targeting Juniper edge devices, particularly VPN gateways, using malware called J-magic that activates a reverse shell upon detecting a specific “magic packet.” This campaign, which has been active since mid-2023, primarily affects organizations in the semiconductor, energy, manufacturing, and IT sectors.…
Read More
Summary: SonicWall has issued a warning regarding a critical pre-authentication deserialization vulnerability (CVE-2025-23006) in its SMA1000 Appliance Management Console, which has reportedly been exploited as a zero-day in attacks. This flaw allows remote unauthenticated attackers to execute arbitrary OS commands, affecting all firmware versions up to 12.4.3-02804.…
Read More