Tag: VULNERABILITY

Cisco warns of CSLU backdoor admin account used in attacks
Summary: Cisco has issued a warning regarding a critical vulnerability (CVE-2024-20439) in its Smart Licensing Utility (CSLU) that exposes a backdoor admin account, allowing unauthenticated attackers to gain remote admin access to vulnerable systems. This flaw, which was patched in September, is being actively exploited in conjunction with another vulnerability (CVE-2024-20440) to access sensitive data.…
Read More
Apple Backports Zero-Day Patches to Older Devices in Latest Security Update
Summary: Apple has rolled out critical security updates to address a series of vulnerabilities, including two actively exploited zero-day threats. These updates provide backported patches for older versions of iOS, iPadOS, macOS, and watchOS, ensuring that even outdated devices receive essential security enhancements. The efforts underline Apple’s commitment to mitigating risks across its entire ecosystem.…
Read More

Victim: Royal Saudi Air Force Country : SA Actor: killsec Source: http://ks5424y3wpr5zlug5c7i6svvxweinhbdcqcfnptkfcutrncfazzgz5id.onion/posts.php?pid=aBmDRA0OHxIXK7DbDAIpMb9x Discovered: 2025-04-02 07:57:25.261188 Published: 2025-04-02 07:56:12.811827 Description : In a significant cybersecurity incident, the Royal Saudi Air Force fell victim to a ransomware attack orchestrated by the hacking group known as Killsec. This attack, which targeted critical systems within the military sector of Saudi Arabia, raised alarms about the vulnerability of national defense infrastructures to cyber threats.…
Read More

Summary: The video discusses the latest updates in the cybersecurity realm, featuring topics such as the RSA conference, a supposed Microsoft acquisition of Debian, advancements in phishing as a service, security vulnerabilities in various systems, and the European Union’s funding for digital innovation. With humorous commentary and expert analysis, Doug White provides insights on recent developments and trends that are shaping the security landscape.…
Read More
Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities
Summary: Microsoft’s threat intelligence team has leveraged AI technologies to identify over 20 critical vulnerabilities in widely-used open-source bootloaders such as GRUB2, U-boot, and Barebox, particularly in UEFI Secure Boot systems. These vulnerabilities could enable threat actors to execute arbitrary code, potentially compromising device security and leading to severe malicious activities.…
Read More
Tomcat in the Crosshairs: New Research Reveals Ongoing Attacks
Aqua Nautilus researchers have identified a new malware campaign that exploits Apache Tomcat servers, capable of hijacking resources for cryptocurrency mining. The attackers leverage encrypted payloads to establish backdoors, steal SSH credentials, and execute arbitrary code. Rapid exploitation was noted, taking just 30 hours to weaponize the vulnerability, indicating the urgency for organizations to secure their Tomcat instances.…
Read More

Here’s the organized report based on the attackers identified in the hacked website list: Attacker: Ghost7

– Target: ru.nepalembassy.gov.np/wp-content/uploads/2025/… – Source: Defacer ID – Victim Country: Nepal – Sector: Government (The targeted website belongs to the Nepali embassy, indicating a breach of diplomatic information and governmental communications) – Description: The hacking of the Nepali embassy website represents a targeted attack aimed at compromising diplomatic channels, potentially exposing sensitive information related to international affairs.…

Read More
CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability
Summary: The Shadowserver Foundation reported a surge in exploitation attempts targeting a recently patched vulnerability in CrushFTP, a file transfer solution. Despite ongoing updates and mitigations from CrushFTP, vulnerability intelligence firms have created CVE identifiers, leading to confusion in the cybersecurity community. As unpatched instances remain, CrushFTP has urged users to promptly apply available patches.…
Read More
Moscow Metro Digital Outage: Alleged Cyberattack or Technical Failure?
Summary: On March 31, 2023, the Moscow Metro’s website and mobile app experienced significant disruptions, mirroring a recent cyberattack on Ukrainian Railways. Users faced issues accessing their accounts and purchasing tickets, while the website displayed messages suggesting a security breach. This incident raises concerns about the cybersecurity of transportation infrastructures in politically sensitive regions.…
Read More
Canon CVE-2025-1268 Vulnerability: A Buffer Overflow Threatening Printer Security
Summary: Canon Marketing Japan Inc. and Canon Inc. have released a security update addressing a critical vulnerability, CVE-2025-1268, affecting various models of Canon printers. The issue, stemming from a buffer overflow in specific printer drivers, poses significant security risks despite no confirmed exploitation cases. Canon urges users to update affected drivers to mitigate potential threats.…
Read More