MediaTek has issued urgent security advisories warning of multiple high-severity vulnerabilities in its system-on-chip (SoC) architectures, including flaws that enable local privilege escalation (LPE) and remote code execution (RCE). The March 2025 Product Security Bulletin highlights three high severity vulnerabilities…
Amnesty International’s Security Lab has uncovered a sophisticated cyber-espionage campaign in Serbia, where authorities used a zero-day exploit chain developed by Cellebrite to unlock the Android phone of a student activist. The attack, which occurred on December 25, 2024, leveraged…
One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned. Read More
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses, this means IT staff can manage systems remotely, and employees can work from home or anywhere, making RDP a true game-changer in today’s work environment.
But here’s the
A cyber attack leveraging Check Point’s patched CVE-2024-24919 vulnerability has targeted organizations across Europe, Africa, and the Americas. Security analysts have observed direct linkages to Chinese state-sponsored threat actors. The intrusion chain, which deploys the ShadowPad backdoor and NailaoLocker ransomware,…
[[{“value”:”CrowdStrike has published its 2025 Global Threat Report, which warns of faster breakout time and an increase in Chinese activity. The post 26 New Threat Groups Spotted in 2024: CrowdStrike appeared first on SecurityWeek.”}]] Read More
A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023.
French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and
[[{“value”:”Threat Intelligence firm Kela warns of a new ransomware group called Anubis operating as a RaaS service with an extensive array of options for affiliates. The post New Anubis Ransomware Could Pose Major Threat to Organizations appeared first on SecurityWeek.”}]] Read…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory on February 25, 2025, confirming that threat actors are actively exploiting a critical privilege escalation vulnerability in Microsoft’s Partner Center platform (CVE-2024-49035). The improper access control flaw, which…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities in question are as follows -
CVE-2024-49035 (CVSS score: 8.7) - An improper access control
The fake websites trick users into downloading and running malware that searches for personal information, especially anything related to crypto currency. Read More
Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer.
The AhnLab Security Intelligence Center (ASEC) said it has observed a spike in the distribution volume of ACR Stealer since January 2025.
A notable aspect of the stealer malware is the use of a technique called dead drop
.webp)
A sophisticated cyberespionage campaign leveraging the FatalRAT remote access trojan (RAT) is targeting industrial organizations across the Asia-Pacific (APAC) region, according to a Kaspersky ICS CERT report. The attackers, suspected to be Chinese-speaking threat actors, employ a multi-stage infection chain…
.webp)
A sophisticated ransomware attack leveraging a critical Atlassian Confluence vulnerability (CVE-2023-22527, CVSS 10.0) has been uncovered, culminating in the deployment of LockBit Black ransomware across enterprise networks within two hours of initial compromise. The attackers orchestrated a multi-stage intrusion involving…
A significant security vulnerability (CVE-2024-54961) has been identified in Nagios XI 2024R1.2.2, enabling unauthenticated attackers to retrieve sensitive user information, including usernames and email addresses. This flaw, classified as an information disclosure vulnerability (CWE-200), exposes organizational user directories to potential…
