cybersecurity threat – Threat Note

From Security Week – Critical Vulnerability Found in Canon Printer Drivers

[[{"value":"Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers. The post Critical Vulnerability Found in Canon Printer Drivers appeared first on SecurityWeek."}]] Read More

shaikh Saqib April 1, 2025

News

From The Hacker News – Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign

Cybersecurity researchers are warning of a spike in suspicious login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect gateways, with nearly 24,000 unique IP addresses attempting to access these portals. "This pattern suggests a coordinated effort to probe network defenses and identify exposed or vulnerable systems, potentially as a precursor to targeted exploitation," threat

shaikh Saqib April 1, 2025

Vulnerabilities

From Cybersecurity Help – Russian Gamaredon APT targeting Ukraine with malicious LNK files in new Remcos campaign

The malicious LNK files are disguised as legitimate files, with filenames using Russian terms related to military movements in Ukraine. Read More

Samir K March 31, 2025

Vulnerabilities

From Cybersecurity Help – New RESURGE malware targets Ivanti Connect Secure devices

RESURGE has capabilities similar to the SPAWNCHIMERA malware variant, albeit with several differences. Read More

Samir K March 31, 2025

News

From Cyber Security News – Hackers Employ New ClickFix Captcha Technique to Deliver Ransomware

A sophisticated social engineering technique known as ClickFix has emerged, leveraging fake CAPTCHA verification processes to deceive users into executing malicious commands. This method exploits the trust users have in…

shaikh Saqib March 30, 2025

News

From Dark Reading – Malaysia PM Refuses to Pay $10M Ransomware Demand

The attack hit the Kuala Lumpur airport over the weekend, and it remains unclear who the threat actors are and what kind of information they may have stolen. Read More

shaikh Saqib March 28, 2025

Vulnerabilities

From Cybersecurity Help – New credential stuffing service Atlantis AIO targets over 140 online platforms

The service offers pre-configured modules that specifically target major online platforms. Read More

Samir K March 27, 2025

News

From The Hacker News – Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks

A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions. The vulnerability, tracked as CVE-2025-29927, carries a CVSS score of 9.1 out of 10.0. "Next.js uses an internal header x-middleware-subrequest to prevent recursive requests from triggering infinite loops," Next.js said in an

shaikh Saqib March 24, 2025

News

From The Hacker News – New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking

A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity. "A local or remote attacker can exploit the vulnerability by accessing the

shaikh Saqib March 18, 2025

Articles

From Schneier on Security – TP-Link Router Botnet

There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can…

Samir K March 14, 2025

Vulnerabilities

From Cybersecurity Help – New North Korea-linked Android spyware KoSpy targets Korean and English-speaking users

KoSpy is distributed through fake utility applications, which masquerade as helpful tools. Read More

shaikh Saqib March 13, 2025

Vulnerabilities

From Cybersecurity Help – Apple rolls out security patches to fix to exploited zero-day vulnerability in WebKit

The vulnerability could be exploited by attackers to break out of WebKit's Web Content sandbox by using maliciously crafted web content. Read More

shaikh Saqib March 12, 2025

News

From Cyber Security News – 41,500+ VMware ESXi Instances Vulnerable to Code Execution Attacks

Shadowserver observed that 41,500+ internet-exposed VMware ESXi hypervisors as of March 4, 2025, are vulnerable to CVE-2025-22224, a critical zero-day vulnerability actively exploited in attacks. Broadcom patched the vulnerability in…

shaikh Saqib March 6, 2025

Vulnerabilities

From Cybersecurity Help – North Korean IT workers creating fake personas on GitHub to secure remote jobs

Many of the fake personas are crafted with reused GitHub accounts and portfolio content. Read More

shaikh Saqib March 5, 2025

News

From Security Week – North Korean Fake IT Workers Pose as Blockchain Developers on GitHub

[[{"value":"North Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms. The post North Korean Fake IT Workers Pose as Blockchain…

shaikh Saqib March 5, 2025