AttackFeed Cybersecurity News

0

China-backed espionage group hits Ivanti customers again  – CyberScoop

Ivanti customers are confronting another string of attacks linked to an actively exploited vulnerability in the company’s VPN products. Mandiant said a nation-state backed espionage group linked to China has been exploiting the critical vulnerability, CVE-2025-22457, since mid-March. The threat group, which Google Threat Intelligence Group tracks as UNC5221, has a knack for exploiting Ivanti products and has successfully —...

0

Hitachi Energy RTU500 Series  – All CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Null Pointer Dereference, Insufficient Resource Pool, Missing Synchronization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products are affected: RTU500 series...

0

A Vulnerability in Ivanti Products Could Allow for Remote Code Execution  – Cyber Security Advisories – MS-ISAC

A Vulnerability has been discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways which could allow for remote code execution.   Ivanti Connect Secure (formerly Pulse Connect Secure) is a widely deployed SSL VPN solution that provides secure and controlled access to corporate data and applications for remote and mobile users, offering features like single sign-on, multi-factor authentication, and...

0

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution  – Cyber Security Advisories – MS-ISAC

Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.   Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client.   Successful exploitation of the most...

0

International intelligence agencies raise the alarm on fast flux  – CyberScoop

International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used by cybercriminals and state-sponsored actors to evade detection and maintain resilient command and control infrastructure. Fast flux involves rapidly changing or swapping out IP addresses linked to a particular domain. These quick changes render malicious activity nearly invisible to defensive measures. When fast...

0

International intelligence agencies raise the alarm on fast flux  – CyberScoop

International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used by cybercriminals and state-sponsored actors to evade detection and maintain resilient command and control infrastructure. Fast flux involves rapidly changing or swapping out IP addresses linked to a particular domain. These quick changes render malicious activity nearly invisible to defensive measures. When fast...

0

Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware  – The Hacker News

Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection,” Microsoft said in a report shared with The  – Read More ...

0

B&R APROL  – All CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: B&R Equipment: APROL Vulnerabilities: Inclusion of Functionality from Untrusted Control Sphere, Incomplete Filtering of Special Elements, Improper Control of Generation of Code (‘Code Injection’), Improper Handling of Insufficient Permissions or Privileges , Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function, Exposure of...

0

CISA Releases Five Industrial Control Systems Advisories  – All CISA Advisories

CISA released five Industrial Control Systems (ICS) advisories on April 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-093-01 Hitachi Energy RTU500 Series ICSA-25-093-02 Hitachi Energy TRMTracker ICSA-25-093-03 ABB ACS880 Drives Containing CODESYS RTS ICSA-25-093-04 ABB Low Voltage DC Drives and Power Controllers CODESYS RTS ICSA-25-093-05 B&R APROL CISA encourages users and...

0

ABB Low Voltage DC Drives and Power Controllers CODESYS RTS  – All CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: DCT880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCT880 memory unit incl. Power Optimizer, DCS880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCS880 memory unit incl. DEMag, DCS880 memory unit incl. DCC Vulnerabilities: Improper Input Validation, Out-of-bounds Write,...

0

Hitachi Energy TRMTracker  – All CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TRMTracker Vulnerabilities: Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’), Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’), Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2. RISK EVALUATION Successful exploitation of...

0

AutonomyAI Emerges from Stealth with $4M Pre-Seed Funding to Transform Front-End Development with Autonomous AI Agents  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News

The first-of-its-kind solution integrates with company codebases, enabling AI agents to work in-context and generate production-grade, front-end code in minutes.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

0

Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware  – The Hacker News

The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by  – Read More  –...

0

AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar  – The Hacker News

The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed. And here’s the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind. But you’re not alone—and  –...

0

NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat  – All CISA Advisories

Today, CISA—in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand’s National Cyber Security Centre (NCSC-NZ)—released joint Cybersecurity Advisory Fast Flux: A National Security Threat (PDF, 841 KB). This advisory warns organizations, internet service providers (ISPs), and cybersecurity service...

0

AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock  – The Hacker News

AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles. Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of security  – Read More  –...

0

Fast Flux: A National Security Threat  – CISA Cybersecurity Advisories

Executive summary Many networks have a gap in their defenses for detecting and blocking a malicious technique known as “fast flux.” This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection. Malicious cyber actors, including cybercriminals and nation-state actors, use fast flux to obfuscate the locations of malicious servers by rapidly changing Domain...

0

Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent  – The Hacker News

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google’s Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target’s device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by ...

0

Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices  – The Hacker News

Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. “More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia,” Kaspersky said in a report. The infections were recorded between March 13 and 27,...

0

Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation  – The Hacker News

In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). “A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025,” Europol said in a statement. “On March 11, 2025, the server, which contained around 72,000 videos at the time,...

0

Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign  – The Hacker News

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. “This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect,” Jscrambler researchers Pedro  – Read More  –...

0

Multiple Vulnerabilities in IBM AIX could allow for arbitrary code execution.  – Cyber Security Advisories – MS-ISAC

Multiple vulnerabilities have been discovered in IBM AIX, the most severe of which could allow for arbitrary code execution. IBM AIX is a secure and reliable Unix operating system designed for IBM’s Power Systems. It supports modern applications and provides strong security features, making it ideal for mission-critical business environments. Successful exploitation of these vulnerabilities could allow for arbitrary code execution...

0

Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers  – Graham Cluley

Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don’t lose your life savings in a whisky scam… All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus! Don’t miss our featured interview with...

0

Don’t cut CISA personnel, House panel leaders say, as they plan legislation giving the agency more to do  – CyberScoop

Leaders of a key House subcommittee criticized the Trump administration’s personnel cuts at the Cybersecurity and Infrastructure Security Agency on Wednesday, with its chairman saying he wants CISA to take on more responsibilities, not less — some of which figure into his legislative priorities. Rep. Andrew Garbarino, the New York Republican who chairs the House Homeland Security Subcommittee on Cybersecurity...

0

Cyber Command touts AI-driven gains in cybersecurity, network monitoring  – CyberScoop

A top Cyber Command official said the agency has been able to use generative AI tools to dramatically cut down the time spent analyzing network traffic for malicious activity. Executive Director Morgan Adamski said Wednesday that as Cybercom has worked to build AI capabilities across different missions, the agency is already seeing a return on investment for certain cybersecurity functions....

0

Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse  – The Hacker News

Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code. “The vulnerability could have allowed such an identity to abuse its Google Cloud Run revision edit permissions in order to pull private Google Artifact  – Read...

AttackFeed by Joe Wagner
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.