Ivanti customers are confronting another string of attacks linked to an actively exploited vulnerability in the company’s VPN products. Mandiant said a nation-state backed espionage group linked to China has been exploiting the critical vulnerability, CVE-2025-22457, since mid-March. The threat group, which Google Threat Intelligence Group tracks as UNC5221, has a knack for exploiting Ivanti products and has successfully —...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Null Pointer Dereference, Insufficient Resource Pool, Missing Synchronization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products are affected: RTU500 series...
A Vulnerability has been discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways which could allow for remote code execution. Ivanti Connect Secure (formerly Pulse Connect Secure) is a widely deployed SSL VPN solution that provides secure and controlled access to corporate data and applications for remote and mobile users, offering features like single sign-on, multi-factor authentication, and...
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client. Successful exploitation of the most...
This article has been updated with a statement from a Twilio spokesperson in response to Hackread.com’s request. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used by cybercriminals and state-sponsored actors to evade detection and maintain resilient command and control infrastructure. Fast flux involves rapidly changing or swapping out IP addresses linked to a particular domain. These quick changes render malicious activity nearly invisible to defensive measures. When fast...
International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used by cybercriminals and state-sponsored actors to evade detection and maintain resilient command and control infrastructure. Fast flux involves rapidly changing or swapping out IP addresses linked to a particular domain. These quick changes render malicious activity nearly invisible to defensive measures. When fast...
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection,” Microsoft said in a report shared with The – Read More ...
Cybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: B&R Equipment: APROL Vulnerabilities: Inclusion of Functionality from Untrusted Control Sphere, Incomplete Filtering of Special Elements, Improper Control of Generation of Code (‘Code Injection’), Improper Handling of Insufficient Permissions or Privileges , Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function, Exposure of...
CISA released five Industrial Control Systems (ICS) advisories on April 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-093-01 Hitachi Energy RTU500 Series ICSA-25-093-02 Hitachi Energy TRMTracker ICSA-25-093-03 ABB ACS880 Drives Containing CODESYS RTS ICSA-25-093-04 ABB Low Voltage DC Drives and Power Controllers CODESYS RTS ICSA-25-093-05 B&R APROL CISA encourages users and...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: DCT880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCT880 memory unit incl. Power Optimizer, DCS880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCS880 memory unit incl. DEMag, DCS880 memory unit incl. DCC Vulnerabilities: Improper Input Validation, Out-of-bounds Write,...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TRMTracker Vulnerabilities: Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’), Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’), Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2. RISK EVALUATION Successful exploitation of...
An international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users – Read More –
HellCat – the ransomware gang that has been known to demand payment… in baguettes! Are they rolling in the dough? Bread it and weep in my article on the Tripwire State of Security blog. – Read More – Graham Cluley
A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process – Read More –
The first-of-its-kind solution integrates with company codebases, enabling AI agents to work in-context and generate production-grade, front-end code in minutes. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Jacksonville, United States, 3rd April 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Artificial Intelligence (AI) is reshaping the cybersecurity landscape, enabling organizations to detect threats faster, automate responses, and enhance overall… The post AI Governance in Cybersecurity: Balancing Innovation and Risk appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by – Read More –...
The cybercriminal uses the service of Proton66, an infamous Russian-based bulletproof hosting provider, to deploy malware – Read More –
Cybersecurity researcher Jeremiah Fowler uncovers a massive 47.8GB database with disturbing AI-generated content belonging to GenNomis. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed. And here’s the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind. But you’re not alone—and –...
Today, CISA—in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand’s National Cyber Security Centre (NCSC-NZ)—released joint Cybersecurity Advisory Fast Flux: A National Security Threat (PDF, 841 KB). This advisory warns organizations, internet service providers (ISPs), and cybersecurity service...
AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles. Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of security – Read More –...
Executive summary Many networks have a gap in their defenses for detecting and blocking a malicious technique known as “fast flux.” This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection. Malicious cyber actors, including cybercriminals and nation-state actors, use fast flux to obfuscate the locations of malicious servers by rapidly changing Domain...
Highline Public Schools revealed that sensitive personal, financial and medical data was accessed by ransomware attackers during the September 2024 incident – Read More –
Semperis claims 62% of water and electricity providers were hit by cyber-attacks in the past year – Read More –
BforeAI researchers discover 596 suspicious Bybit-themed domains designed to defraud visitors – Read More –
Cybersecurity researchers have disclosed details of a new vulnerability impacting Google’s Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target’s device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by ...
Why it’s essential to secure your APIs to build trust with your customers and partners. – Read More – NCSC Feed
Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. “More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia,” Kaspersky said in a report. The infections were recorded between March 13 and 27,...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-04-01-2025-1 watchOS 11.4 watchOS 11.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122376. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirDrop Available for: Apple Watch Series 6 and later Impact: An app may be...
In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). “A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025,” Europol said in a statement. “On March 11, 2025, the server, which contained around 72,000 videos at the time,...
Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. “This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect,” Jscrambler researchers Pedro – Read More –...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5 macOS Ventura 13.7.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122375. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AccountPolicy Available for: macOS Ventura Impact: A malicious app may be able...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-10 tvOS 18.4 tvOS 18.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122377. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirDrop Available for: Apple TV HD and Apple TV 4K (all models) Impact: An...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-11 visionOS 2.4 visionOS 2.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122378. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accounts Available for: Apple Vision Pro Impact: Sensitive keychain data may be accessible from...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4 iOS 15.8.4 and iPadOS 15.8.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122345. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: iPhone 6s (all models), iPhone...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-7 macOS Sequoia 15.4 macOS Sequoia 15.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122373. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: macOS Sequoia Impact: An app may be able to...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5 macOS Sonoma 14.7.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122374. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AccountPolicy Available for: macOS Sonoma Impact: A malicious app may be able...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4 iOS 18.4 and iPadOS 18.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122371. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: iPhone XS and later, iPad...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-4 iPadOS 17.7.6 iPadOS 17.7.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/122372. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accounts Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11 iOS 16.7.11 and iPadOS 16.7.11 addresses the following issues. Information about the security content is also available at https://support.apple.com/122346. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: iPhone 8, iPhone 8 Plus,...
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-2 Xcode 16.3 Xcode 16.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122380. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. IDE Assets Available for: macOS Sequoia 15.2 and later Impact: A malicious app may...
Multiple vulnerabilities have been discovered in IBM AIX, the most severe of which could allow for arbitrary code execution. IBM AIX is a secure and reliable Unix operating system designed for IBM’s Power Systems. It supports modern applications and provides strong security features, making it ideal for mission-critical business environments. Successful exploitation of these vulnerabilities could allow for arbitrary code execution...
Posted by Pierre Kim on Apr 02 ## Advisory Information Title: 10 vulnerabilities in Brocade Fibre Channel switches Advisory URL: https://pierrekim.github.io/advisories/2025-brocade-switches.txt Blog URL: https://pierrekim.github.io/blog/2025-03-31-brocade-switches-10-vulnerabilities.html Date published: 2025-03-31 Vendors contacted: Brocade Release mode: Released CVE: CVE-2021-27797, CVE-2022-33186, CVE-2023-3454, CVE-2024-5460, CVE-2024-5461, CVE-2024-7516 ## Product… – Read More – Full Disclosure
Posted by Pierre Kim on Apr 02 ## Advisory Information Title: 3 vulnerabilities in Palo Alto Deep Packet Inspection mechanism Advisory URL: https://pierrekim.github.io/advisories/2025-palo-alto-dpi.txt Blog URL: https://pierrekim.github.io/blog/2025-03-31-paloalto-dpi-3-vulnerabilities.html Date published: 2025-03-31 Vendors contacted: Palo Alto Release mode: Released CVE: None ## Product description ## Vulnerabilities Summary Vulnerable versions: all versions of Palo Alto… – Read More – Full Disclosure
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-1 Safari 18.4 Safari 18.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122379. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Authentication Services Available for: macOS Ventura and macOS Sonoma Impact: A malicious website may...
The Growing Threat of Digital Identity Theft Identity theft is a continuous online threat that lurks behind every… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
