Intel
VMware has released security updates addressing multiple vulnerabilities in its Aria Operations and Aria Operations for Logs products. These patches aim to prevent malicious actors from gaining administrative-level access through these flaws. Understanding the Vulnerabilities Among the most critical of the issues are two information disclosure vulnerabilities, identified as CVE-2025-22218
Researchers have identified three significant vulnerabilities in the open-source PHP package Voyager, which is used to manage Laravel applications. These flaws could allow attackers to perform remote code execution (RCE) attacks with just one malicious click. The Vulnerabilities Unveiled Despite efforts to report these issues, the vulnerabilities remain unpatched. They
Investigations into North Korea's Lazarus group's recent cyberattacks on global cryptocurrency companies and software developers have revealed a hidden administrative layer. This platform is used by the attackers to centrally control the campaign's command and control (C2) framework. Discovery of the Admin Layer Researchers
Recent security incidents highlight how the Solana Pump.fun tool, known as DogWifTool, has been compromised, leading to severe financial consequences for users. A supply chain attack was executed targeting the Windows client of this tool, resulting in significant malware distribution. Nature of the Attack The attack originates from a
A previously undiscovered vulnerability in Zyxel CPE Series devices is being actively targeted by cybercriminals, highlighting the urgent need for a patch. The security flaw, identified as CVE-2024-40891, was initially reported by VulnCheck, a firm specializing in vulnerability intelligence, last July. Despite the passage of six months, Zyxel has not
The United States Cybersecurity and Infrastructure Security Agency (CISA) has included a security flaw affecting multiple Apple products in its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, identified as CVE-2025-24085, is a significant issue that Apple has recently addressed with security updates. Details of the Vulnerability Apple released these security
A cyber threat group known as UAC-0063, linked to Russia, is actively launching espionage campaigns against Central Asia and European countries. These campaigns involve sophisticated techniques such as the use of weaponized documents and the deployment of intricate malware to extract sensitive data. Overview of the Attack Campaign Recent cybersecurity
Cybercriminals are taking advantage of outdated WordPress installations and plugins to compromise numerous websites, aiming to deceive visitors into downloading malware, according to cybersecurity researchers. Understanding the Attack This active hacking effort, identified by security firm c/side, seeks to propagate malware that can steal credentials and personal information from
New Mirai Botnet Variant Targets Vulnerable Mitel Devices A novel variant of the Mirai botnet, identified as Aquabot, has been detected exploiting weaknesses in Mitel SIP phones to facilitate distributed denial-of-service (DDoS) attacks as a service. This development, highlighted by the Akamai Security Intelligence and Response Team (SIRT) on January