Tuesday , April 1 2025

infosecbulletin

CVE-2025-20111
Cisco Warns Vulns in Nexus 3000 and 9000 Series Switches

Nexus

Cisco has warned of a critical vulnerability, CVE-2025-20111, in several Nexus switch models. This flaw could let attackers remotely crash the devices, leading to a denial of service (DoS). Cisco reports that a vulnerability exists due to improper handling of certain Ethernet frames. An attacker can exploit this by repeatedly …

Read More »

CVE-2025-0475 & CVE-2025-0555
GitLab’s High-Risk Flaw, Patch Now Urgently!

GitLab

GitLab has released a security advisory, urging all self-managed installations to upgrade to versions 17.9.1, 17.8.4, or 17.7.6 due to critical vulnerabilities, including serious Cross-Site Scripting (XSS) issues that may compromise user data. The Kubernetes proxy vulnerability (CVE-2025-0475) has a CVSS score of 8.7, signifying a high risk. It affects …

Read More »

Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts

Microsoft 365 accounts

A China-linked botnet is targeting Microsoft 365 accounts with widespread password spraying attacks, according to a report by SecurityScorecard. A security firm reports that a botnet with over 130,000 compromised devices is targeting Microsoft 365 accounts through non-interactive sign-ins using Basic Authentication. “Non-interactive sign-ins, commonly used for service-to-service authentication, legacy …

Read More »

HaveIBeenPwned Added 244 Million Passwords Stolen By Infostealers

Infostealer

A breach notification site has added millions of new passwords and email addresses obtained from infostealer malware. Troy Hunt, founder of HaveIBeenPwned (HIBP), added 244 million new passwords and 284 million new email accounts to the database after analyzing 1.5TB of stolen logs posted on Telegram. Hunt identified an account called …

Read More »

Hackers Exploits RCE flaw in Cisco Small Business Router

Nexus

Cybersecurity researchers have discovered a campaign exploiting a remote command execution vulnerability, CVE-2023-20118, in Cisco Small Business Routers. This vulnerability affects models RV016, RV042, RV042G, RV082, RV320, and RV325. The flaw in these devices is their web-based management interface, which has poor input validation. This allows unauthorized attackers to run …

Read More »

CISA Alerts For Active Exploited Zimbra and Microsoft flaw

CISA

CISA has added two critical vulnerabilities to its Known Exploited Vulnerabilities catalog, urging organizations to quickly patch their systems to prevent exploitation. New vulnerabilities, CVE-2023-34192 and CVE-2024-49035, affect popular platforms and pose serious risks to public and private sectors. CVE-2023-34192 is a high-severity Cross-Site Scripting (XSS) vulnerability in Zimbra Collaboration …

Read More »

200 Fake GitHub Repos Attacking Developers to Deliver Malware

200 Fake GitHub

A new cyber campaign called GitVenom poses a serious risk to developers. Security researchers found over 200 fake GitHub repositories that disguise themselves as legitimate projects to distribute information stealers and remote access trojans (RATs). For almost two years, these repositories have exploited developers’ trust in open-source platforms to access …

Read More »

CVE-2024-20953
CISA Flags Oracle Agile PLM Actively Exploited Security Flaw

Oracle Agile PLM

CVE-2024-20953 is a vulnerability in Oracle Agile PLM, a product lifecycle management tool. With a CVSS score of 8.8, it allows low-privileged attackers with HTTP network access to exploit systems running version 9.3.6. This could result in complete system takeover, risking sensitive supply chain data and business operations. The vulnerability …

Read More »