Security researchers have released a proof-of-concept exploit for CVE-2025-20029, a serious command injection vulnerability in F5’s BIG-IP application delivery controllers. The flaw has a CVSS v3.1 score of 8.8 and allows authenticated attackers to execute arbitrary system commands due to improper handling of special elements in the iControl REST API …
Read More »CVE-2025-20029
By 1 April 2025
Australia Bans Kaspersky on its govt systems and devices
On February 21, the Australian Department of Home Affairs issued a directive prohibiting the installation of Kaspersky Lab products and services on all Australian government systems and devices. The directive under the protective security policy framework (PSPF) mandates federal entities to eliminate “all instances” of Kaspersky’s products. Home Affairs secretary …
Read More »CISA Flags Craft CMS Code Injection Flaw Amid Active Attacks
CISA has added a serious security flaw in the Craft content management system (CMS) to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. The vulnerability CVE-2025-23209 (CVSS score: 8.1) affects Craft CMS versions 4 and 5. It was fixed by the maintainers in late December 2024 with …
Read More »B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
On February 19, 2025, the illegal marketplace B1ack’s Stash released over 1 million unique stolen credit and debit card details for free. This approach mirrors the strategy used by BidenCash, where criminals distribute stolen data widely to attract attention to their marketplace. On February 17, a popular deep web forum …
Read More »
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
Cisco Talos reported that Salt Typhoon, also known as FamousSparrow and GhostEmperor, has been spying on U.S. telecommunication providers using a custom tool called JumbledPath. Active since at least 2019, they have targeted government entities and telecom companies. Salt Typhoon is still targeting telecommunications providers worldwide, and according to a …
Read More »
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
A free tool is now available to scan public GitHub repositories for exposed AWS credentials. Security engineer Anmol Singh Yadav created AWS-Key-Hunter after discovering over 100 exposed AWS access keys, many with high privileges, in public repositories. He described these findings as “just waiting to be exploited” in his blog about …
Read More »Check Point Flaw Used to Deploy ShadowPad and Ransomware
An unknown threat cluster has targeted European healthcare organizations, deploying PlugX and ShadowPad. In some cases, these intrusions resulted in the use of ransomware called NailaoLocker. Orange Cyberdefense CERT’s Green Nailao campaign targeted a newly patched security flaw (CVE-2024-24919, CVSS score: 7.5) in Check Point network gateway products. The attacks …
Read More »
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
Citrix has issued security updates for a serious vulnerability in the NetScaler Console and NetScaler Agent that could allow privilege escalation in specific situations. The vulnerability, identified as CVE-2024-12284, has been given a CVSS v4 score of 8.8 out of a maximum of 10.0 It involves improper handling of user …
Read More »
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
The FBI and CISA reported on Wednesday that the ransomware group Ghost has been exploiting software and firmware vulnerabilities as recently as January. The group targets internet services with old, unpatched vulnerabilities that users could have addressed years ago. Cybersecurity researchers began alerting the public about the group in 2021. …
Read More »Hacker chains multiple vulns to attack Palo Alto Firewall
Palo Alto Networks has issued urgent warnings about threat actors to exploit vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls. Coordinated attacks can exploit flaws in authentication and privilege escalation to gain unauthorized access to unpatched devices, threatening the security of enterprise networks. CVE-2025-0108 is a serious authentication …
Read More »