Thursday , April 24 2025

infosecbulletin

Exploiting CVE-2024-4577, Attackers Target Japan with Cobalt Strike

CVE-2024-4577

Cisco Talos found that an unknown attacker has been targeting organizations in Japan since January 2025. The attacker exploited the CVE-2024-4577 vulnerability in PHP on Windows to access victims’ machines. They used the “TaoWu” plugins from the Cobalt Strike kit for further actions. A pre-configured installer script was discovered on …

Read More »

Sleeping Beauty
Researchers Bypassed CrowdStrike Falcon Sensor partially

Falcon Sensor

SEC Consult researchers found a vulnerability in CrowdStrike’s Falcon Sensor, enabling attackers to evade detection and run malicious applications. The dubbed “Sleeping Beauty” vulnerability was reported to CrowdStrike in late 2023 but was dismissed as just a “detection gap.” The technique involved suspending the EDR processes instead of stopping them, …

Read More »

CVE-2025-22224
41,500+ VMware ESXi Instances Vulnerable to Attacks

VMware ESXi

As of March 4, 2025, Shadowserver found that over 41,500 internet-exposed VMware ESXi hypervisors are vulnerable to the actively exploited CVE-2025-22224. 41,500 unpatched ESXi instances represent a major part of global virtualization, especially in healthcare, finance, and telecommunications. Broadcom released an emergency update to fix a vulnerability that allows attackers …

Read More »

Cisco alerts about a Webex flaw that exposes credentials

Webex

Cisco has alerted customers about a vulnerability in Webex for BroadWorks that could allow unauthorized attackers to access credentials remotely. Webex for BroadWorks combines Cisco Webex’s video conferencing and collaboration tools with the BroadWorks unified communications platform. Cisco has not assigned a CVE ID for a security issue but announced …

Read More »

NVIDIA Issues Warning of Multiple Vulnerabilities

NVIDIA

NVIDIA has released urgent security advisories for multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing platforms. A critical flaw (CVE-2024-0114, CVSS 8.1) allows unauthorized code execution, privilege escalation, and data compromise. A medium-severity vulnerability (CVE-2024-0141, CVSS 6.8) in the GPU vBIOS layer The vulnerabilities could enable denial-of-service attacks through …

Read More »

Update Now
Chrome 134 Released, Fixes 14 Vulnerabilities

Chrome 134

Google has released Chrome 134 for the stable channel on Windows, macOS, and Linux, effectively addressing 14 security vulnerabilities. Among these are several high-severity flaws that could potentially allow remote code execution or lead to crashes. The update version 134.0.6998.35 for Linux, 134.0.6998.35/36 for Windows, and 134.0.6998.44/45 for macOS includes …

Read More »

Broadcom Patches 3 VMware Zero-Days Exploited In Attacks

Broadcom

Broadcom issued a security alert on Tuesday, warning VMware customers about 3 exploited zero-day vulnerabilities. Vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 affect VMware ESXi, Workstation, and Fusion. Patches have been released for all affected products, but no workarounds are available. CVE-2025-22224 is a critical VMCI heap overflow vulnerability in VMware ESXi …

Read More »

Singapore issues new guidelines for data center and cloud services

Singapore

The Infocomm Media Development Authority (IMDA of Singapore unveils advisory guidelines to reduce occurrences of disruptions to cloud services and data centers. These guidelines will help cloud service providers and data centres to improve their security and ensure continuity by assessing risks and planning for incidents. GUIDELINES FOR CLOUD SERVICES …

Read More »

Update Alert!
Google Warns of Critical Android Vulns Under Attack

Android

Google’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities—CVE-2024-43093 and CVE-2024-50302—currently under limited, targeted exploitation. These flaws affect Android versions 12 to 15, posing increasing risks for billions of devices. The bulletin requires the immediate installation of the 2025-03-05 security patch to address remote code execution and privilege …

Read More »