Thursday , April 17 2025

Uncategorized

Hackers retain access to patched FortiGate VPNs using symlinks

FortiGate

Recent incidents continue to bring this into focus with active exploitations of known vulnerabilities as investigations by Fortinet have discovered a post exploitation technique used by a threat actor. During the investigation, a threat actor was observed using known vulnerabilities (e.g. FG-IR-22-398, FG-IR-23-097, FG-IR-24-015) to gain access to Fortinet devices. …

Read More »

Google patched 2 Android zero-days and 60 other flaws

Google

In its April 2025 security update, Google patched 62 vulnerabilities in Android, including two zero-days used in targeted attacks. Among the 62 fixed vulnerabilities, most are high-severity elevation of privilege flaws, and two are zero-day vulnerabilities that hackers can easily exploit. CVE-2024-43197 is a critical privilege escalation flaw in the …

Read More »

Apple Warns of 3 Zero Day Vulns Actively Exploited

3 Zero Da

Apple has issued an urgent security advisory about 3 critical zero-day vulnerabilities—CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085—that are being actively exploited in advanced attacks. Multiple Apple devices, including iPhones, iPads, and Macs, are affected by these vulnerabilities. Users should update their devices right away to reduce security risks. Significant Vulnerabilities Under Active …

Read More »

Cyberattack on Malaysian airports: PM rejected $10 million ransom

Airport

Operations at Kuala Lumpur International Airport (KLIA) were unaffected by a cyber attack in which hackers demanded US$10 million (S$13.4 million). On March 25, the National Cyber Security Agency (Nacsa) and Malaysia Airports Holdings Berhad (MAHB) announced a cyber-security threat targeting some computer systems at KLIA on March 23. “A …

Read More »

Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws

57 flaws

Microsoft’s March 2025 Patch Tuesday update fixes 57 flaws, including seven zero-day exploits, six of which are actively being exploited. Notably, CVE-2025-24983 is a critical use-after-free flaw in the Windows Win32 Kernel Subsystem linked to the “PipeMagic” backdoor. This update is essential for IT and security professionals as it addresses …

Read More »

Cisco alerts about a Webex flaw that exposes credentials

Webex

Cisco has alerted customers about a vulnerability in Webex for BroadWorks that could allow unauthorized attackers to access credentials remotely. Webex for BroadWorks combines Cisco Webex’s video conferencing and collaboration tools with the BroadWorks unified communications platform. Cisco has not assigned a CVE ID for a security issue but announced …

Read More »

NVIDIA Issues Warning of Multiple Vulnerabilities

NVIDIA

NVIDIA has released urgent security advisories for multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing platforms. A critical flaw (CVE-2024-0114, CVSS 8.1) allows unauthorized code execution, privilege escalation, and data compromise. A medium-severity vulnerability (CVE-2024-0141, CVSS 6.8) in the GPU vBIOS layer The vulnerabilities could enable denial-of-service attacks through …

Read More »

Android Phone’s Unlocked Using Cellebrite’s Zero-day Exploit

Cellebrite

Amnesty International’s Security Lab discovered a cyber-espionage campaign in Serbia, where officials used a zero-day exploit from Cellebrite to unlock a student activist’s Android phone. On December 25, 2024, an attack used flaws in Linux kernel USB drivers to bypass the lock screen on a Samsung Galaxy A32. Forensic analysis …

Read More »

DragonForce Ransomware Targets Saudi Company, 6TB Data Stolen

DragonForce ransomware targets organizations in Saudi Arabia. An attack on a major Riyadh real estate and construction firm led to the theft of more than 6TB of sensitive data. Resecurity’s new advisory reports that threat actors announced a breach on February 14, 2025, demanding ransom before releasing stolen information. The …

Read More »