InfoSecBulletin Cybersecurity for mankind
CVE-2025-24813, a critical remote code execution vulnerability, is actively exploited, enabling attackers to control vulnerable Apache Tomcat servers with a single PUT API request, reports Wallarm. The exploit, shared by a user on a Chinese forum, takes advantage of Tomcat’s default session persistence and its ability to handle partial PUT …
Read More »TimeLine Layout
March, 2025
-
17 March
B1nary_Band1ts secure first for “MIST CyberTron 2025”
MIST Cyber Security Club hosted an exciting MIST CyberTron 2025, featuring a CTF competition, hacking sessions, live demonstrations, and real-world security challenges, creating an unforgettable experience for everyone involved. Here are the winners of CTF event: CTF Champions: B1nary_Band1ts (Reefah Tasnia, Sumaiya Kabir) Â MIST_Mega_Minds (Sheikh Rafsan Jain, Tahsina Rahman Mayome) …
Read More » -
17 March
CVE-2025-24016
Critical RCE vulnerability affects Wazuh
Cybersecurity researchers unveil a critical remote code execution vulnerability (CVE-2025-24016) in Wazuh, a popular open-source SIEM platform. The vulnerability has a CVSS score of 9.9 affects Wazuh versions 4.4.0 to 4.9.0, enabling attackers with API access to run arbitrary Python code on the servers. The flaw is due to unsafe …
Read More » -
17 March
AWS SNS misused for Data Exfiltration and Phishing
A recent report from Elastic reveals that threat actors misuse Amazon Web Services (AWS) Simple Notification Service (SNS) for malicious activities like data exfiltration and phishing. The research highlights potential abuse methods and ways to detect them. AWS SNS is a web service that enables users to send and receive …
Read More » -
15 March
Researcher found non protected database form ESHYFT containig 86000 records
Cybersecurity researcher Jeremiah Fowler found and reported a non-password-protected database with over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company. ESHYFT operates in 29 states and provides a mobile app platform connecting healthcare facilities with workers like Certified Nursing Assistants (CNAs), Licensed Practical Nurses (LPNs), and Registered Nurses …
Read More » -
14 March
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
Forescout Research- Vedere Labs identified a series of intrusion based on two Fortinet vulnerabilities which began with the exploitation of FortiGate firewall appliance dubbed SuperBlack. Researchers track this between late january and early March. Fortinet disclosed two authentication bypass vulnerabilities: CVE-2024-55591 in January and CVE-2025-24472 in February. When Fortinet first …
Read More » -
13 March
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
GitLab has released versions 17.9.2, 17.8.5, and 17.7.7 for its Community and Enterprise Editions to fix security vulnerabilities, including a critical authentication bypass issue. Critical Authentication Bypass Vulnerabilities: Two critical vulnerabilities, CVE-2025-25291 and CVE-2025-25292, are found in the ruby-saml library used by GitLab for SAML single sign-on (SSO) authentication. The …
Read More » -
13 March
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
Cisco has issued a security advisory for a high-severity vulnerability in its IOS XR Software, labeled CVE-2025-20138, with a CVSS score of 8.8, which signifies a serious risk. The vulnerability in the Command Line Interface (CLI) of Cisco IOS XR Software allows an authenticated local attacker to execute arbitrary commands …
Read More » -
12 March
400+ IPs Exploiting Multiple SSRF Vulnerabilities
GreyNoise warns of a coordinated increase in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities across various platforms. “At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” the company said, adding it observed the activity on March 9, 2025. Countries …
Read More » -
12 March
NVIDIA has released update for NVIDIA Riva
NVIDIA has released a software update for Riva to fix security vulnerabilities that could allow privilege escalation, data tampering, denial of service, or information disclosure. NVIDIA Riva is a suite of GPU-accelerated microservices for multilingual speech and translation, designed for creating customizable, real-time conversational AI systems. It features automatic speech …
Read More »
