InfoSecBulletin Cybersecurity for mankind
On Tuesday, Apple fixed a critical zero-day vulnerability affecting nearly all supported iPhones and iPads. The company noted that it could have been exploited in a extremely sophisticated attack against targeted individuals using older iOS versions. The vulnerability, identified as CVE-2025-24201, allows attackers to break out of the Web Content …
Read More »TimeLine Layout
March, 2025
-
12 March
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Microsoft’s March 2025 Patch Tuesday update fixes 57 flaws, including seven zero-day exploits, six of which are actively being exploited. Notably, CVE-2025-24983 is a critical use-after-free flaw in the Windows Win32 Kernel Subsystem linked to the “PipeMagic” backdoor. This update is essential for IT and security professionals as it addresses …
Read More » -
11 March
Ballista Botnet infects 6000 Unpatched TP-Link Routers
Cato CRTL team said, a new botnet campaign dubbed Ballista target the unpatched TP-Link Archer routers. CVE-2023-1389 is a serious security vulnerability in TP-Link Archer AX-21 routers that could allow command injection and remote code execution. The Hacker news reported, “The botnet exploits a remote code execution (RCE) vulnerability in …
Read More » -
11 March
CVE-2025-24813
Flaw in Apache Tomcat Exposes Servers to RCE
A critical vulnerability, CVE-2025-24813, has been found in Apache Tomcat, which could let attackers execute remote code, leak sensitive data, or corrupt information. The Apache Software Foundation has released an urgent advisory, urging affected users to update right away. Apache Tomcat, a popular open-source web server and servlet container, has …
Read More » -
11 March
CISA Adds 3 Ivanti Endpoint Manager Bugs to KEV
CISA included three vulnerabilities in Ivanti Endpoint Manager—CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161—in its Known Exploited Vulnerabilities catalog. Federal agencies must address these vulnerabilities by March 31, 2025, according to CISA’s directive, although no direct ransomware connection has been established. CISA updated its KEV catalog on March 10, 2025, adding three new …
Read More » -
9 March
Ransomware Attacks Set Records in February: New Data Shows
Ransomware attacks reached a record high in February, surpassing previous months, according to a Cyble report. The Cyble report tracked the number of victims listed by ransomware groups on their Tor-based data leak sites (DLS), which are used to shame victims and threaten data release unless ransoms are paid. Although …
Read More » -
8 March
Cyber attack at Japanese telecom leader NTT hits 18,000 companies
NTT Communications Corporation discovered illegal access to its facilities on February 5 and confirmed on February 6 that some information may have been leaked. An internal investigation revealed that some corporate customer service information from Order Information Distribution System may have been leaked. However, individual customer service information was not …
Read More » -
7 March
Cyber heist: Pune losses Rs 6007 crore in cyber scam
India’s Maharashtra Deputy Chief Minister Devendra Fadnavis disclosed alarming cyber fraud figures for Pune in 2024 during the Assembly session. The city suffered losses of Rs6,007 crore across 1,504 cybercrime cases. Cyber fraud in Pune was almost five times greater than the total losses in Mumbai, Thane, and Nagpur, which …
Read More » -
7 March
Nearly 1 million airport lost and found records leaked
Cybersecurity researcher Jeremiah Fowler found that over a dozen unprotected databases from the German firm Lost and Found Software exposed 820,750 sensitive personal records about lost airport items and their owners in the U.S., Canada, and Europe. Misconfigured databases, now secured, previously exposed sensitive information such as images of lost …
Read More » -
7 March
Exploiting CVE-2024-4577, Attackers Target Japan with Cobalt Strike
Cisco Talos found that an unknown attacker has been targeting organizations in Japan since January 2025. The attacker exploited the CVE-2024-4577 vulnerability in PHP on Windows to access victims’ machines. They used the “TaoWu” plugins from the Cobalt Strike kit for further actions. A pre-configured installer script was discovered on …
Read More »
